smiles.iclou.com.br Open in urlscan Pro
5.161.90.154 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://smailes.com.br/
Effective URL:
http://smiles.iclou.com.br/
Submission Tags: falconsandbox
Submission: On September 18 via api (September 18th 2022, 7:54:30 pm UTC) from US — Scanned from DE

Summary HTTP 248 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 27 domains to perform 248 HTTP transactions. The main IP is 5.161.90.154, located in United States and belongs to HETZNER-CLOUD2-AS, DE. The main domain is smiles.iclou.com.br.

This is the only time smiles.iclou.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	5.161.90.154 5.161.90.154	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1	13.58.124.244 13.58.124.244	16509 (AMAZON-02) (AMAZON-02)
30	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700:303... 2606:4700:3030::ac43:9016	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2 10	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2 40	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
5 19	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 5	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
22	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2 2	35.157.16.92 35.157.16.92	16509 (AMAZON-02) (AMAZON-02)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311	16509 (AMAZON-02) (AMAZON-02)
1 2	34.247.139.125 34.247.139.125	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	2.21.185.44 2.21.185.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	104.96.159.57 104.96.159.57	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:21f... 2600:9000:21f3:f800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:1f13:800... 2600:1f13:800:7781:bcb5:4dc8:dc7c:df74	16509 (AMAZON-02) (AMAZON-02)
248	37

6 5.161.90.154 (United States) 1 redirects

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.154.90.161.5.clients.your-server.de

smailes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smiles.iclou.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.58.124.244 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-124-244.us-east-2.compute.amazonaws.com

contatonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3030::ac43:9016 (United States)

ASN13335 (CLOUDFLARENET, US)

redirecionador.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.19.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.82 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.16.92 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-16-92.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.139.125 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-139-125.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.185.44 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-185-44.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.159.57 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-57.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:f800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f13:800:7781:bcb5:4dc8:dc7c:df74 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	707 KB
45	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307	231 KB
37	gstatic.com fonts.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com www.gstatic.com	993 KB
22	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	213 KB
17	google.com 2 redirects cse.google.com — Cisco Umbrella Rank: 2467 adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 384	203 KB
9	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438	8 KB
8	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 774 static.adsafeprotected.com — Cisco Umbrella Rank: 575 dt.adsafeprotected.com — Cisco Umbrella Rank: 527	94 KB
8	redirecionador.info redirecionador.info	461 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 359	120 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	262 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	5 KB
5	iclou.com.br smiles.iclou.com.br	61 KB
4	openx.net rtb.openx.net — Cisco Umbrella Rank: 1505 us-u.openx.net — Cisco Umbrella Rank: 396	904 B
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	4 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 9081	1 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 335	1 KB
3	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 648	248 B
3	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1020	1005 B
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 392	49 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1728	1 KB
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 561	140 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1077	344 B
2	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1423	591 B
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 638	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	647 B
1	contatonline.com contatonline.com	367 B
1	smailes.com.br 1 redirects smailes.com.br	236 B
248	27

	Domain	Requested by
40	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com smiles.iclou.com.br s0.2mdn.net pagead2.googlesyndication.com
30	pagead2.googlesyndication.com	smiles.iclou.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com s0.2mdn.net
22	s0.2mdn.net	googleads.g.doubleclick.net contatonline.com s0.2mdn.net
22	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net contatonline.com
19	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net smiles.iclou.com.br
10	www.google.com	2 redirects cse.google.com smiles.iclou.com.br googleads.g.doubleclick.net tpc.googlesyndication.com
10	fonts.gstatic.com	fonts.googleapis.com
8	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net smiles.iclou.com.br
8	redirecionador.info	smiles.iclou.com.br redirecionador.info
7	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net smiles.iclou.com.br tpc.googlesyndication.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net smiles.iclou.com.br tpc.googlesyndication.com
6	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	smiles.iclou.com.br googleads.g.doubleclick.net tpc.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	smiles.iclou.com.br	smiles.iclou.com.br
4	dt.adsafeprotected.com	googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net contatonline.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net smiles.iclou.com.br tpc.googlesyndication.com
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.de	pagead2.googlesyndication.com
3	pixel.rubiconproject.com	3 redirects
3	image6.pubmatic.com	googleads.g.doubleclick.net
3	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
3	cdn.jsdelivr.net	smiles.iclou.com.br
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects contatonline.com
2	ag.innovid.com	googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	d.agkn.com	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	cse.google.com	smiles.iclou.com.br www.google.com
1	clients1.google.com	smiles.iclou.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	contatonline.com
1	smailes.com.br	1 redirects
248	42

This site contains links to these domains. Also see Links.

Domain
smiles
livelo.diretoriodeartigos.net
www.azullinhasaereas.com.br
petrobraspremia.passagensmilhas.com.br
latamcargo.passagensmilhas.com.br
www.voejet.com.br

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh

This page contains 28 frames:

Primary Page: http://smiles.iclou.com.br/
Frame ID: A08EBCB78DD0C841B6BE2B307ADE70BF
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Frame ID: 3EFEF79791A9499666036265A6526B12
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&adk=1812271804&adf=3025194257&lmt=1663530864&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1663530863970&bpp=3&bdt=181&idt=319&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8337573679129&frm=20&pv=2&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=342
Frame ID: 263BF649E370D9A2323CD9A0C5566A29
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530864&rafmt=1&psa=0&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530864373&bpp=3&bdt=584&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=vBieZrGYH3&p=http%3A//smiles.iclou.com.br&dtd=8
Frame ID: 7D656B49E239C1E9064302BE2C217622
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1663530864&psa=0&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530864373&bpp=1&bdt=585&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=QrCe8PEC4z&p=http%3A//smiles.iclou.com.br&dtd=14
Frame ID: 422FF68A976EA9F01ACB78A2982D49A1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530865&rafmt=1&psa=0&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530865067&bpp=2&bdt=1278&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rrIcTwXTYQ&p=http%3A//smiles.iclou.com.br&dtd=15
Frame ID: 901004793CCC4A70A980299480135D0A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9AD3B807B53AA3928D0F1141046D2EC4
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html
Frame ID: 9EE7FB3A1CD37D9F84E36BE2A696310C
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FA60AB56554DD9C470D67CA7DFA625C6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8
Frame ID: 449DD4B10BEB8E4F6D4DE7C6344B4D16
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12
Frame ID: 4C57BB1E88A1900CDEB6DB3A4FD480B2
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html
Frame ID: C5D242B77E12AC02F182E69B5AA0CF5D
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DE22380453657B673083ACCA3EAFAB58
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6
Frame ID: C4DE84E18F4AB18549F0BD01DBB3C446
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiGrqfSATAB&v=APEucNWsLQ7HItJdymsjFE4S53w3hiC1e6rwOj5xZRVg3ZbDOycvQ_Jb61bqDyzRjpxfOBPNpDc8k6gPdOC4izw5d47QWNjD3ba_sy9bqfF7_cb7IwZOV1wyTQZIiv8ByUQBQsyYr6i5r3iXBGQi3uA_AMrX9F838BDnk9hvV9J-yRfmIc83Hk0
Frame ID: 969006A1841B7910A46744766675CB7B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYwdOZyAEwAQ&v=APEucNXR4-nMylPAkePMo2GSgyLB5JRZHLYHue5rvgXtrZ9X_snZDyBr076Cbtq-ni_lb4ptl-im_0xhbue12Vs5mukkDDdIsQUNXpt6CGHxhSBotkUkxBKvZlqxGmNyzKh95fGz-Fp0xgRwdrMzI7BEInZhwjmXyoxaNKeAWaq75rpX8Ik7k7M
Frame ID: 5E02C34BF9A2EF6260BF3C1B99B5DA97
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B00xSs3zobhpvwWG5-mEsgVbdoVgffpfJJS_ekTZazUB03VFwQSWlEXXMRePdsuiAVfmiy4wlS78GjqvwvDJx0YG-jbuejuxLK-M83R7gSZMYz9_jbuDpykauaEyl8A8Uye-glo31ZTxJF0WQCxRTXEX4n-g&dbm_d=AKAmf-DkIAzBaTYYReXfwKo6OsOrLBHMaG20OAzqvPsxx6WD_A1bGEH-DQUFRcngbUVZubhmqeTLbdwqR9CFFjuhoJvq-GaApLAZArCkqblcshTf8LefaT_Opq2eFEOY0zOpWd0HogL4VxhxYf0s82GcMxIbEbU7LJY-Juf54jURFLnprapaX-EMALNZ8iuThsKX0p0NNdwQvgnqloRICiaRGGw_rPDlURoM0Y6VdWs1J3tmAqMWjGrDvl9T9rwj1F-kV-pYRNBSxzWM0Eum2ABHYz4EgDyvn16GqDMz7xBCMbh8L_ZFz0xfKIwBgLKG9aXfcd7DNkcu3nBah0MriYIBFvXZ60X1DSlQxs_tnZZa6hlLKnSDvSxR47sAYiBd0Kx9VsA__9Y0tpgIZ1ykV9h8YewOo85Wk5YSkpOND7IUeiY0LXSb8xb4054Pb5Yej3qwk8R5O_9XeRd6wCqmVy3RSjJ9S9uX_B5E0HYhUiZe8lMTiBFBthUKhyE9MSZL8upULdUi5Ei1ORBGBYSaDkv4cmZFthAun8UPpyT_IYZa6fZPBuSz51k6P51XXWjjBR3tv68RBKPbrvZ_x3lqKhtDSCvI829CLqgLw_GYStINhESGSnNfGMbdYf4jrlusou0mtmYQBG7OLNpxgBrjwk5A6bOq-RRm3kjZP0OtRe4btefbZzXld5HOS2HbIt-J96FRIltOJbHHmRzLKuhmFLioTXxKFl-YpPGus0QHpQlVAcoNlOnnAurHpy19Egznt0TVD39E7QZOmWCO12gTriQHHQEJyP4KorsF3hafNCZ7RD-rD0cmcVcGJ1nBAJCOR-cgLSPNx5e3aGlua7tnY5zEFtBMEKbVhalEBKE3Yba3sizeWaV-7pqY2qoIFHX93ciAGfR-cXxc2-xZ-3zLcDQsdtPU-G5TyjLqXtptmCNnJX4axq3YAGrbzE6HQ4kf9FkjvNWs1Ombn4pLllAGqv-V3lcCZpLtdp-w-9_NdOKr-rsaVW0Bwik27hK0mH4wkoFS7QrTS7GGpCviWg-rbNEexgpg0B9jBiBXElZtk1GGEOzlOD5a_NSnfJwEmUKpg-6BP7ncdOStv-TDMDwGfqC8HtlAd0osU_F2zURSwKRMYVJV58nWFMKrJAqvg65YDMry13Y7vF68FBN8JrCWOj9w2ujxjrBA-KTYho_7jt1-tZ1VvfofBbZ0QzPM9z4YdYJscBculemG5z4aouwJgUWClJK1xmZZBk1EakkWeuOKZIZcTace0mZy5hi5D8B91t_i_qKIJ7ohh2zmWAZWwYe7C1XPBlUjGv6EyMWhdButhgQ7h4CRy0QXA4JrbqBKgiGtWcJ5KnaGwg1icdnBPNYNPnra-IOgyCAJFPgdyEDBtdsZIFknrUDYyHOvCW_E31oHzrq1qxOCnUDVrm-Qfw8t9iurm0AAj_y_UUzIh8zuLrH7ph53NhcPQctLXOk0QICMBxX0aMHx7c9TswGi73cZ1rRs95aiHEj2zXr6_z6Lh8CRfmOymlFZpoJL_xcynCaYL7gGmGwpacljKXMADezA3jBU1ortCTw7zE5xqxpNBftSW0e90BtmHf1oHjlvu6rB1Gj9atulIjbXnPpJhCIGGwfxzrQDtk33LDy3ESPI0wwBSLY0Z2maW9Q7HBO-fF0m_yRcULLNYbnX7hna4R4jF83kNeMmygWOsTZHh2VfGjA2ptGJoInFaEFN6ewozmKY8wPpl9T7Ve0wiMJlPQAYpn69Mh7cyBl-BevY5n-DlTAnANOK-SUOOLXGPNBIi13gLQ57G3IaiXRKpwq-z6SlbZPK-LKwwQ80ua3XyPRM_-M7kakJi_IP4mhfgjAtw9x3i5qrkRn32pUVX5nqPSrANRfVbZlyUel8Y3B-AJVjehiFkuJmyBeA9g8rxpBswpqHFlgjruyfdXsAJ0gBUnru2UAAC2VsromhGHqO1_j7oKNY3LCZLZxXmXf2LASwMn1Rh6_Ps1a2yYF_edD0G6rydryNDZhBtWemGyB4uAb7uUr-igbf9NKU0NPMg5y4m2pLZ3KV7vSWry47OEsUoF-b8BLkURyTrpVpywA5f8DqgEd4p5LE3sCBYfP3vQpekI6uCLCVgiKolqPHa5NDcOndHU7erEqWEhhHawGWtayu_TXdfHz_KfOgojkjVyCQ5DyEJNelcbFbrXS2aiDO1xxKaI7pVhGGFUKiGtZkNVRb7aOpLz01l8z70O90YljVBeOhhJtBqWn886Y7kJejAaMBKuz18a5Pap-nGvhLNecdeeUiQok3YVhv4S8iCmf4sN8-DzHgoO3HYb2Je-g9wXrxetO2nPo90zVKEoKcdiCZpOo9UTpTqkVhsH0_46LUB0gunh6sTRyyGV-EF0Qc3Z70tF3KbA_hrL-UE0651mh6OHt7F0vn1VHOlDrJ0mP20kbmnHykwNC418MOAdrbZPXi49-B-UrLEiG8WiEmLETvZANEt9UJDBzhkerDtW2QEHpMRNcJNo-J69nB-3Kq8QuEC0hsKeA4N1QtMAn-X9QDM2qukhKMZskWXgxhCgdDsVlNumgRLR_snYhWQA9H1yCJczIbCfX49uieZQK6fnGldnCT_aij4xw4WkhmXBHqkoYJVmQ5l4KgisrxSRkcVRsgTyDqNolFxkLYhi3jQdH9Nv_E_fISvZPtSVkdLxHeFpdbb_zi7Q_hDpAv34UjlsD662IKVtODf0aOttUvk9jcw_QPs-eCoktF-0ECUJW6-FB7kxFFBH25pT9nrW5s7MD2RsBROcmrztLsnSxdOjMDEunTqYjIwf53KIR_PuDHYbawCQqumbyA0DfOZ7UCkYVgPQUiSH5J1LfSzqeQlihf1ZLmx_kS0ybOGfFklBwkW7RmVDntyZh2f3tBtSvBT2lzGMZ4ASD-EIlZR3IkAJq2Mi1TSi-FaVZwOUJAuESEY0vGl_S_3HKWLtMQoB_g1In5feqa9DSTAtasqEevmBp4TA4oeNL0DMSR4ckwvk_tz4zCjy2BDh2RizAMZp-Oz6l5Iq_TIfZQ12c1ozkb43qk3mbj4hSLoTnu0y3igXyYi71DRS7_pyRiagpbmI0280ahFvJ0PPALWrP0fW_ZeFxX2kBjcH_7W_psVZNe31KJHBLZCtgH9BKIteHTd4SJ7Cstzys0Qcxrsu-MpVRjq1MzYKHgdVlsFtnRxKmdhZjhcKc_mwRy--Z9GMl5EdY9GAbknf6YvhpTykxEwcen4nRE8wnVfjh0Z-EdbD_BBesUITd4rwCrPuvKmwv9Eoz_LiOQrp6sZLl8IB8qYwNwquxco3xEw57sQrp7lAw3UWJtCfbUW_X1OhzA&cid=CAASJORo0fqHVWSIiD3yC3UUy1Xbaini8jv2fKjrotkOdaeU6NziFSAN&rfl=2%2Chttp%253A%252F%252Fsmiles.iclou.com.br%252F%240
Frame ID: F00152F4299641955EC01A21E8D75C33
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C00684251BD8FE7079A1AE849A03DC70
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DF5422B0F7532F425570948F7911E6DB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0EF93E52EA66FEF56F187BB7CFF66178
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C8FC23DD40707B4214677176FFCAED61
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 338F94D7908E012213FE3E69EC17BCE0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
Frame ID: 2630E2F30FAA29FED8286FAE7F18D3E7
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
Frame ID: 0221FDFCA3571DA3C694040A6EDB04BD
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: AC710856212B693DED4AA62CBCFD1813
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
Frame ID: 9B028D53921597C76598A5D2C156A238
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E9555742A81582951680B17FE7ABF144
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FE7544CD9263CA762C24E9DFB46C430
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SMILESpesquisar

Page URL History Show full URLs

http://smailes.com.br/ HTTP 302
http://contatonline.com/?q0zuHW4 Page URL
http://smiles.iclou.com.br/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

248
Requests

85 %
HTTPS

60 %
IPv6

27
Domains

42
Subdomains

37
IPs

6
Countries

3406 kB
Transfer

6890 kB
Size

23
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://smiles/
Title: Início

Search URL Search Domain Scan URL

URL: http://livelo.diretoriodeartigos.net/
Title: Minhas compras com dinheiro de plástico funcionaram Como troquei pontos em produtos e serviços

Search URL Search Domain Scan URL

URL: http://www.azullinhasaereas.com.br/
Title: Passagem aérea barata é arriscado? Estratégia de viajar barato pode eliminar sua mala

Search URL Search Domain Scan URL

URL: http://petrobraspremia.passagensmilhas.com.br/
Title: Após comprar gasolina, motorista ganhou passagem aérea Só coloquei gasolina no meu posto favorito

Search URL Search Domain Scan URL

URL: http://latamcargo.passagensmilhas.com.br/
Title: O que fazer quando sua encomenda não pode demorar? Descubra esse transporte que evita as rodovias principais

Search URL Search Domain Scan URL

URL: http://www.voejet.com.br/passagens-aereas/baratas?utm_source=plasma&utm_medium=banner&utm_campaign=pacotenew
Title: Passagens Aéreas Relâmpago com preço de passagem de ônibus Preços imperdíveis de passagens áreas para todo o Brasil. - CONSULTE DESTINO

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://smailes.com.br/ HTTP 302
http://contatonline.com/?q0zuHW4 Page URL
http://smiles.iclou.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://smailes.com.br/ HTTP 302
http://contatonline.com/?q0zuHW4

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 90

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODA6_61ORCAARiAATII578w6sMa7TQ HTTP 301
https://tpc.googlesyndication.com/simgad/12277782186329756556

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENvY7KMZh2ODxszrNfPlPsw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENvY7KMZh2ODxszrNfPlPsw&google_cver=1&C=1

Request Chain 136

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yyd3c5gsDjXXBOFgYrA-sQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENvY7KMZh2ODxszrNfPlPsw&google_cver=1

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFCIp7sUKCgMc4VNd3INu6s&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFCIp7sUKCgMc4VNd3INu6s%26google_cver%3D1

Request Chain 138

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYzMzcyOTEzMzA3NTAyMTM5MQ%3D%3D

Request Chain 155

https://d.agkn.com/pixel/2175/?google_gid=CAESEPEgoJFETPjFaIX2NGyZ94c&google_cver=1&google_push=AZmPxg8qWHOgPtPKDhB5PGB3qUsFlHB6J9DkEenv6HYHZntV-77LqLwi5x07sa8O_QrzecIA7ZdIpyyIWNMdteELU6vSYxdgpwXN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8qWHOgPtPKDhB5PGB3qUsFlHB6J9DkEenv6HYHZntV-77LqLwi5x07sa8O_QrzecIA7ZdIpyyIWNMdteELU6vSYxdgpwXN&google_hm=Q0FFU0VQRWdvSkZFVFBqRmFJWDJOR3laOTRj

Request Chain 158

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC70bdQ8_U_YYxAOp6Kgl4Y&google_cver=1&google_push=AZmPxg-L-rxoICW1OyyjxG9xftPvs3FlVOf7OHRaM28mSxc4oX5qcymHuQ1SVGyOdrKj42-3UIzIY98mQjz2kIOHWALndHB5o429 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg3UkJTMjAtMVctOVZK&google_push=AZmPxg-L-rxoICW1OyyjxG9xftPvs3FlVOf7OHRaM28mSxc4oX5qcymHuQ1SVGyOdrKj42-3UIzIY98mQjz2kIOHWALndHB5o429

Request Chain 159

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_cver=1&google_push=AZmPxg8Je02ZMB47y8WLtzEYmQoY0jcgSH2Hi8xRzEHFRpJHquz0iNJfzrv9Zj5BJqCJTWfd2aBLIs20Wv8zK0DcGXG9-g70oOs HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_push=AZmPxg8Je02ZMB47y8WLtzEYmQoY0jcgSH2Hi8xRzEHFRpJHquz0iNJfzrv9Zj5BJqCJTWfd2aBLIs20Wv8zK0DcGXG9-g70oOs&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_hm=Yyd3c5gsDjXXBOFgYrA_sQAABLsAAAIB&google_nid=index&google_push=AZmPxg8Je02ZMB47y8WLtzEYmQoY0jcgSH2Hi8xRzEHFRpJHquz0iNJfzrv9Zj5BJqCJTWfd2aBLIs20Wv8zK0DcGXG9-g70oOs

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJToLzpikgBvCrH1lB-C24&google_cver=1

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOPvZIWNcNsNzJsqhXIr3Kg&google_cver=1

Request Chain 181

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 190

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEMtutDgGK72yQaqbZls8N8&google_cver=1&google_push=AZmPxg-C7z9sqvR5X3PJpPv0XQR5yVtU5guhIhEcx2-E3hoH568EGC5qRBgoS7hlowamPzJTvgTYNa3CT5NmNbZN9JeQ2A44LfSYVQ HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-C7z9sqvR5X3PJpPv0XQR5yVtU5guhIhEcx2-E3hoH568EGC5qRBgoS7hlowamPzJTvgTYNa3CT5NmNbZN9JeQ2A44LfSYVQ&google_hm=NIAq4kN-0LzZoq_x-C1itg

Request Chain 192

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-idA2N7yN8_Lridwrpx7ukrL3o0G1Zuvv3gIoyL6Xhwb5dpBPVP9vSEY0eLvo69ilwtVP6NXxcCAurElv5PivPlbnBjfCt0w&google_gid=CAESEAzVJMmU8azgxsTQUzp3Dj8&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-idA2N7yN8_Lridwrpx7ukrL3o0G1Zuvv3gIoyL6Xhwb5dpBPVP9vSEY0eLvo69ilwtVP6NXxcCAurElv5PivPlbnBjfCt0w&google_gid=CAESEAzVJMmU8azgxsTQUzp3Dj8&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MTgxOTU0MjcwMDA2Nzg5Mjk4NTczMg%3D%3D&google_push=AZmPxg-idA2N7yN8_Lridwrpx7ukrL3o0G1Zuvv3gIoyL6Xhwb5dpBPVP9vSEY0eLvo69ilwtVP6NXxcCAurElv5PivPlbnBjfCt0w

Request Chain 195

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC70bdQ8_U_YYxAOp6Kgl4Y&google_cver=1&google_push=AZmPxg-JecbNb-hKDtzXNkYLSAgkvmcN7OFOR68yiHDkuva9zkdU94GaQA-lesNZrKfxH1RggNFIyZv5HoLQ-e4mH1T84BN9NEkGYw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg3UkJTM0otUy1JN1NU&google_push=AZmPxg-JecbNb-hKDtzXNkYLSAgkvmcN7OFOR68yiHDkuva9zkdU94GaQA-lesNZrKfxH1RggNFIyZv5HoLQ-e4mH1T84BN9NEkGYw

Request Chain 196

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_cver=1&google_push=AZmPxg-HA2pz1ceBaGt63--PX2bAjkCMj7wBhkwNgFaYh9NYn_NA06Q9ILiSKNseLn3sbYDnihg7xEQ-51ct1TuhaPE-SePmGPj1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_hm=Yyd3c5gsDjXXBOFgYrA_sQAABLsAAAIB&google_nid=index&google_push=AZmPxg-HA2pz1ceBaGt63--PX2bAjkCMj7wBhkwNgFaYh9NYn_NA06Q9ILiSKNseLn3sbYDnihg7xEQ-51ct1TuhaPE-SePmGPj1

Request Chain 202

https://d.agkn.com/pixel/2175/?google_gid=CAESEPEgoJFETPjFaIX2NGyZ94c&google_cver=1&google_push=AZmPxg-nDSQkqljZDv62ZcxuDOf-yiqNBvls_fsKsyGdYbZTVxqzC3mYCmp465PjlYV5OYDCCWztG0QPLafgFQjct4CYILH3JZ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-nDSQkqljZDv62ZcxuDOf-yiqNBvls_fsKsyGdYbZTVxqzC3mYCmp465PjlYV5OYDCCWztG0QPLafgFQjct4CYILH3JZ8&google_hm=Q0FFU0VQRWdvSkZFVFBqRmFJWDJOR3laOTRj

Request Chain 205

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC70bdQ8_U_YYxAOp6Kgl4Y&google_cver=1&google_push=AZmPxg9BKwA0zCEkALYReQvmkWyHYLXG99Mp9hI8M1ss0qzN2LQnyRQjEzDyzyn9vSfeRMh_d_Jdw8PHy1n0fun3Gh_T-5GNvb4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg3UkJTNjAtMjQtMVBWRg==&google_push=AZmPxg9BKwA0zCEkALYReQvmkWyHYLXG99Mp9hI8M1ss0qzN2LQnyRQjEzDyzyn9vSfeRMh_d_Jdw8PHy1n0fun3Gh_T-5GNvb4

Request Chain 206

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_cver=1&google_push=AZmPxg_K-LJdRcWelOKMcMnerErSEWDzlyM-Hq1i8_VZ9zaXK4QN3yF_BcZLG05UlhrJAzoymNtNDmcI9L9jjD1FSRneyThsklE HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_hm=Yyd3c5gsDjXXBOFgYrA_sQAABLsAAAIB&google_nid=index&google_push=AZmPxg_K-LJdRcWelOKMcMnerErSEWDzlyM-Hq1i8_VZ9zaXK4QN3yF_BcZLG05UlhrJAzoymNtNDmcI9L9jjD1FSRneyThsklE

Request Chain 219

https://fw.adsafeprotected.com/rfw/st/886862/62195610/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_cncnY9OaOcur3gPM3puIDw&cbFunctionName=goog_wrapCb_cncnY9OaOcur3gPM3puIDw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fsmiles.iclou.com.br&adsafe_type=g&adsafe_url=http%3A%2F%2Fsmiles.iclou.com.br%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8847092362748368%26output%3Dhtml%26h%3D280%26slotname%3D5410211141%26adk%3D2308955421%26adf%3D785591858%26pi%3Dt.ma~as.5410211141%26w%3D336%26lmt%3D1663530865%26psa%3D1%26format%3D336x280%26url%3Dhttp%253A%252F%252Fsmiles.iclou.com.br%252F%26wgl%3D1%26dt%3D1663530865772%26bpp%3D2%26bdt%3D1984%26idt%3D-M%26shv%3Dr20220914%26mjsv%3Dm202209080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D51cf6fc53a7141f9-224c857825ce0051%253AT%253D1663530864%253ART%253D1663530864%253AS%253DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw%26prev_fmts%3D0x0%252C770x280%252C336x280%252C770x280%252C1005x124%26nras%3D2%26correlator%3D8337573679129%26frm%3D20%26pv%3D1%26ga_vid%3D1431237964.1663530864%26ga_sid%3D1663530864%26ga_hid%3D1479959542%26ga_fc%3D0%26u_tz%3D0%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D415%26ady%3D1925%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44767667%252C44767167%252C44772927%252C44769662%26oid%3D2%26psts%3DAPxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%252CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%26pvsid%3D4177203444710770%26tmod%3D343495732%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CleEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D6%26uci%3Da!6%26btvi%3D3%26fsb%3D1%26xpc%3DGOeKJUPZsg%26p%3Dhttp%253A%2F%2Fsmiles.iclou.com.br%26dtd%3D8&adsafe_type=bed&adsafe_jsinfo=,id:58164a99-6ace-7852-ef39-8e9a26c2eea0,c:oB7mzX,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-6f6db868fc-bm8tx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:thOJZlK+11%7C12%7C131%7C132%7C14%7C151%7C152%7C153%7C16%7C171*.886862-62195610%7C1711%7C1712%7C17131%7C1714%7C181%7C182%7C1831%7C191%7C192,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:21,oid:b3a944e6-378b-11ed-8f9b-ba5c4a2938a8,v:19.8.352,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

248 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
contatonline.com/
Redirect Chain

http://smailes.com.br/
http://contatonline.com/?q0zuHW4

110 B
367 B

261ms
123ms

Document
text/html

13.58.124.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://contatonline.com/?q0zuHW4
Protocol: HTTP/1.1
Server: 13.58.124.244 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-124-244.us-east-2.compute.amazonaws.com
Software: nginx / PHP/5.6.38
Resource Hash: f7da7a3265a7d6f483860c21d4b5447ccbeb23a9652f533cbbea8c2f8ef1c2ee

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 18 Sep 2022 19:54:23 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.38

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 18 Sep 2022 19:54:23 GMT
Location: http://contatonline.com/?q0zuHW4
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.29

GET
H/1.1 200
OK Primary Request / Show response
smiles.iclou.com.br/ 24 KB
7 KB 231ms
108ms Document
text/html 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx / PHP/7.4.29
Resource Hash: 6a62f9b45ebddbac527c5fc17392bfda464d8b29ce0b049a914ab99541112e56

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 18 Sep 2022 19:54:23 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.29

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 98ms
72ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65a2e4c23f2e4acf9d9e132be27bd6aaae0792a8adbb11586b1c7a99e8d89972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 18 Sep 2022 19:54:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2014372814359685257
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 58000
X-XSS-Protection: 0
Expires: Sun, 18 Sep 2022 19:54:23 GMT

GET
H/1.1 200
OK estilo-laranja.css
smiles.iclou.com.br/css/ 202 KB
27 KB 112ms
112ms Stylesheet
text/css 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/css/estilo-laranja.css
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 418c782cd9a0f004f25873525e400620db28bc9d81b2961e5e6be9faa5a900bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:54:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:28 GMT
Server: nginx
ETag: W/"6018b728-327ff"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 82ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

708d5c9dbe4b6a80868cef351b45d31093d8dbe6e658f893be79a485c5879adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:54:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 19:54:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 19:54:23 GMT

GET
H/1.1 200
OK topo.jpg
smiles.iclou.com.br/images/ 24 KB
24 KB 218ms
109ms Image
image/jpeg 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://smiles.iclou.com.br/images/topo.jpg
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 0a7cac9b8f0b40c02c190a290f821c12d3a30bdd31f99699c96afb6e011f628b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:54:23 GMT
Last-Modified: Tue, 02 Feb 2021 02:21:31 GMT
Server: nginx
ETag: "6018b72b-5fdd"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24541
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK requestData.js Show response
redirecionador.info/relacionados/aereo/ 1 KB
1 KB 293ms
258ms Script
application/javascript 2606:4700:3030::ac43:9016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://redirecionador.info/relacionados/aereo/requestData.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9016 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ea571f67616f2ef7b6acacb2a92cecf6a5035424ce962d971e3f32926202e06

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:54:24 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 11 Feb 2021 20:28:44 GMT
Server: cloudflare
ETag: W/"6025937c-43c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INuCgoSjgqne2HaYl5sxIgN%2FN%2B1raEX1cibjnA%2FILjLaDG5MHFbitUogOXbCXhnnV1sGxHmnGg7W83azZDZ7z8Rkby2y506VjOEwdJ6XPFWm9JaORMrK9C4acZxS5GfHxn3O89UERFkqSZ3IATLXx80J"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
CF-RAY: 74cca21b1866917d-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.3.1/dist/ 85 KB
31 KB 83ms
36ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15676349
x-jsd-version: 3.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19156-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1538f-DcMttKqcXwPzs4xH2IPb1P7ROq4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVUf5WiR%2ByyjQMhgMNUgYTXqlEsWNMRl%2F%2Fv18ZHaT6SrGmug%2FsFpjURiOqGSUgRXyrOseGPN3MoDUZXLmfP3ZIF08Rz1BlJfQhYT5J%2Fu8n3MTToI7YDpey3cKGeHd7MtSc2cUhtWK7HpQGT6mk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 74cca21b2c91692e-FRA

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 84ms
37ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15676365
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19152-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqWXNzqm5JyjLHEATiDQBDOv4Rfw%2FGCZV%2BanskglXm836y5oy8hlj%2B3YL8ICL%2BGNuvvLOVuyBD48mPEcuyw%2Bond%2Bws0CaVLFvB4BPeYO18l3lC3yjxh5YUYomJHPUtbyZozNeMq0PZ5fvJSqy1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 74cca21b2c98692e-FRA

GET
H2 200 jquery.flexslider.min.js Show response
cdn.jsdelivr.net/npm/flexslider@2.7.1/ 23 KB
7 KB 99ms
54ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flexslider@2.7.1/jquery.flexslider.min.js

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 132925
x-jsd-version: 2.7.1
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19171-FRA, cache-itm18841-ITM
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"5a97-CZSrA1me8DvhFo11qWL07JtctNM"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reGuD%2BRQYCr%2FDjmWiSig9%2Ftox25FLs%2B2c2sj2r7tz2cpJjaKmXEtEDLOE8lKJ0wjZAeiXAeV94S%2FiYY5pnN1UmXfLejnSez5kmICDMec6CaZwPZhO1jj0giHlbpdT7ry8Qt8FSKNL6sW%2Fpy234g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 74cca21b2c9e692e-FRA
access-control-expose-headers: *

GET
H/1.1 200
OK scripts.min.js Show response
smiles.iclou.com.br/js/ 2 KB
1 KB 216ms
108ms Script
application/javascript 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/js/scripts.min.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 9737e1f2d8e8394823b95d1c2ed3db1a65efabeb4eaf36b3d35ed053dff921b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:54:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:33 GMT
Server: nginx
ETag: W/"6018b72d-919"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ads.js Show response
smiles.iclou.com.br/js/ 10 KB
2 KB 217ms
108ms Script
application/javascript 5.161.90.154
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smiles.iclou.com.br/js/ads.js
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 5.161.90.154 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.154.90.161.5.clients.your-server.de
Software: nginx /
Resource Hash: 2fd3ec1c9bbd8649a7df803f56aee470fa259abb0a9b70485cd51c9d1bf77a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:54:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 02:21:32 GMT
Server: nginx
ETag: W/"6018b72c-27a5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 129ms
77ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8847092362748368&plah=smiles.iclou.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b41f53d575b1b7bcb942ec26ed2b2c365fd37862cb72d084453a77e6a454a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124744
x-xss-protection: 0
server: cafe
etag: 221074948487312605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 19:54:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/ Frame 3EFE 10 KB
5 KB 79ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4566
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 18:38:18 GMT
etag: 9671129459699598864
expires: Sun, 02 Oct 2022 18:38:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
22 KB 76ms
25ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 22:25:42 GMT
x-content-type-options: nosniff
age: 422922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 22:25:42 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 98ms
48ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 06:59:55 GMT
x-content-type-options: nosniff
age: 305669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 06:59:55 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 92ms
41ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://smiles.iclou.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:09:51 GMT
x-content-type-options: nosniff
age: 513873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:09:51 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
3 KB 130ms
55ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

8d08b723f9f76380504784b82b4d4e5f6c2c0da5ca96207dd44e42f2c0d09db8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Sun, 18 Sep 2022 19:54:24 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2908
x-xss-protection: 0
server: gws
expires: Sun, 18 Sep 2022 19:54:24 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 57ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Only%20one%20%27enable_page_level_ads%27%20allowed%20per%20page.%0Aat%20kq%20(http%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A244%3A323)%0Aat%20jq%20(adsbygoogle.js%3A243%3A454)%0Aat%20qq%20(adsbygoogle.js%3A250%3A365)%0Aat%20c%20(adsbygoogle.js%3A251%3A38)%0Aat%20rq%20(adsbygoogle.js%3A251%3A158)%0Aat%20Cq%20(adsbygoogle.js%3A260%3A255)%0Aat%20sq%20(adsbygoogle.js%3A257%3A89)%0Aat%20adsbygoogle.js%3A252%3A54%0Aat%20n.oa%20(adsbygoogle.js%3A124%3A792)%0Aat%20nk%20(adsbygoogle.js%3A129%3A1037)&shv=r20220914&mjsv=m202209080101&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&client=ca-pub-8847092362748368&url=http%3A%2F%2Fsmiles.iclou.com.br%2F

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
647 B 103ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=smiles.iclou.com.br&callback=_gfp_s_&client=ca-pub-8847092362748368

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8847092362748368&plah=smiles.iclou.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abbbfa07c65a2fb34217085e3ba9d557553990beb54663d6fa4c7468706c184e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 105ms
32ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 108ms
29ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 263B 66 KB
16 KB 702ms
659ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&adk=1812271804&adf=3025194257&lmt=1663530864&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1663530863970&bpp=3&bdt=181&idt=319&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8337573679129&frm=20&pv=2&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=342

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ebcc68ad159f9c1ed01a1d7bab0ae6f56dc4b518609b0ff3a578fc757c8dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 16176
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:25 GMT
expires: Sun, 18 Sep 2022 19:54:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse_element__pt_pt.js Show response
www.google.com/cse/static/element/fd562c898514f252/ 303 KB
101 KB 111ms
49ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/fd562c898514f252/cse_element__pt_pt.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a89aebbe37aecac32f175404d1f31f2679ca7e801f8cd2a8efd21f4f6c07349a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 22:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103340
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 20:48:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 13 Sep 2023 22:34:14 GMT

GET
H2 200 default+pt_PT.css
www.google.com/cse/static/element/fd562c898514f252/ 41 KB
41 KB 81ms
22ms Stylesheet
text/css 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/fd562c898514f252/default+pt_PT.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 22:43:35 GMT
x-content-type-options: nosniff
age: 249049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41765
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 20:48:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 15 Sep 2023 22:43:35 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 80ms
21ms Stylesheet
text/css 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 18 Sep 2022 20:19:33 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D65 93 KB
29 KB 925ms
925ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530864&rafmt=1&psa=0&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530864373&bpp=3&bdt=584&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=vBieZrGYH3&p=http%3A//smiles.iclou.com.br&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb836f0e8d6208a7d542587d20b1a24c3750a4e6a3d3d79516acc4fbdb3f654b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMan_LGPn_oCFROrcQodWdgGiQ&gqi=cHcnY_fpGM-Otwf3oJ6QAQ&layout=/sadbundle/%24csp%253Der3%24/1838989884782542848/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29934
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMan_LGPn_oCFROrcQodWdgGiQ&gqi=cHcnY_fpGM-Otwf3oJ6QAQ&layout=/sadbundle/%24csp%253Der3%24/1838989884782542848/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:25 GMT
expires: Sun, 18 Sep 2022 19:54:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 422F 73 KB
21 KB 1308ms
1305ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1663530864&psa=0&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530864373&bpp=1&bdt=585&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=QrCe8PEC4z&p=http%3A//smiles.iclou.com.br&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af929ef76b4bef84d3f7861d43850ff24a4c618edf56122f6366caecb3341d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 21532
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:25 GMT
expires: Sun, 18 Sep 2022 19:54:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 141 KB
52 KB 51ms
31ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/fd562c898514f252/cse_element__pt_pt.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e42635b7e1672b3d00733caace64929e53df48e9f1804f5b3581072ec1c8b3d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:54:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "3294325116484849473"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
Expires: Sun, 18 Sep 2022 19:54:24 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/pt_PT/ 1 KB
1 KB 68ms
22ms Image
image/png 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/pt_PT/branding.png

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1f061781dd54ac94ee2245db3b03e2fe1604349e42b857a3e5c982d6cdbb5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 06:48:16 GMT
x-content-type-options: nosniff
age: 392768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1492
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 14 Sep 2023 06:48:16 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 129ms
20ms Image
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:54:24 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 149 KB
53 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1abec7217e226089caa2b31a77a893f52ff523f9cd225a6ec686f17a333219b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54569
x-xss-protection: 0
server: cafe
etag: 8986847179515081386
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 19:54:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-8847092362748368&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 78ms
31ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 76ms
31ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9010 96 KB
31 KB 626ms
625ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530865&rafmt=1&psa=0&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530865067&bpp=2&bdt=1278&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rrIcTwXTYQ&p=http%3A//smiles.iclou.com.br&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3b043ba863292f3238b7d6b5f85ade61ae0d4138bb35b53c3dbde0ff5290714

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP7mqLKPn_oCFcVAFQgdcZ8Cwg&gqi=cXcnY6HQBoiktgfhh4TgAw&layout=/sadbundle/%24csp%253Der3%24/1838989884782542848/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31953
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP7mqLKPn_oCFcVAFQgdcZ8Cwg&gqi=cXcnY6HQBoiktgfhh4TgAw&layout=/sadbundle/%24csp%253Der3%24/1838989884782542848/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:25 GMT
expires: Sun, 18 Sep 2022 19:54:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-8847092362748368&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/ Frame 9AD3 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 06:12:41 GMT
etag: 9671129459699598864
expires: Sun, 02 Oct 2022 06:12:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012208242209000/ Frame 9AD3 220 KB
61 KB 116ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98a2bc2afc0f4cab2b795ad4073bcb8fb4093f2ef1df15ea4f616864416bc7a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 528269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61572
x-xss-protection: 0
server: sffe
date: Mon, 12 Sep 2022 17:09:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3316a1477ddceef"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 12 Sep 2023 17:09:56 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012208242209000/v0/ Frame 9AD3 14 KB
5 KB 151ms
60ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b40b457fa316cee42f8a4bc97d77182cc54120e33ffbb8a812c05836501134a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5202
x-xss-protection: 0
server: sffe
date: Tue, 13 Sep 2022 19:17:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "29c50428a02dcb23"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 19:17:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012208242209000/v0/ Frame 9AD3 94 KB
28 KB 153ms
62ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf2d49f967e0112be0eb0cab4103cdec4cbf10f49810197750ecea6fbe2ba116

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 225527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28820
x-xss-protection: 0
server: sffe
date: Fri, 16 Sep 2022 05:15:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d86c26a7f6daf516"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Sep 2023 05:15:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012208242209000/v0/ Frame 9AD3 5 KB
2 KB 163ms
73ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476756d5ca23f4bc0086789ce0af7a810be71053bbfa8ea98aed92cc14f123dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1907
x-xss-protection: 0
server: sffe
date: Tue, 13 Sep 2022 19:17:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f652edf411126f67"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 19:17:28 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012208242209000/v0/ Frame 9AD3 40 KB
13 KB 165ms
74ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

659e88497037086f548b785858e67802177b50f906e65ab77c6985841b370cf9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
date: Tue, 13 Sep 2022 19:17:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1a39bbdc45509c4d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 19:17:25 GMT

GET
H2 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012208242209000/v0/ Frame 9AD3 6 KB
2 KB 167ms
76ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/v0/amp-gwd-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce302760c9165399e108bb066aee20128ed32555c0201b8b240a9342a61b9847

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 433720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2443
x-xss-protection: 0
server: sffe
date: Tue, 13 Sep 2022 19:25:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22fb75b9aa585a43"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 19:25:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9AD3 43 KB
2 KB 89ms
33ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d2cdc33a01967787075c67728204819a1c4b23d621bdeb44727fa612a25d585

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 18:32:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 19:54:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 19:54:25 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9AD3 3 KB
3 KB 95ms
26ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 17:19:54 GMT
x-content-type-options: nosniff
server: cafe
age: 9271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Mon, 19 Sep 2022 17:19:54 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9AD3 344 B
807 B 90ms
21ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 04:10:05 GMT
x-content-type-options: nosniff
server: cafe
age: 56660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 19 Sep 2022 04:10:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9AD3 0
21 B 71ms
67ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzhuIcHcnY-icGMaA1fAPiqaayA350PnHapur3YLGD5_Ch8CVDhABIJCwhxNglfrwgYwHoAGKwPz3AsgBCakCQyYB0hDOsD6oAwHIAwiqBOgBT9AGr6S_huUfITSdZJUYTcYzEXFCJrW5XaunTG_v-PeIDILxZYlr-lCAP_zp7fhWdBo-YLge39vDybT9mqvC0ywU2GVd-ciNcAS1U1ULFG2cINRezVeUr3xIaZQlQMpp1Ui46rmtmXecHFFiW-ID_ZCw_G0O5PwjTB1KgY_ka-LJ7SdK6BqKr7MdRJvEainCWD507ULvfptGtv884EErj48If372sap1i7-0hoo4KbeG7TeepasfEtcwZMZ1O_fxu-7a9EpZgGEE6v8bxSevO3vwEGmXzMzJfw7rnOxJDvkJEETtmuvZcMAExYSwo-8DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB96_g4gBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQk5xI0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItODg0NzA5MjM2Mjc0ODM2OBgA&sigh=uiPIkPMgEJY&uach_m=[UACH]&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 18 Sep 2022 19:54:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 18 Sep 2022 19:54:25 GMT

GET
DATA 200
OK truncated
/ Frame 9AD3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 833ac858295688dfc58fe2bed126e486451772dd96af356103c36630eec4038b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 9AD3 12 KB
12 KB 71ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 20:52:35 GMT
x-content-type-options: nosniff
age: 514910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 20:52:35 GMT

GET
H3 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 9AD3 13 KB
13 KB 73ms
26ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 21:23:03 GMT
x-content-type-options: nosniff
age: 340282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 21:23:03 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame 9EE7 105 KB
26 KB 76ms
25ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a8c742162d4336f7579cc2113eeb132065b6875c822c0f6190c8fde9d04adfb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 73191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26541
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Sep 2022 23:34:34 GMT
expires: Sun, 17 Sep 2023 23:34:34 GMT
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7D65 0
0 71ms
71ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzlRncHcnY8avGZPWxgPZsJvICPOpzKtszMbcg4gQsuqTtO8wEAEgkLCHE2CV-vCBjAegAebt-MIByAEJqQJDJgHSEM6wPqgDAaoE9wFP0GKwaDn6i4FIt-0KNEwuTwzWOM13gND4r3kNMAhNTRt_sUkCuw77ADN-ev5-iMBqOQoVkBwk9EyI_E8DMsUCnioT7uo18UoXvBv47N5FwCgK4mC01IOwCJNpFfCBKPOQ-7vUPHlrPV8-nPmSZIwtijUcveMukOnjzpCgH0hrCjqZr9aB8-J_dY_bbvUcWPjSQA78hUdQimz79M9uNwjqpnB_mOI4lB5KJppkthRG-Tp9GrSvNT1l0YLcz5y4Gq86aDO-D38fIWS4lutUqFR2FbUGwgdOoJpo3pcqKi7COLb1qE5bNJZ755zZEW6Ox-4c3JRhXwXWwATd2s2j9AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGa4AHg62m3gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQxoNf0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItODg0NzA5MjM2Mjc0ODM2OBgA&sigh=BG0YgiyMOus&uach_m=[UACH]&template_id=531

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530864&rafmt=1&psa=0&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530864373&bpp=3&bdt=584&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=vBieZrGYH3&p=http%3A//smiles.iclou.com.br&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 18 Sep 2022 19:54:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FA60 143 B
166 B 29ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=3582736694&adf=865389875&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530864&rafmt=1&psa=0&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530864373&bpp=3&bdt=584&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=vBieZrGYH3&p=http%3A//smiles.iclou.com.br&dtd=8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:39:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 7D65 3 KB
1 KB 67ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:46:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:46:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 7D65 17 KB
7 KB 68ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:39:44 GMT

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012208242209000/ 23 KB
8 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aa0aeaa1c8cdb17cba5fffd620642edad90c30336c7fd99edf0d30b0e8bb8ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7859
x-xss-protection: 0
server: sffe
date: Tue, 13 Sep 2022 19:17:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9f978466ec83a2ff"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 19:17:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9EE7 4 KB
664 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:500,600|Poppins:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8842d55c7ed6bddca9f29e54a22750272dadb786cb8f6bc7b1e3e337510b2621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:54:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 19:54:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 19:54:25 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9EE7 16 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 07:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 19 Sep 2022 07:40:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9EE7 26 KB
10 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 04:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 19 Sep 2022 04:52:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D65 141 KB
44 KB 101ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:54:25 GMT

GET
DATA 200
OK truncated
/ Frame 7D65 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52045d86fa80dbd0f6839ccebf748682d65e552403591dcc03db5f9d956961bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FA60
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

31ms
30ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:25 GMT
expires: Sun, 18 Sep 2022 19:54:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 18 Sep 2022 19:54:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 9EE7 30 KB
30 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,600|Poppins:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 318605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 03:24:20 GMT

GET
H3 200 Logo-Transparent-Small.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame 9EE7 3 KB
3 KB 23ms
22ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/Logo-Transparent-Small.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 314309
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3327
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
server: sffe
date: Thu, 15 Sep 2022 04:35:56 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 04:35:56 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9EE7 29 KB
30 KB 254ms
22ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTXnCspi3z9iAW04cvTMANYAbPzTViJcGajzf7O-EK4rjQbYVPG&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

027a59371d5c0f42561e42ec25a54917efa5df94a52c805aacb2e05a90926010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:16:16 GMT
x-content-type-options: nosniff
age: 387489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29774
x-xss-protection: 0
last-modified: Fri, 20 May 2022 00:08:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 14 Sep 2023 08:16:16 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9EE7 10 KB
11 KB 252ms
21ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVnSJMD5cnkJHzC9-kto5bW_iagE0oHrxmKCiICAkVcPaBnzo&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 22:05:35 GMT
x-content-type-options: nosniff
age: 596930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 11 Sep 2023 22:05:35 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9EE7 34 KB
34 KB 293ms
63ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR2ywFcDgruNaOiiEMN65dOmo0duZrf-3t2Nkxb142lUJ6yBzN3HurYYr60Uw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea6d1d75101922eefaf1178a8076ce9dea8e89d1ff2d0bd788e4190512e48a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 22:02:02 GMT
x-content-type-options: nosniff
age: 597143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34470
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 22:36:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 11 Sep 2023 22:02:02 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9EE7 37 KB
38 KB 254ms
24ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQJ9oqIFHoOKDLOmG16nw4IoI_f5Uilu7RtveGvh36H51eTbnbe&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a472fb1d9d44328ccefa63a574ee3d83a331b03ef528f536d96a1274327b1780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 10:48:59 GMT
x-content-type-options: nosniff
age: 464726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38106
x-xss-protection: 0
last-modified: Fri, 20 May 2022 00:08:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 13 Sep 2023 10:48:59 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9EE7 55 KB
55 KB 253ms
21ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQUzQ4lnLQyHPdZpA8BHv7T1LOkbNL2SqgnnpI8fvWEBOl9miDu&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866a0115ef55a30b1537266767dc26e175b839ea5d4052ef0c45222ad73f96c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 06:28:57 GMT
x-content-type-options: nosniff
age: 480328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56063
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 22:27:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 13 Sep 2023 06:28:57 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9EE7 24 KB
25 KB 275ms
45ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQQcJP2-EXGW6mLVVwL-UO1TEB8eoPMtO7bIsBDsMVm6uOrBOPByjXVgn3YLvE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cba838b577f9420fae47716730738211dbe95a130091709a04a9d6d878ace14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 16:30:25 GMT
x-content-type-options: nosniff
age: 12240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25002
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 22:39:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 18 Sep 2023 16:30:25 GMT

GET
DATA 200
OK truncated
/ Frame 9EE7 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 Logo-Transparent-Small.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame 9EE7 3 KB
3 KB 22ms
21ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/Logo-Transparent-Small.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 314309
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3327
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
server: sffe
date: Thu, 15 Sep 2022 04:35:56 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 04:35:56 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 449D 21 KB
10 KB 1057ms
1056ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d2ed307afe5105e1c26a08eaf57c26cac8cb17ca3fe43e96170e1293d11e05d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10601
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C57 18 KB
10 KB 941ms
941ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d57b68fd65fe72f8bff06fb054801a4a7a0f9909321733371d4f664e0b9db62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 9839
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 422F 3 KB
601 B 39ms
34ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1663530864&psa=0&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530864373&bpp=1&bdt=585&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=QrCe8PEC4z&p=http%3A//smiles.iclou.com.br&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:06:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 19:54:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 19:54:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 422F 2 KB
902 B 33ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:47:11 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 422F 23 KB
9 KB 35ms
29ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:44:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 422F 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:46:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:46:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 422F 17 KB
7 KB 36ms
30ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:39:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 422F 141 KB
44 KB 80ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:54:25 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 422F 33 KB
14 KB 113ms
38ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 14:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 14:45:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 422F 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Crg2QcHcnY4j3Hf3In88P0PWuwAzq9bj5aqO725_aEIbr5IK8LhABIJCwhxNglfrwgYwHoAGNl7PcA8gBBqkCQyYB0hDOsD6oAwHIAwKqBOYBT9Dld7KINLZ-6_3lIxCKiBgTQidUnvxgd_VgRiZQdbdAEuTzoUs2kHUsvqwLPPQK4Bz5qmlCp4bWqJryinlieaOxss4CSucu6aXw_WVsnX59ibnQdi1VnIaFLcycSHYokTwwK-WEB5G78DyquC00d2_apd9JpEotTfjq5MV2YJTub7CJxPSXYs_975fdsh84pPSouuk-8xgmoH5KUQaGkC9y008vvUK2lg9TJ63e1Tinb8GYHmMf8fqxQ5hu9IfpEZ76yrhE4NmoiRgAfk2scLzrUyb0ygVDDrkOf0y_1LpRbmYeyaHABIPbgKjtA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfb6MwjqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcEEJKIG9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTg4NDcwOTIzNjI3NDgzNjgYAA&sigh=mCxhD_23BOQ&uach_m=[UACH]&template_id=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=291284351&adf=3401818602&pi=t.ma~as.5410211141&w=336&lmt=1663530864&psa=0&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530864373&bpp=1&bdt=585&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=QrCe8PEC4z&p=http%3A//smiles.iclou.com.br&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 18 Sep 2022 19:54:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame C5D2 105 KB
26 KB 36ms
24ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530865&rafmt=1&psa=0&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530865067&bpp=2&bdt=1278&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rrIcTwXTYQ&p=http%3A//smiles.iclou.com.br&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a8c742162d4336f7579cc2113eeb132065b6875c822c0f6190c8fde9d04adfb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 73191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26541
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Sep 2022 23:34:34 GMT
expires: Sun, 17 Sep 2023 23:34:34 GMT
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9010 0
0 74ms
64ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ck1jPcXcnY77qCMWB1fAP8b6KkAzzqcyrbMzG3IOIELLqk7TvMBABIJCwhxNglfrwgYwHoAHm7fjCAcgBCakCQyYB0hDOsD6oAwGqBPcBT9C_JHPt94_W-_lD0xXKmSoM7cjGUWXiVJ9E-xf6kFH6jqNTLUVlnsjwhrTsASTnXQ5qiNU4GxxBQk0G2uD-pW30kUb8MmECEmFpdD9E-ZBak7E-oJMPf5GG6VI7Q-_A4Xwsaq7N0IbV69pVPA27GtYx0T191ZSTiSvdj33ulSK-fMxTSG61jTacN-P4SC9WB1pLZpszA9gfrm2AiVbujkADBSzw6yycyAnJLoKjxs-hX6pCODxWx71RFzMWsnm4-yjtpzAkCUI4fdkcXwwexthpkioNM5VSJtb9ERHkg6gltVtuZtCeT0EOu73y3Atn6bNlbXqvM8AE3drNo_QDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBmuAB4Otpt4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcFEOzN1AHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=GmWxAebkcAg&uach_m=[UACH]&template_id=531

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530865&rafmt=1&psa=0&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530865067&bpp=2&bdt=1278&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rrIcTwXTYQ&p=http%3A//smiles.iclou.com.br&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 18 Sep 2022 19:54:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DE22 143 B
166 B 28ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530865&rafmt=1&psa=0&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530865067&bpp=2&bdt=1278&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rrIcTwXTYQ&p=http%3A//smiles.iclou.com.br&dtd=15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:39:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 9010 3 KB
1 KB 32ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:46:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:46:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 9010 17 KB
7 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:39:44 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9EE7 10 KB
10 KB 99ms
43ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVnSJMD5cnkJHzC9-kto5bW_iagE0oHrxmKCiICAkVcPaBnzo&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 22:05:35 GMT
x-content-type-options: nosniff
age: 596930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 11 Sep 2023 22:05:35 GMT

GET
H3

200

12277782186329756556
tpc.googlesyndication.com/simgad/ Frame 422F
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODA6_61ORCAARiAATII578w6sMa7TQ
https://tpc.googlesyndication.com/simgad/12277782186329756556

2 KB
2 KB

180ms
162ms

Image
image/jpeg

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12277782186329756556

Requested by

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64c9579197a4a0f024459e23bd6e272f1a8bbec4844bd5f9681632fd47ce3868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:26 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2382
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 10:29:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Sep 2023 19:54:26 GMT

Redirect headers

date: Sun, 18 Sep 2022 06:51:32 GMT
x-content-type-options: nosniff
server: cafe
age: 46973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/12277782186329756556
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Oct 2022 06:51:32 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 422F 16 KB
16 KB 95ms
40ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRYiztru-IqBGdVpNYaZFeE9QQIajuHNC2b0eb1uwKG_aWushE&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37b76353198aaa176b818f303090bb4e5bec086effea980f25dd04954535927f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 10:52:57 GMT
x-content-type-options: nosniff
age: 291688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 23:11:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 15 Sep 2023 10:52:57 GMT

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 9010 0
20 B 128ms
58ms Other
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP7mqLKPn_oCFcVAFQgdcZ8Cwg&gqi=cXcnY6HQBoiktgfhh4TgAw&layout=/sadbundle/%24csp%253Der3%24/1838989884782542848/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9EE7 24 KB
24 KB 88ms
26ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQQcJP2-EXGW6mLVVwL-UO1TEB8eoPMtO7bIsBDsMVm6uOrBOPByjXVgn3YLvE&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cba838b577f9420fae47716730738211dbe95a130091709a04a9d6d878ace14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 16:30:25 GMT
x-content-type-options: nosniff
age: 12240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25002
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 22:39:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 18 Sep 2023 16:30:25 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9EE7 55 KB
55 KB 91ms
29ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQUzQ4lnLQyHPdZpA8BHv7T1LOkbNL2SqgnnpI8fvWEBOl9miDu&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866a0115ef55a30b1537266767dc26e175b839ea5d4052ef0c45222ad73f96c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 06:28:57 GMT
x-content-type-options: nosniff
age: 480328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56063
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 22:27:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 13 Sep 2023 06:28:57 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9EE7 37 KB
37 KB 105ms
44ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQJ9oqIFHoOKDLOmG16nw4IoI_f5Uilu7RtveGvh36H51eTbnbe&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a472fb1d9d44328ccefa63a574ee3d83a331b03ef528f536d96a1274327b1780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 10:48:59 GMT
x-content-type-options: nosniff
age: 464726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38106
x-xss-protection: 0
last-modified: Fri, 20 May 2022 00:08:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 13 Sep 2023 10:48:59 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9EE7 34 KB
34 KB 94ms
33ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR2ywFcDgruNaOiiEMN65dOmo0duZrf-3t2Nkxb142lUJ6yBzN3HurYYr60Uw&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea6d1d75101922eefaf1178a8076ce9dea8e89d1ff2d0bd788e4190512e48a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 22:02:02 GMT
x-content-type-options: nosniff
age: 597143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34470
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 22:36:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 11 Sep 2023 22:02:02 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9EE7 29 KB
29 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTXnCspi3z9iAW04cvTMANYAbPzTViJcGajzf7O-EK4rjQbYVPG&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

027a59371d5c0f42561e42ec25a54917efa5df94a52c805aacb2e05a90926010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:16:16 GMT
x-content-type-options: nosniff
age: 387489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29774
x-xss-protection: 0
last-modified: Fri, 20 May 2022 00:08:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 14 Sep 2023 08:16:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C5D2 4 KB
664 B 51ms
43ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:500,600|Poppins:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8842d55c7ed6bddca9f29e54a22750272dadb786cb8f6bc7b1e3e337510b2621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:21:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 19:54:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 19:54:25 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C5D2 16 KB
6 KB 29ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 07:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 19 Sep 2022 07:40:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C5D2 26 KB
10 KB 30ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 04:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 19 Sep 2022 04:52:24 GMT

GET
DATA 200
OK truncated
/ Frame 422F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5333868ea85475e3d3b958361e49b85f6156ba53d97fb04cc115849a615c88ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9010 0
0 33ms
33ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIT4Et1l8vy7f0tFcxa1v_-2tMHxKXFI4tkI3eLDRly62hm7HHzqgUR0UZy4I2Pm7O-4GhlH_aw3-6S5wz__9-4Zj89Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530865&rafmt=1&psa=0&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530865067&bpp=2&bdt=1278&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rrIcTwXTYQ&p=http%3A//smiles.iclou.com.br&dtd=15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9010 141 KB
44 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:54:25 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 422F 20 KB
20 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 423697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 22:12:48 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 422F 21 KB
21 KB 65ms
65ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:32:27 GMT
x-content-type-options: nosniff
age: 444119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 16:32:27 GMT

GET
DATA 200
OK truncated
/ Frame 9010 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39b68bdf3bc0ac982646c51729d59a2a58f25ed048d089b5e5205f876b392dfc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DE22
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
38ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:26 GMT
expires: Sun, 18 Sep 2022 19:54:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame C5D2 30 KB
30 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,600|Poppins:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 318606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 03:24:20 GMT

GET
H3 200 Logo-Transparent-Small.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame C5D2 3 KB
3 KB 23ms
22ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/Logo-Transparent-Small.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 314310
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3327
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
server: sffe
date: Thu, 15 Sep 2022 04:35:56 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 04:35:56 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame C5D2 29 KB
29 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTXnCspi3z9iAW04cvTMANYAbPzTViJcGajzf7O-EK4rjQbYVPG&usqp=CAI

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

027a59371d5c0f42561e42ec25a54917efa5df94a52c805aacb2e05a90926010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:16:16 GMT
x-content-type-options: nosniff
age: 387490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29774
x-xss-protection: 0
last-modified: Fri, 20 May 2022 00:08:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 14 Sep 2023 08:16:16 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame C5D2 10 KB
10 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVnSJMD5cnkJHzC9-kto5bW_iagE0oHrxmKCiICAkVcPaBnzo&usqp=CAI

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 22:05:35 GMT
x-content-type-options: nosniff
age: 596931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 11 Sep 2023 22:05:35 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame C5D2 55 KB
55 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQUzQ4lnLQyHPdZpA8BHv7T1LOkbNL2SqgnnpI8fvWEBOl9miDu&usqp=CAI

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866a0115ef55a30b1537266767dc26e175b839ea5d4052ef0c45222ad73f96c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 06:28:57 GMT
x-content-type-options: nosniff
age: 480329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56063
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 22:27:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 13 Sep 2023 06:28:57 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame C5D2 17 KB
17 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTR7hctHJW_oOq_3GEqM-uC2Od0-ouJGatxs_4ZpoixZOZtwsk&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bebac62c953edf0d0ce8dced28607c288ca4e8edc7e52b2703bb45f8014bca3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 07:11:29 GMT
x-content-type-options: nosniff
age: 45777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17473
x-xss-protection: 0
last-modified: Thu, 19 May 2022 22:32:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 18 Sep 2023 07:11:29 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame C5D2 49 KB
50 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQEEfE6rrFohfh4A1Niyl1k--UQKgAQiHVJAUrD1giZ4eftIPI&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90b9cf02713dbb6610b40f38e7f8567dabd65b0aa3d8101066e55941a000fa91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 04:36:55 GMT
x-content-type-options: nosniff
age: 55051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50668
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 22:30:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 18 Sep 2023 04:36:55 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame C5D2 26 KB
26 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTcczUQcLEBCq7Jd-R0AeFyd7HEE_pfY7DGFih5E0VeC6MJ7DAfVuOSeWQiJA&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7941ea7681b9f03c1b5d38bbc0b8df51b55e7bc613e94649c80af7fe2575a768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 22:17:12 GMT
x-content-type-options: nosniff
age: 596234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27005
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 11 Sep 2023 22:17:12 GMT

GET
DATA 200
OK truncated
/ Frame C5D2 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame C5D2 26 KB
26 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTcczUQcLEBCq7Jd-R0AeFyd7HEE_pfY7DGFih5E0VeC6MJ7DAfVuOSeWQiJA&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7941ea7681b9f03c1b5d38bbc0b8df51b55e7bc613e94649c80af7fe2575a768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 22:17:12 GMT
x-content-type-options: nosniff
age: 596234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27005
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 11 Sep 2023 22:17:12 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame C5D2 49 KB
50 KB 36ms
35ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQEEfE6rrFohfh4A1Niyl1k--UQKgAQiHVJAUrD1giZ4eftIPI&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90b9cf02713dbb6610b40f38e7f8567dabd65b0aa3d8101066e55941a000fa91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 04:36:55 GMT
x-content-type-options: nosniff
age: 55051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50668
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 22:30:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 18 Sep 2023 04:36:55 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame C5D2 55 KB
55 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQUzQ4lnLQyHPdZpA8BHv7T1LOkbNL2SqgnnpI8fvWEBOl9miDu&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866a0115ef55a30b1537266767dc26e175b839ea5d4052ef0c45222ad73f96c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 06:28:57 GMT
x-content-type-options: nosniff
age: 480329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56063
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 22:27:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 13 Sep 2023 06:28:57 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame C5D2 17 KB
17 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTR7hctHJW_oOq_3GEqM-uC2Od0-ouJGatxs_4ZpoixZOZtwsk&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bebac62c953edf0d0ce8dced28607c288ca4e8edc7e52b2703bb45f8014bca3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 07:11:29 GMT
x-content-type-options: nosniff
age: 45777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17473
x-xss-protection: 0
last-modified: Thu, 19 May 2022 22:32:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 18 Sep 2023 07:11:29 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame C5D2 10 KB
10 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVnSJMD5cnkJHzC9-kto5bW_iagE0oHrxmKCiICAkVcPaBnzo&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 22:05:35 GMT
x-content-type-options: nosniff
age: 596931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 11 Sep 2023 22:05:35 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame C5D2 29 KB
29 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTXnCspi3z9iAW04cvTMANYAbPzTViJcGajzf7O-EK4rjQbYVPG&usqp=CAI

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

027a59371d5c0f42561e42ec25a54917efa5df94a52c805aacb2e05a90926010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:16:16 GMT
x-content-type-options: nosniff
age: 387490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29774
x-xss-protection: 0
last-modified: Fri, 20 May 2022 00:08:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 14 Sep 2023 08:16:16 GMT

GET
H3 200 Logo-Transparent-Small.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame C5D2 3 KB
3 KB 41ms
40ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/Logo-Transparent-Small.png

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 314310
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3327
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
server: sffe
date: Thu, 15 Sep 2022 04:35:56 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 04:35:56 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
31ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smiles.iclou.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C4DE 105 KB
33 KB 736ms
735ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7769053d21c254cf49db5618c91fccd58554d1a13363e6ae2da3ce67cd57e59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34093
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9AD3 42 B
64 B 58ms
57ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0_OQuQ8Kh5oLgJBWf2DsLX6YDL48JySLpU_h_p5lSVqkXpBzZT1F-qqQQf5WdhSqIljPqyQ7CMfbw3KiOwLfHEKw5-yBKw6P5WvWG45tANzlWenHPu6pH8dDgLVIoiHsZTvL8dA&sai=AMfl-YQGt1prKRQ3Bixz_Svstd-L7mm0d-CCCLMDRp8OJcOgJCn4gQF-VJnPAYQkkvnGoP82K5ZdBlSIKv4L&sig=Cg0ArKJSzLiab6moh6jgEAE&id=ampim&o=0,125&d=1005,124&ss=1600,1200&bs=1005,124&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=336&tls=1440&g=55.645161867141724&h=100&tt=1441&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7D65 42 B
64 B 64ms
63ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssA40TIYwSk_IhuZTJOQJZqJUWZolETl2xH5UTIGVCfSRbFAhJ57jyHqboYovO7Dek6tcux9Uw1qBD47dknl4s7gz3RLmrws6tWBoDt1Ad2O4HUGyAznsIIzmHLKwZMMBwjNiFJTQ&sai=AMfl-YQtAcV7stJzYB1MaJ47cmPTOusNRPWUKQR1SQRoTH7N5_ZUVfzNXds4iMTcBeYKG-aNGZsX4xJrbmz9&sig=Cg0ArKJSzF0v2-oXJM-VEAE&id=lidar2&mcvt=1003&p=0,0,280,770&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3582736694&rs=2&la=0&cr=0&vs=4&r=v&rst=1663530864383&rpt=1243&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C57 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dbza9wFYAsHPdhOYoBFemMV88f2QoV-PfkpfQyf_gBzbgDFWxRqUXgDTvEf5bDLOccOki021QamzZSsJFNZjsDVhzWzNXvRBsoJ90rWs8avF3tKnE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 4C57 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:46:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:46:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 4C57 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:39:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C57 141 KB
44 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:54:26 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9690 624 B
297 B 64ms
61ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiGrqfSATAB&v=APEucNWsLQ7HItJdymsjFE4S53w3hiC1e6rwOj5xZRVg3ZbDOycvQ_Jb61bqDyzRjpxfOBPNpDc8k6gPdOC4izw5d47QWNjD3ba_sy9bqfF7_cb7IwZOV1wyTQZIiv8ByUQBQsyYr6i5r3iXBGQi3uA_AMrX9F838BDnk9hvV9J-yRfmIc83Hk0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4C57 66 KB
30 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aw6-dq9TygauxfYVqrxaLZxsvpXiUVI2HkdmZWSo92lnmmaKQzD0i4PbKVrc7XEqKyexA8vYRkKOdYFPg0jTB8ca98_Q&cry=1&dbm_d=AKAmf-Bo5w7ss909uiB3fu00u6fdfnha70reA0uckAKFb_g0STmQktCpdMEdfdZJGySrBLwpAiy3PDNeRHdcRph1ffsidSS-fAY2J-qQbWjNR7sIQG6_oeQabepOzPMzzbfqBdU1OQDdGMOZa3483obdgpXL_PMlhn7g5DGU9hjfsLYU3mH-ZCfsPbCFbdqj9F62G_U6vfDTnkmaliV0ETcBmLPf1VKEUhfJQj3q3OJ5U0MrAaXmNFhfGjbbgON2AOGVaF7mGt-2YANQWAxVo0iTLHjz32lZV8y3aEtHBg-zATCxwHmBVVa2Z_YPUCppNEbQY4rYDhzWN9-BFVTIPD5kEbpWA5220vW34KDPPQ1xOTTnM2f7pBfTNrPu4o-fL-XohOKlyO2QsXU1-o8acC7Uk2_g1g75svdfk0EZfvShKVSV88lYp4u85JMHSl1Y2haklrrTjZO50PwPQ7Umo2PvuHSSYk4giwiRW8Fr_p9aH-YzYkpcCdLV_JDmI86Eduz2QpJqBb_9ZiPHyHGtzS4ibqG3Qnaq1TtWKO6zq3qrE_YakaNcIqWt-HdE_-iuWW_U20oLtMCELDiUUSD-c-dexX9W78Ohl8ALjTCOvZepEecj3n4zHFCJo4uazuwwfQzYDIpT9imkthChbfEllmMJ2UBricCcw5ot73lA_CLw1MutWIUKvaYRtlHgdtDUftUGQKBEPZWhQEM79gcExuuY5SkVsJq4dq9BqH7PHFN_MPdsiyUq0F2hSnY1Bv3jR0YqO4zmlFNO5hYUrBxNbhENhh-8XoDjpLXba325slT0WdS-9toMORCnWKpgzk77J25nAsTnazSoV1sEhLnZJ8l6lbR44Wt2Pi1JUtrTzCA8ge9dFargfxQeO-_bLn2Y-xW1LzIQmFsriMnetVoLj6moacht8OCSAeYu_w4QKmZyPRIEJ8NNHgBveJmRtu5njLPyNqhBBAdHS2MTNVFKfyibCUcb1tfKaOJcVyC2qb_Jf4Z4Zn_vuSWUcpYrhVoz5j5v8chUtnwpX9BO-cb7bCTvKALhkqa-DZg2RCJeOU8sO3B9yLPc5bQmSPwf3TrhHdUeN-hPS4YpO9OeafwGQSX7wfkhhw0KGKeCKftWks_deyI8ifjNmTpjv6Se5bQohllxJ48GY92FwnwsjMb-83ajj4PVF7pCFopPNv82CiOcJ7nKb2TuTE8HeUYQ8iTRFmKPHRtPYcIfNfu4CaH5_3FG2JZfDxgGZ0NBV78tFzyHuETEQQp9oGj9cQYb52KgV4z18_SzkuVenDxwhQXHUD6IKhTI4wp8TfUYU1qkBfku4YybG_6U7xc4UYGWRXuysn8kNLwqBytan7wBVKwb0pNVtYyLRuPzk2lb6ydW54rHFYmel8AnkLoMh2qHXavnm4nZMIDE0rZE0or9UmcgMXmj43FZLnf8hg1jJ_7mLz3DFaIqNQWYkwfJsX6H_9pi-NDlemwbEc1quylTPRCnWtQxUcfPUh1EUPrKq8HDk6KuFsc1zXk9hkfOGVJuWkZhK1icfEF8Cz8SaikdnhJ40HiJfqI_488uQMF-sy-mL-yRZhRoPqNNjl2GOVq-R4Goj6YhvwX0ZXqA62QKzy37iXgVJvX8Y8VmSdON8eeC9hjGY3IFWPAYoafOT7z0VweRxvH-NmYO-v2yWHB9zXTJ77oTocrm22t36v-eFI0XbAURzx8S6Wx7XSIk1FJD24MyVrKccumjk5z4xPI9NPm36HRFB7dYMcbasBearaZp_rto0-t2Trufmj2bTfzPVITymuuboDtX3owYFHiQcNIxPXOhEDxcz7L5dbxWqJjJD9fQAacAx-YrFO-9iDyk-PZ2YR-teZsvVFoR3FHlGigywAWLQyL9E8_r2LCCrhlPlwC_gY8k6XkXgnLGwJXAgzxZnrULJdSWy2ghska3qXTinCPL9n3YGhy0KmgMPnczxEM8p7kCoECiY1SKrKvHFxePLnBKrgnufFctF3Ql7IaLK-TCizBh-PpLKm1GuVU26ZXcTtPMUUwgdaOVX2ROFDEuw3oP8x0gOFBE0RzBQ-eHU1isaLIvRBgSz6WZGIUXG1qCDTus6sLzKk-0b6ldLqcT3kbVJWN-8P5wgdjJMkzWvYdxaWvlvnYgH-rXEloruSfRnV-jaJVVU_WkUg90vodvncdEf9yFIf8bbRdgwUR5Cn7VZRC-0rB3xR3R_Ke2NLqdTxaB-VWoHjdpoH7IXB638g62_WGkPXW3gxVaXv7zThet51jTWbA47icwuNVJnjZLX_e5F7T8uL2Gijuke0e-CJTmZLm3BCH0StafBaKqD6nw1NcUWRC_bolGcohazFKyrVa5OJW8T02BExj200G61VEQQJkKRKakWEkyH9oIsO1pccgwYgRQE2YTbAp4AFSAtnMLKs4xtWQosJyvzQiVw520zCgLGObOtDS2x1NrMLrzhxZZHT4oIHqoic8teTWY5eFcMW5rVifYsUQLfNQUe0afZmb41rt-x8bRyhWCzp5oM9MdDW1x1SPB1Iczd4xRZj2jma8CxUzoupASklpXta9dK4TJPIJf-CtmXvLgwbMjjKp722TUTNHZlRhMb6BJNmPcUM7_fON9UuUnWGqGwXWWli7EJbtbZ3clkA5YZB_0H4PMEQoVB2CLspcLNrAmDXmsGol9nwa_PWCiVpWuGUPDHzcipWu1ZPT4p-9r6-L2fIxauOAjlzrTofJGGti-cvfQB4gxxcPJ29hnUQfChEnqIlxPB9pib0cwTiSOqywb43fOsG58m9J629FIdmOxo-een32XOvfKp5EEq50D-Cu-HJ21BvInn0IVpKHAtDDy5LIlB3CP_dpx_lfd8LK7m0k9Pv_o7fHe6WKn3WZkheskJaF4CQSbJVlMq2TZ8UNvP2lXoc78tu_US7okTfeoXULRcFPQsFihXfQmxJv6t7BsubbCKVdkGDB4T8oOBDiR7XHktyOqH5EhEWm0JQFbHGC1iI1y1lcLETq2fs605406A-AM716cTEcLqiByw7cfoiclVR7kpQ6oZKoIenPP5jyryzly4UHx9dINlGN42nX8gruTsiQqgrt7S1P9gP0KEjJUAw8G8uN4pl9ejGBIyPvQD4oBtO39wDa5xc7KQldmOPG7aBIcs-yV3rPhj58And6N-NzB15x40Rat3rjA4cj1pVV4VqMq2pRP3wxnck99kvWokaRvje_VYLnuNZOOv-KDh8gz9AtU9UI7zd1tJeGOAexnwKCaeQUFw6LA2UrhF_slTh4hkv0dkfX1dzDCJpvSeXkHy-Fq0g93Z0KjlKAdbt91aPqfHosNd93gWw3XWJP8Jbgo5I3VXeBZ03l3WwrlFEIf8XmI8Tc0xhxhKWBR23-r-ST-mV5JLUGPEEUy1_PXj8OVC4PR1wK2f-4hGKY0NC-AIlJIN4siuyyNzII5-PKh1r4&cid=CAASJORoibIVDeqjod2qr50xDLERieaFZEbOfO-fZJ6UXxNTK84f4SAN&rfl=1%2Chttp%253A%252F%252Fsmiles.iclou.com.br%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d17e9f4573677f701c55b5c409003537962857c00bde2e34532e7bd3e078baf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30456
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9690
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENvY7KMZh2ODxszrNfPlPsw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENvY7KMZh2ODxszrNfPlPsw&google_cver=1&C=1

43 B
845 B

95ms
62ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENvY7KMZh2ODxszrNfPlPsw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiGrqfSATAB&v=APEucNWsLQ7HItJdymsjFE4S53w3hiC1e6rwOj5xZRVg3ZbDOycvQ_Jb61bqDyzRjpxfOBPNpDc8k6gPdOC4izw5d47QWNjD3ba_sy9bqfF7_cb7IwZOV1wyTQZIiv8ByUQBQsyYr6i5r3iXBGQi3uA_AMrX9F838BDnk9hvV9J-yRfmIc83Hk0
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74cca22f687e9b2b-FRA
pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gC3K6jUBheXOvTYYpKzw1O83RFhGEik%2BsXxQpUfkjAheTRAYgX7gOmIDfSmAKv8vaT7b8SIsymK3KxX2AuwZICGtQxfgCNOHvtz%2FTuokOmLMAjSSVa8%2FERVlK7InXtPeSUiG2FDYJ6GDCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKqVEO%2BscxItH8pD7hKoEJRFdSRubho8LjowOs%2Fjy50piDiJzyxCBbBUYiUPNBXIhrPzTjRQUPgGIr9zrLcoNUqmRQSweV6%2FVPDM0FZ3lp35kfVBsUYnW6K2eKrMn5G8MbiDV1v3BccqIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESENvY7KMZh2ODxszrNfPlPsw&google_cver=1&C=1
cache-control: no-cache
cf-ray: 74cca22edeeb9a2f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9690
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yyd3c5gsDjXXBOFgYrA-sQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENvY7KMZh2ODxszrNfPlPsw&google_cver=1

43 B
850 B

38ms
35ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENvY7KMZh2ODxszrNfPlPsw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiGrqfSATAB&v=APEucNWsLQ7HItJdymsjFE4S53w3hiC1e6rwOj5xZRVg3ZbDOycvQ_Jb61bqDyzRjpxfOBPNpDc8k6gPdOC4izw5d47QWNjD3ba_sy9bqfF7_cb7IwZOV1wyTQZIiv8ByUQBQsyYr6i5r3iXBGQi3uA_AMrX9F838BDnk9hvV9J-yRfmIc83Hk0
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74cca23019a69b2b-FRA
pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FV3mV6oKgVZ4J9kG5konjkXsM2FGZRT4wtxD6rCEr3QN%2FynBzyQ8r%2FUT%2B0x%2Bhr0SOn7rE1baeHaomsDYoyiywLVaRtOGuBAToMZhbjmQQQnaMMWz65%2BhG11MS7v%2BVbjMYtO%2BM0X0qj0HA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENvY7KMZh2ODxszrNfPlPsw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 9690
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFCIp7sUKCgMc4VNd3INu6s&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFCIp7sUKCgMc4VNd3INu6s%26google_cver%3D1

43 B
1 KB

39ms
30ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFCIp7sUKCgMc4VNd3INu6s%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiGrqfSATAB&v=APEucNWsLQ7HItJdymsjFE4S53w3hiC1e6rwOj5xZRVg3ZbDOycvQ_Jb61bqDyzRjpxfOBPNpDc8k6gPdOC4izw5d47QWNjD3ba_sy9bqfF7_cb7IwZOV1wyTQZIiv8ByUQBQsyYr6i5r3iXBGQi3uA_AMrX9F838BDnk9hvV9J-yRfmIc83Hk0

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:54:27 GMT
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f1b241f0-3dc9-40c5-993e-04ecc6f1e85a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:54:27 GMT
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8e4da327-e3a2-4563-8f12-c74fd0caa131
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFCIp7sUKCgMc4VNd3INu6s%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9690
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYzMzcyOTEzMzA3NTAyMTM5MQ%3D%3D

170 B
188 B

43ms
34ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYzMzcyOTEzMzA3NTAyMTM5MQ%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:54:27 GMT
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f44fdf09-978a-4422-8387-7d2cd9cef1ee
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYzMzcyOTEzMzA3NTAyMTM5MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 4C57 30 KB
11 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aw6-dq9TygauxfYVqrxaLZxsvpXiUVI2HkdmZWSo92lnmmaKQzD0i4PbKVrc7XEqKyexA8vYRkKOdYFPg0jTB8ca98_Q&cry=1&dbm_d=AKAmf-Bo5w7ss909uiB3fu00u6fdfnha70reA0uckAKFb_g0STmQktCpdMEdfdZJGySrBLwpAiy3PDNeRHdcRph1ffsidSS-fAY2J-qQbWjNR7sIQG6_oeQabepOzPMzzbfqBdU1OQDdGMOZa3483obdgpXL_PMlhn7g5DGU9hjfsLYU3mH-ZCfsPbCFbdqj9F62G_U6vfDTnkmaliV0ETcBmLPf1VKEUhfJQj3q3OJ5U0MrAaXmNFhfGjbbgON2AOGVaF7mGt-2YANQWAxVo0iTLHjz32lZV8y3aEtHBg-zATCxwHmBVVa2Z_YPUCppNEbQY4rYDhzWN9-BFVTIPD5kEbpWA5220vW34KDPPQ1xOTTnM2f7pBfTNrPu4o-fL-XohOKlyO2QsXU1-o8acC7Uk2_g1g75svdfk0EZfvShKVSV88lYp4u85JMHSl1Y2haklrrTjZO50PwPQ7Umo2PvuHSSYk4giwiRW8Fr_p9aH-YzYkpcCdLV_JDmI86Eduz2QpJqBb_9ZiPHyHGtzS4ibqG3Qnaq1TtWKO6zq3qrE_YakaNcIqWt-HdE_-iuWW_U20oLtMCELDiUUSD-c-dexX9W78Ohl8ALjTCOvZepEecj3n4zHFCJo4uazuwwfQzYDIpT9imkthChbfEllmMJ2UBricCcw5ot73lA_CLw1MutWIUKvaYRtlHgdtDUftUGQKBEPZWhQEM79gcExuuY5SkVsJq4dq9BqH7PHFN_MPdsiyUq0F2hSnY1Bv3jR0YqO4zmlFNO5hYUrBxNbhENhh-8XoDjpLXba325slT0WdS-9toMORCnWKpgzk77J25nAsTnazSoV1sEhLnZJ8l6lbR44Wt2Pi1JUtrTzCA8ge9dFargfxQeO-_bLn2Y-xW1LzIQmFsriMnetVoLj6moacht8OCSAeYu_w4QKmZyPRIEJ8NNHgBveJmRtu5njLPyNqhBBAdHS2MTNVFKfyibCUcb1tfKaOJcVyC2qb_Jf4Z4Zn_vuSWUcpYrhVoz5j5v8chUtnwpX9BO-cb7bCTvKALhkqa-DZg2RCJeOU8sO3B9yLPc5bQmSPwf3TrhHdUeN-hPS4YpO9OeafwGQSX7wfkhhw0KGKeCKftWks_deyI8ifjNmTpjv6Se5bQohllxJ48GY92FwnwsjMb-83ajj4PVF7pCFopPNv82CiOcJ7nKb2TuTE8HeUYQ8iTRFmKPHRtPYcIfNfu4CaH5_3FG2JZfDxgGZ0NBV78tFzyHuETEQQp9oGj9cQYb52KgV4z18_SzkuVenDxwhQXHUD6IKhTI4wp8TfUYU1qkBfku4YybG_6U7xc4UYGWRXuysn8kNLwqBytan7wBVKwb0pNVtYyLRuPzk2lb6ydW54rHFYmel8AnkLoMh2qHXavnm4nZMIDE0rZE0or9UmcgMXmj43FZLnf8hg1jJ_7mLz3DFaIqNQWYkwfJsX6H_9pi-NDlemwbEc1quylTPRCnWtQxUcfPUh1EUPrKq8HDk6KuFsc1zXk9hkfOGVJuWkZhK1icfEF8Cz8SaikdnhJ40HiJfqI_488uQMF-sy-mL-yRZhRoPqNNjl2GOVq-R4Goj6YhvwX0ZXqA62QKzy37iXgVJvX8Y8VmSdON8eeC9hjGY3IFWPAYoafOT7z0VweRxvH-NmYO-v2yWHB9zXTJ77oTocrm22t36v-eFI0XbAURzx8S6Wx7XSIk1FJD24MyVrKccumjk5z4xPI9NPm36HRFB7dYMcbasBearaZp_rto0-t2Trufmj2bTfzPVITymuuboDtX3owYFHiQcNIxPXOhEDxcz7L5dbxWqJjJD9fQAacAx-YrFO-9iDyk-PZ2YR-teZsvVFoR3FHlGigywAWLQyL9E8_r2LCCrhlPlwC_gY8k6XkXgnLGwJXAgzxZnrULJdSWy2ghska3qXTinCPL9n3YGhy0KmgMPnczxEM8p7kCoECiY1SKrKvHFxePLnBKrgnufFctF3Ql7IaLK-TCizBh-PpLKm1GuVU26ZXcTtPMUUwgdaOVX2ROFDEuw3oP8x0gOFBE0RzBQ-eHU1isaLIvRBgSz6WZGIUXG1qCDTus6sLzKk-0b6ldLqcT3kbVJWN-8P5wgdjJMkzWvYdxaWvlvnYgH-rXEloruSfRnV-jaJVVU_WkUg90vodvncdEf9yFIf8bbRdgwUR5Cn7VZRC-0rB3xR3R_Ke2NLqdTxaB-VWoHjdpoH7IXB638g62_WGkPXW3gxVaXv7zThet51jTWbA47icwuNVJnjZLX_e5F7T8uL2Gijuke0e-CJTmZLm3BCH0StafBaKqD6nw1NcUWRC_bolGcohazFKyrVa5OJW8T02BExj200G61VEQQJkKRKakWEkyH9oIsO1pccgwYgRQE2YTbAp4AFSAtnMLKs4xtWQosJyvzQiVw520zCgLGObOtDS2x1NrMLrzhxZZHT4oIHqoic8teTWY5eFcMW5rVifYsUQLfNQUe0afZmb41rt-x8bRyhWCzp5oM9MdDW1x1SPB1Iczd4xRZj2jma8CxUzoupASklpXta9dK4TJPIJf-CtmXvLgwbMjjKp722TUTNHZlRhMb6BJNmPcUM7_fON9UuUnWGqGwXWWli7EJbtbZ3clkA5YZB_0H4PMEQoVB2CLspcLNrAmDXmsGol9nwa_PWCiVpWuGUPDHzcipWu1ZPT4p-9r6-L2fIxauOAjlzrTofJGGti-cvfQB4gxxcPJ29hnUQfChEnqIlxPB9pib0cwTiSOqywb43fOsG58m9J629FIdmOxo-een32XOvfKp5EEq50D-Cu-HJ21BvInn0IVpKHAtDDy5LIlB3CP_dpx_lfd8LK7m0k9Pv_o7fHe6WKn3WZkheskJaF4CQSbJVlMq2TZ8UNvP2lXoc78tu_US7okTfeoXULRcFPQsFihXfQmxJv6t7BsubbCKVdkGDB4T8oOBDiR7XHktyOqH5EhEWm0JQFbHGC1iI1y1lcLETq2fs605406A-AM716cTEcLqiByw7cfoiclVR7kpQ6oZKoIenPP5jyryzly4UHx9dINlGN42nX8gruTsiQqgrt7S1P9gP0KEjJUAw8G8uN4pl9ejGBIyPvQD4oBtO39wDa5xc7KQldmOPG7aBIcs-yV3rPhj58And6N-NzB15x40Rat3rjA4cj1pVV4VqMq2pRP3wxnck99kvWokaRvje_VYLnuNZOOv-KDh8gz9AtU9UI7zd1tJeGOAexnwKCaeQUFw6LA2UrhF_slTh4hkv0dkfX1dzDCJpvSeXkHy-Fq0g93Z0KjlKAdbt91aPqfHosNd93gWw3XWJP8Jbgo5I3VXeBZ03l3WwrlFEIf8XmI8Tc0xhxhKWBR23-r-ST-mV5JLUGPEEUy1_PXj8OVC4PR1wK2f-4hGKY0NC-AIlJIN4siuyyNzII5-PKh1r4&cid=CAASJORoibIVDeqjod2qr50xDLERieaFZEbOfO-fZJ6UXxNTK84f4SAN&rfl=1%2Chttp%253A%252F%252Fsmiles.iclou.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11717
x-xss-protection: 0
server: cafe
etag: 8998177921611256807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:54:05 GMT

GET
H2 200 11420414016199214931
s0.2mdn.net/simgad/ Frame 4C57 16 KB
17 KB 179ms
24ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11420414016199214931

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14e8a1ea537be446be3d5e2982f4cc35a1f38ce794f63aef1347634132ad56d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:08:49 GMT
x-content-type-options: nosniff
age: 2738
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16345
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 19:26:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Sep 2023 19:08:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 4C57 8 KB
3 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:52:21 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4C57 0
622 B 212ms
71ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-FQSDc7XCyofJ5nphJCaL-sMGMBGlcEDGg63FARlH008U6655oA2GRYiMk9k5jpojz-Yz0i6OyZXS6T12M2Mo9tiFV8H02_EE_RicB5S-YCiAkDTWUqdMgvKOwIlIDHC2b3w6GkPGWaZ3_bTBh2c4Yq6wPKYy6Iy8ui9gOF6pCwMQ_B3ezoplNzryYPZc5tCQche5K18UgN6vrfhG0KE2PFC3ypUWX7ltMHpnO6uY0gfhRt0duzC6XkxXiYonKRwpTA8_8qel2oMyJLvXSYEbIWp97l60YthKEhWmIB5aiapuIM_XjMWGb84Ip3Gb3ls1CDuSh-PTTLImnN_jMW90VBmrxQ2CAdTf52dIWsEueBghhFdMz0cVZxgUyPxpuuXHbRDSHTOVJp4SbGjXh2v_MuWd0YpyrOGs3vO0VzNj7D9aknG9yRN_NeiwhsTD3CtWnp-BTQs4agq71g2PswViNNqGR4F3xOKaSim_StQECm_kh3hgChVARCPk2-3VvwBH6vNaTpHMiD13j14h9WOwLtUZwpenFFMYkHNrWD7NL-b8BH_VJz5WyvwH_M0umj75cz26S-oRqkJGdy4GN4Eh7rx7YmSs1VwwixBH0bKAkWTxXllhqHBU92mPvMVtl3kALni7AvnYrllUzhk0znkSQ6G19IXdyRJVo_wvHSrjRPNUdL3-QbjCnlnEshRPBd5hQ3OXcJai7buD0FqsuLuC84BxYgRcRvh_JbyLMdYowRkV7tcKr-TYD-kKFnxOto5AhEJA62EWKDqX_6zgOYYxxfCgyEMZzzfSRS4s5OvgCvE2GYzXJsKHJfgnftbiQn2oDFmLEIHku9ex7_AFh0tOOtb9SmboUmxDJjq4IeeVcEJTBx6NYL_P5Eli8cfy-nK29YcjiIslhae5okHtgDYwgpRtvViqhtq31Csz51jNAIjGnVvl4PKO_gvH1H8uD1t8fp-4O8caM5BHxGROxxeFO-1kjbTGPHW1YkBBTFJdm5l3trvRLvYPwJGWRG1h1edoNpMIGZQ1dBxNCAjCV4b01VrbQOhFJR549BwyFNjni3hAVCB6GDAJkRm5kW_0TfDiJbEBF7mzf94alIOHwIw-QWG1eJHIBeljHlmpDFVnWv5vKu2xIYXkJMUCFYEjx8AUPmKUEfcrQTljq5nQMzs-5C5pl8CytVCR9-NuBdgsbCxiyQsJeKbTdhdeMkvbTgcXvZDkjtvWuhIrXQ0SvKNBWrsSpkFHmH2JEN9Y_fzU3G7LRgo00210Yb0VfqtydpOLDwKL37PX7Yh1-hqECHmvPtf8Xl9fw5_F8JJDfKZsAgN-qy5yTVNKZq9oU0LJG-rowR-V0P8gFewNeVrd-PYNiBx0rg&sai=AMfl-YQwPubfacS0CobzYf7Yar0IlInKq7JGasnC6k_fpvNy0F3G4MCPpg4WLDS6jd-C_30O0wmHj5JmS4_dKDFo1ZV6H38HkWlJNlHlLbaqOG_gOUeDkf2pLEItJXkPSG8NXsQPDSloFXGDG0KZd3OIL4Sonqx8iAi75nhNP20rmUWGqGx9JukSqUcx05Ow2zWmEoT-76ttTMBfe1PAX6ac2hax&sig=Cg0ArKJSzLGGhSw2tWDDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=1&cisv=r20220914.07392&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 18 Sep 2022 19:54:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4C57 41 KB
15 KB 50ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 07:32:47 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5E02 640 B
316 B 118ms
57ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYwdOZyAEwAQ&v=APEucNXR4-nMylPAkePMo2GSgyLB5JRZHLYHue5rvgXtrZ9X_snZDyBr076Cbtq-ni_lb4ptl-im_0xhbue12Vs5mukkDDdIsQUNXpt6CGHxhSBotkUkxBKvZlqxGmNyzKh95fGz-Fp0xgRwdrMzI7BEInZhwjmXyoxaNKeAWaq75rpX8Ik7k7M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F001 102 KB
37 KB 98ms
86ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B00xSs3zobhpvwWG5-mEsgVbdoVgffpfJJS_ekTZazUB03VFwQSWlEXXMRePdsuiAVfmiy4wlS78GjqvwvDJx0YG-jbuejuxLK-M83R7gSZMYz9_jbuDpykauaEyl8A8Uye-glo31ZTxJF0WQCxRTXEX4n-g&dbm_d=AKAmf-DkIAzBaTYYReXfwKo6OsOrLBHMaG20OAzqvPsxx6WD_A1bGEH-DQUFRcngbUVZubhmqeTLbdwqR9CFFjuhoJvq-GaApLAZArCkqblcshTf8LefaT_Opq2eFEOY0zOpWd0HogL4VxhxYf0s82GcMxIbEbU7LJY-Juf54jURFLnprapaX-EMALNZ8iuThsKX0p0NNdwQvgnqloRICiaRGGw_rPDlURoM0Y6VdWs1J3tmAqMWjGrDvl9T9rwj1F-kV-pYRNBSxzWM0Eum2ABHYz4EgDyvn16GqDMz7xBCMbh8L_ZFz0xfKIwBgLKG9aXfcd7DNkcu3nBah0MriYIBFvXZ60X1DSlQxs_tnZZa6hlLKnSDvSxR47sAYiBd0Kx9VsA__9Y0tpgIZ1ykV9h8YewOo85Wk5YSkpOND7IUeiY0LXSb8xb4054Pb5Yej3qwk8R5O_9XeRd6wCqmVy3RSjJ9S9uX_B5E0HYhUiZe8lMTiBFBthUKhyE9MSZL8upULdUi5Ei1ORBGBYSaDkv4cmZFthAun8UPpyT_IYZa6fZPBuSz51k6P51XXWjjBR3tv68RBKPbrvZ_x3lqKhtDSCvI829CLqgLw_GYStINhESGSnNfGMbdYf4jrlusou0mtmYQBG7OLNpxgBrjwk5A6bOq-RRm3kjZP0OtRe4btefbZzXld5HOS2HbIt-J96FRIltOJbHHmRzLKuhmFLioTXxKFl-YpPGus0QHpQlVAcoNlOnnAurHpy19Egznt0TVD39E7QZOmWCO12gTriQHHQEJyP4KorsF3hafNCZ7RD-rD0cmcVcGJ1nBAJCOR-cgLSPNx5e3aGlua7tnY5zEFtBMEKbVhalEBKE3Yba3sizeWaV-7pqY2qoIFHX93ciAGfR-cXxc2-xZ-3zLcDQsdtPU-G5TyjLqXtptmCNnJX4axq3YAGrbzE6HQ4kf9FkjvNWs1Ombn4pLllAGqv-V3lcCZpLtdp-w-9_NdOKr-rsaVW0Bwik27hK0mH4wkoFS7QrTS7GGpCviWg-rbNEexgpg0B9jBiBXElZtk1GGEOzlOD5a_NSnfJwEmUKpg-6BP7ncdOStv-TDMDwGfqC8HtlAd0osU_F2zURSwKRMYVJV58nWFMKrJAqvg65YDMry13Y7vF68FBN8JrCWOj9w2ujxjrBA-KTYho_7jt1-tZ1VvfofBbZ0QzPM9z4YdYJscBculemG5z4aouwJgUWClJK1xmZZBk1EakkWeuOKZIZcTace0mZy5hi5D8B91t_i_qKIJ7ohh2zmWAZWwYe7C1XPBlUjGv6EyMWhdButhgQ7h4CRy0QXA4JrbqBKgiGtWcJ5KnaGwg1icdnBPNYNPnra-IOgyCAJFPgdyEDBtdsZIFknrUDYyHOvCW_E31oHzrq1qxOCnUDVrm-Qfw8t9iurm0AAj_y_UUzIh8zuLrH7ph53NhcPQctLXOk0QICMBxX0aMHx7c9TswGi73cZ1rRs95aiHEj2zXr6_z6Lh8CRfmOymlFZpoJL_xcynCaYL7gGmGwpacljKXMADezA3jBU1ortCTw7zE5xqxpNBftSW0e90BtmHf1oHjlvu6rB1Gj9atulIjbXnPpJhCIGGwfxzrQDtk33LDy3ESPI0wwBSLY0Z2maW9Q7HBO-fF0m_yRcULLNYbnX7hna4R4jF83kNeMmygWOsTZHh2VfGjA2ptGJoInFaEFN6ewozmKY8wPpl9T7Ve0wiMJlPQAYpn69Mh7cyBl-BevY5n-DlTAnANOK-SUOOLXGPNBIi13gLQ57G3IaiXRKpwq-z6SlbZPK-LKwwQ80ua3XyPRM_-M7kakJi_IP4mhfgjAtw9x3i5qrkRn32pUVX5nqPSrANRfVbZlyUel8Y3B-AJVjehiFkuJmyBeA9g8rxpBswpqHFlgjruyfdXsAJ0gBUnru2UAAC2VsromhGHqO1_j7oKNY3LCZLZxXmXf2LASwMn1Rh6_Ps1a2yYF_edD0G6rydryNDZhBtWemGyB4uAb7uUr-igbf9NKU0NPMg5y4m2pLZ3KV7vSWry47OEsUoF-b8BLkURyTrpVpywA5f8DqgEd4p5LE3sCBYfP3vQpekI6uCLCVgiKolqPHa5NDcOndHU7erEqWEhhHawGWtayu_TXdfHz_KfOgojkjVyCQ5DyEJNelcbFbrXS2aiDO1xxKaI7pVhGGFUKiGtZkNVRb7aOpLz01l8z70O90YljVBeOhhJtBqWn886Y7kJejAaMBKuz18a5Pap-nGvhLNecdeeUiQok3YVhv4S8iCmf4sN8-DzHgoO3HYb2Je-g9wXrxetO2nPo90zVKEoKcdiCZpOo9UTpTqkVhsH0_46LUB0gunh6sTRyyGV-EF0Qc3Z70tF3KbA_hrL-UE0651mh6OHt7F0vn1VHOlDrJ0mP20kbmnHykwNC418MOAdrbZPXi49-B-UrLEiG8WiEmLETvZANEt9UJDBzhkerDtW2QEHpMRNcJNo-J69nB-3Kq8QuEC0hsKeA4N1QtMAn-X9QDM2qukhKMZskWXgxhCgdDsVlNumgRLR_snYhWQA9H1yCJczIbCfX49uieZQK6fnGldnCT_aij4xw4WkhmXBHqkoYJVmQ5l4KgisrxSRkcVRsgTyDqNolFxkLYhi3jQdH9Nv_E_fISvZPtSVkdLxHeFpdbb_zi7Q_hDpAv34UjlsD662IKVtODf0aOttUvk9jcw_QPs-eCoktF-0ECUJW6-FB7kxFFBH25pT9nrW5s7MD2RsBROcmrztLsnSxdOjMDEunTqYjIwf53KIR_PuDHYbawCQqumbyA0DfOZ7UCkYVgPQUiSH5J1LfSzqeQlihf1ZLmx_kS0ybOGfFklBwkW7RmVDntyZh2f3tBtSvBT2lzGMZ4ASD-EIlZR3IkAJq2Mi1TSi-FaVZwOUJAuESEY0vGl_S_3HKWLtMQoB_g1In5feqa9DSTAtasqEevmBp4TA4oeNL0DMSR4ckwvk_tz4zCjy2BDh2RizAMZp-Oz6l5Iq_TIfZQ12c1ozkb43qk3mbj4hSLoTnu0y3igXyYi71DRS7_pyRiagpbmI0280ahFvJ0PPALWrP0fW_ZeFxX2kBjcH_7W_psVZNe31KJHBLZCtgH9BKIteHTd4SJ7Cstzys0Qcxrsu-MpVRjq1MzYKHgdVlsFtnRxKmdhZjhcKc_mwRy--Z9GMl5EdY9GAbknf6YvhpTykxEwcen4nRE8wnVfjh0Z-EdbD_BBesUITd4rwCrPuvKmwv9Eoz_LiOQrp6sZLl8IB8qYwNwquxco3xEw57sQrp7lAw3UWJtCfbUW_X1OhzA&cid=CAASJORo0fqHVWSIiD3yC3UUy1Xbaini8jv2fKjrotkOdaeU6NziFSAN&rfl=2%2Chttp%253A%252F%252Fsmiles.iclou.com.br%252F%240

Requested by

Host: contatonline.com
URL: http://contatonline.com/?q0zuHW4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b55b5724dbf14228ca2542b5bc92a2c2f9cf4743355cbbfa695edf4245bf4fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame F001 3 KB
1 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:46:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:46:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame F001 17 KB
7 KB 70ms
47ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:39:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F001 0
0 78ms
53ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJhCM_6HunScWXpazyCYj1oOp--hYzGBvKGHAj8AmHh_fr4lqu2J_idR3HbkQa1BNHEHUuJMXiHdus6fPakeDC9vLySg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F001 141 KB
44 KB 83ms
60ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:54:26 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F001 42 B
63 B 84ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-APj36YjHQn6J7HRI_ugU3c5Cb4ShflRg5IucINwGXudJKsdBL9KBtmqfbuvUYnVlKJbmO67fWeQ-9Fj_QSUh3CqEfWobekuw2npZ9eAe6CdFltmVU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C006 1 KB
749 B 76ms
28ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15762
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Mon, 19 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4C57 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c6fe93ffc69db5402b8ad227b626892eba9073d681e842df84b0cb82e4171e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DF54 22 KB
8 KB 27ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 476500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 07:32:47 GMT
expires: Wed, 13 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame C006 35 B
463 B 118ms
24ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEMtutDgGK72yQaqbZls8N8&google_cver=1&google_push=AZmPxg9g_ZMH3IWkjHczRvX9p9O21DrmWr_WMVTnvM6K3R7nijGPUosiFtdG7YJJyoSTUaz7cyzaKmEiqK5qA_Aoj7SWe9G1qUEG

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C006
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEPEgoJFETPjFaIX2NGyZ94c&google_cver=1&google_push=AZmPxg8qWHOgPtPKDhB5PGB3qUsFlHB6J9DkEenv6HYHZntV-77LqLwi5x07sa8O_QrzecIA7ZdIpyyIWNMdteELU6vSYxdgpwXN
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8qWHOgPtPKDhB5PGB3qUsFlHB6J9DkEenv6HYHZntV-77LqLwi5x07sa8O_QrzecIA7ZdIpyyIWNMdteELU6vSYxdgpwXN&google_hm=Q0FFU0VQRWdvSkZFVFBqR...

170 B
188 B

35ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8qWHOgPtPKDhB5PGB3qUsFlHB6J9DkEenv6HYHZntV-77LqLwi5x07sa8O_QrzecIA7ZdIpyyIWNMdteELU6vSYxdgpwXN&google_hm=Q0FFU0VQRWdvSkZFVFBqRmFJWDJOR3laOTRj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:54:26 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8qWHOgPtPKDhB5PGB3qUsFlHB6J9DkEenv6HYHZntV-77LqLwi5x07sa8O_QrzecIA7ZdIpyyIWNMdteELU6vSYxdgpwXN&google_hm=Q0FFU0VQRWdvSkZFVFBqRmFJWDJOR3laOTRj
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame C006 43 B
351 B 181ms
51ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIIXiEte78tjyhZuIWtlseQ&google_cver=1&google_push=AZmPxg9HV14FVJ0i-jW4Pv3NnE3wZyPypXbYFkKgiMOdYC0kv6VFxPwW1dD9iWi_oWHw0T1w16pXHzb3hia6ezHSubEE1oOw5_Wu
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:26 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: tf21g3nsg0a2rphuaf4hlcfjerq3irkq

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C006 0
166 B 154ms
26ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOzAVf_FMfDAddLCjPHoAzQ&google_cver=1&google_push=AZmPxg-FmvcQOMFTC5FZRNcbNBtpKArphYIwomPnGEKjT9GUJkxj2nUJKkhivFVz9B_Kr_EI79QNLCjyMP7_SgxPiMvPZ1ZCoJQF
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C006
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC70bdQ8_U_YYxAOp6Kgl4Y&google_cver=1&google_push=AZmPxg-L-rxoICW1OyyjxG9xftPvs3FlVOf7OHRaM28mSxc4oX5qcymHuQ1SVGyOdrKj42-3UIz...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg3UkJTMjAtMVctOVZK&google_push=AZmPxg-L-rxoICW1OyyjxG9xftPvs3FlVOf7OHRaM28mSxc4oX5qcymHuQ1SVGyOdrKj42-3UIzIY98mQjz2kIOHWALndHB5o429

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg3UkJTMjAtMVctOVZK&google_push=AZmPxg-L-rxoICW1OyyjxG9xftPvs3FlVOf7OHRaM28mSxc4oX5qcymHuQ1SVGyOdrKj42-3UIzIY98mQjz2kIOHWALndHB5o429

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg3UkJTMjAtMVctOVZK&google_push=AZmPxg-L-rxoICW1OyyjxG9xftPvs3FlVOf7OHRaM28mSxc4oX5qcymHuQ1SVGyOdrKj42-3UIzIY98mQjz2kIOHWALndHB5o429
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C006
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_hm=Yyd3c5gsDjXXBOFgYrA_sQAABLsAAAIB&google_nid=index&google_push=AZmPxg8Je02ZMB47y8WLtzEYmQoY0jcgSH2Hi...

170 B
188 B

57ms
31ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_hm=Yyd3c5gsDjXXBOFgYrA_sQAABLsAAAIB&google_nid=index&google_push=AZmPxg8Je02ZMB47y8WLtzEYmQoY0jcgSH2Hi8xRzEHFRpJHquz0iNJfzrv9Zj5BJqCJTWfd2aBLIs20Wv8zK0DcGXG9-g70oOs

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7QAdEiVQvDeVDTuePfpEMn2ZH9c9Yq%2FSmi29dJ%2FUbC7kcU3iOMYAj%2FW1SVvp4gE%2Bf7VI%2BCh5%2FjVr%2FKgaR7cmoFiaNuayRZVNgNc3A0TKB3raz5E74EE%2BYTNLFhpN0yqDKxx%2BIoTWAooRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_hm=Yyd3c5gsDjXXBOFgYrA_sQAABLsAAAIB&google_nid=index&google_push=AZmPxg8Je02ZMB47y8WLtzEYmQoY0jcgSH2Hi8xRzEHFRpJHquz0iNJfzrv9Zj5BJqCJTWfd2aBLIs20Wv8zK0DcGXG9-g70oOs
cache-control: no-cache
cf-ray: 74cca2308f1c9944-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame C006 43 B
295 B 466ms
37ms Image
image/gif 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEH-uuYaqCKW0V5GJBYgAqi0&google_cver=1&google_push=AZmPxg_Vk-nqN0Uf3mAAE5EFt-89ZdjcW7uWcS6A-lrdJsXHM58MgXhQwfc_h7RuQ7IcWTUKOa_o74gMISmU_bOvytkEvpypDMUD
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C006 0
12 B 84ms
33ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKvDSXMXTyhyqNmAdLyerhDc8O-QNdlp_2CU2pZtipDSB1Hn3H_MzEpzN_pJKwGmUjy2Vw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=2873711921&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=1&bdt=1983&idt=0&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=849&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=Dfnog6vFxF&p=http%3A//smiles.iclou.com.br&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/886862/62195610/ Frame F001 237 KB
71 KB 261ms
48ms Script
application/javascript 34.247.139.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/886862/62195610/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: contatonline.com
URL: http://contatonline.com/?q0zuHW4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.139.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-139-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9055bcafc18be977d98348f51b6c0e7a55c62febc4d9a83de16dfc31267e58aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F001 170 KB
59 KB 94ms
26ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: contatonline.com
URL: http://contatonline.com/?q0zuHW4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 09:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 19 Sep 2022 09:59:29 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame F001 8 KB
3 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B00xSs3zobhpvwWG5-mEsgVbdoVgffpfJJS_ekTZazUB03VFwQSWlEXXMRePdsuiAVfmiy4wlS78GjqvwvDJx0YG-jbuejuxLK-M83R7gSZMYz9_jbuDpykauaEyl8A8Uye-glo31ZTxJF0WQCxRTXEX4n-g&dbm_d=AKAmf-DkIAzBaTYYReXfwKo6OsOrLBHMaG20OAzqvPsxx6WD_A1bGEH-DQUFRcngbUVZubhmqeTLbdwqR9CFFjuhoJvq-GaApLAZArCkqblcshTf8LefaT_Opq2eFEOY0zOpWd0HogL4VxhxYf0s82GcMxIbEbU7LJY-Juf54jURFLnprapaX-EMALNZ8iuThsKX0p0NNdwQvgnqloRICiaRGGw_rPDlURoM0Y6VdWs1J3tmAqMWjGrDvl9T9rwj1F-kV-pYRNBSxzWM0Eum2ABHYz4EgDyvn16GqDMz7xBCMbh8L_ZFz0xfKIwBgLKG9aXfcd7DNkcu3nBah0MriYIBFvXZ60X1DSlQxs_tnZZa6hlLKnSDvSxR47sAYiBd0Kx9VsA__9Y0tpgIZ1ykV9h8YewOo85Wk5YSkpOND7IUeiY0LXSb8xb4054Pb5Yej3qwk8R5O_9XeRd6wCqmVy3RSjJ9S9uX_B5E0HYhUiZe8lMTiBFBthUKhyE9MSZL8upULdUi5Ei1ORBGBYSaDkv4cmZFthAun8UPpyT_IYZa6fZPBuSz51k6P51XXWjjBR3tv68RBKPbrvZ_x3lqKhtDSCvI829CLqgLw_GYStINhESGSnNfGMbdYf4jrlusou0mtmYQBG7OLNpxgBrjwk5A6bOq-RRm3kjZP0OtRe4btefbZzXld5HOS2HbIt-J96FRIltOJbHHmRzLKuhmFLioTXxKFl-YpPGus0QHpQlVAcoNlOnnAurHpy19Egznt0TVD39E7QZOmWCO12gTriQHHQEJyP4KorsF3hafNCZ7RD-rD0cmcVcGJ1nBAJCOR-cgLSPNx5e3aGlua7tnY5zEFtBMEKbVhalEBKE3Yba3sizeWaV-7pqY2qoIFHX93ciAGfR-cXxc2-xZ-3zLcDQsdtPU-G5TyjLqXtptmCNnJX4axq3YAGrbzE6HQ4kf9FkjvNWs1Ombn4pLllAGqv-V3lcCZpLtdp-w-9_NdOKr-rsaVW0Bwik27hK0mH4wkoFS7QrTS7GGpCviWg-rbNEexgpg0B9jBiBXElZtk1GGEOzlOD5a_NSnfJwEmUKpg-6BP7ncdOStv-TDMDwGfqC8HtlAd0osU_F2zURSwKRMYVJV58nWFMKrJAqvg65YDMry13Y7vF68FBN8JrCWOj9w2ujxjrBA-KTYho_7jt1-tZ1VvfofBbZ0QzPM9z4YdYJscBculemG5z4aouwJgUWClJK1xmZZBk1EakkWeuOKZIZcTace0mZy5hi5D8B91t_i_qKIJ7ohh2zmWAZWwYe7C1XPBlUjGv6EyMWhdButhgQ7h4CRy0QXA4JrbqBKgiGtWcJ5KnaGwg1icdnBPNYNPnra-IOgyCAJFPgdyEDBtdsZIFknrUDYyHOvCW_E31oHzrq1qxOCnUDVrm-Qfw8t9iurm0AAj_y_UUzIh8zuLrH7ph53NhcPQctLXOk0QICMBxX0aMHx7c9TswGi73cZ1rRs95aiHEj2zXr6_z6Lh8CRfmOymlFZpoJL_xcynCaYL7gGmGwpacljKXMADezA3jBU1ortCTw7zE5xqxpNBftSW0e90BtmHf1oHjlvu6rB1Gj9atulIjbXnPpJhCIGGwfxzrQDtk33LDy3ESPI0wwBSLY0Z2maW9Q7HBO-fF0m_yRcULLNYbnX7hna4R4jF83kNeMmygWOsTZHh2VfGjA2ptGJoInFaEFN6ewozmKY8wPpl9T7Ve0wiMJlPQAYpn69Mh7cyBl-BevY5n-DlTAnANOK-SUOOLXGPNBIi13gLQ57G3IaiXRKpwq-z6SlbZPK-LKwwQ80ua3XyPRM_-M7kakJi_IP4mhfgjAtw9x3i5qrkRn32pUVX5nqPSrANRfVbZlyUel8Y3B-AJVjehiFkuJmyBeA9g8rxpBswpqHFlgjruyfdXsAJ0gBUnru2UAAC2VsromhGHqO1_j7oKNY3LCZLZxXmXf2LASwMn1Rh6_Ps1a2yYF_edD0G6rydryNDZhBtWemGyB4uAb7uUr-igbf9NKU0NPMg5y4m2pLZ3KV7vSWry47OEsUoF-b8BLkURyTrpVpywA5f8DqgEd4p5LE3sCBYfP3vQpekI6uCLCVgiKolqPHa5NDcOndHU7erEqWEhhHawGWtayu_TXdfHz_KfOgojkjVyCQ5DyEJNelcbFbrXS2aiDO1xxKaI7pVhGGFUKiGtZkNVRb7aOpLz01l8z70O90YljVBeOhhJtBqWn886Y7kJejAaMBKuz18a5Pap-nGvhLNecdeeUiQok3YVhv4S8iCmf4sN8-DzHgoO3HYb2Je-g9wXrxetO2nPo90zVKEoKcdiCZpOo9UTpTqkVhsH0_46LUB0gunh6sTRyyGV-EF0Qc3Z70tF3KbA_hrL-UE0651mh6OHt7F0vn1VHOlDrJ0mP20kbmnHykwNC418MOAdrbZPXi49-B-UrLEiG8WiEmLETvZANEt9UJDBzhkerDtW2QEHpMRNcJNo-J69nB-3Kq8QuEC0hsKeA4N1QtMAn-X9QDM2qukhKMZskWXgxhCgdDsVlNumgRLR_snYhWQA9H1yCJczIbCfX49uieZQK6fnGldnCT_aij4xw4WkhmXBHqkoYJVmQ5l4KgisrxSRkcVRsgTyDqNolFxkLYhi3jQdH9Nv_E_fISvZPtSVkdLxHeFpdbb_zi7Q_hDpAv34UjlsD662IKVtODf0aOttUvk9jcw_QPs-eCoktF-0ECUJW6-FB7kxFFBH25pT9nrW5s7MD2RsBROcmrztLsnSxdOjMDEunTqYjIwf53KIR_PuDHYbawCQqumbyA0DfOZ7UCkYVgPQUiSH5J1LfSzqeQlihf1ZLmx_kS0ybOGfFklBwkW7RmVDntyZh2f3tBtSvBT2lzGMZ4ASD-EIlZR3IkAJq2Mi1TSi-FaVZwOUJAuESEY0vGl_S_3HKWLtMQoB_g1In5feqa9DSTAtasqEevmBp4TA4oeNL0DMSR4ckwvk_tz4zCjy2BDh2RizAMZp-Oz6l5Iq_TIfZQ12c1ozkb43qk3mbj4hSLoTnu0y3igXyYi71DRS7_pyRiagpbmI0280ahFvJ0PPALWrP0fW_ZeFxX2kBjcH_7W_psVZNe31KJHBLZCtgH9BKIteHTd4SJ7Cstzys0Qcxrsu-MpVRjq1MzYKHgdVlsFtnRxKmdhZjhcKc_mwRy--Z9GMl5EdY9GAbknf6YvhpTykxEwcen4nRE8wnVfjh0Z-EdbD_BBesUITd4rwCrPuvKmwv9Eoz_LiOQrp6sZLl8IB8qYwNwquxco3xEw57sQrp7lAw3UWJtCfbUW_X1OhzA&cid=CAASJORo0fqHVWSIiD3yC3UUy1Xbaini8jv2fKjrotkOdaeU6NziFSAN&rfl=2%2Chttp%253A%252F%252Fsmiles.iclou.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:52:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame F001 30 KB
11 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11717
x-xss-protection: 0
server: cafe
etag: 8998177921611256807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:54:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C4DE 4 KB
621 B 48ms
40ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:00:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 19:54:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 19:54:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame C4DE 2 KB
912 B 45ms
37ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:47:11 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame C4DE 23 KB
9 KB 45ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:44:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame C4DE 3 KB
1 KB 36ms
29ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:46:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:46:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame C4DE 17 KB
7 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:39:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C4DE 0
0 39ms
32ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEdsWm02E65EWY-rUH_xYUbETLyNHCi01htitr9Q_qJC1Glr241srN6hG2rTtvp4NpcqswOOazBAm519YGH0oMBZolPA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4DE 141 KB
44 KB 68ms
61ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:54:27 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame C4DE 33 KB
13 KB 87ms
21ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 14:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 14:45:25 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4C57 0
63 B 64ms
60ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:54:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5E02
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJToLzpikgBvCrH1lB-C24&google_cver=1

43 B
114 B

42ms
36ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJToLzpikgBvCrH1lB-C24&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYwdOZyAEwAQ&v=APEucNXR4-nMylPAkePMo2GSgyLB5JRZHLYHue5rvgXtrZ9X_snZDyBr076Cbtq-ni_lb4ptl-im_0xhbue12Vs5mukkDDdIsQUNXpt6CGHxhSBotkUkxBKvZlqxGmNyzKh95fGz-Fp0xgRwdrMzI7BEInZhwjmXyoxaNKeAWaq75rpX8Ik7k7M
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJToLzpikgBvCrH1lB-C24&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 5E02 43 B
304 B 123ms
35ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYwdOZyAEwAQ&v=APEucNXR4-nMylPAkePMo2GSgyLB5JRZHLYHue5rvgXtrZ9X_snZDyBr076Cbtq-ni_lb4ptl-im_0xhbue12Vs5mukkDDdIsQUNXpt6CGHxhSBotkUkxBKvZlqxGmNyzKh95fGz-Fp0xgRwdrMzI7BEInZhwjmXyoxaNKeAWaq75rpX8Ik7k7M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 5E02
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOPvZIWNcNsNzJsqhXIr3Kg&google_cver=1

23 B
172 B

179ms
84ms

Image
image/gif

2.21.185.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOPvZIWNcNsNzJsqhXIr3Kg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYwdOZyAEwAQ&v=APEucNXR4-nMylPAkePMo2GSgyLB5JRZHLYHue5rvgXtrZ9X_snZDyBr076Cbtq-ni_lb4ptl-im_0xhbue12Vs5mukkDDdIsQUNXpt6CGHxhSBotkUkxBKvZlqxGmNyzKh95fGz-Fp0xgRwdrMzI7BEInZhwjmXyoxaNKeAWaq75rpX8Ik7k7M
Protocol: H2
Server: 2.21.185.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-44.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 18 Sep 2022 19:54:27 GMT
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEOPvZIWNcNsNzJsqhXIr3Kg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 5E02 23 B
172 B 239ms
93ms Image
image/gif 2.21.185.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYwdOZyAEwAQ&v=APEucNXR4-nMylPAkePMo2GSgyLB5JRZHLYHue5rvgXtrZ9X_snZDyBr076Cbtq-ni_lb4ptl-im_0xhbue12Vs5mukkDDdIsQUNXpt6CGHxhSBotkUkxBKvZlqxGmNyzKh95fGz-Fp0xgRwdrMzI7BEInZhwjmXyoxaNKeAWaq75rpX8Ik7k7M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-44.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 18 Sep 2022 19:54:27 GMT
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C4DE 0
0 77ms
71ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cw_2ecncnY8uDE7PG1fAP6taz0AvcxbaDaYLUg5jTDMzHmqb9CBABIJCwhxNglfrwgYwHoAGwuqHXA8gBCakCQyYB0hDOsD6oAwHIA8sEqgTjAU_QMT0Oht5UgJiXsQTXk9rz_RAZYoVIkCgOIGVUtxr1pbKAPBZqOd0AIajyfttJ16IM6Fu-sptjEpq9uXkHOxwnka-u7XYHcXoJvg1IkUv7kHsYH8Vp68PZtLQFM5WgN7xmRbDBoM1iG7JwxzppQzcDcidAq6tP6NtkeP9LtW_blz82h69kR6QzzxOOm8A4FrtGSNlcW0peAhYclY5HLOaOkc8mQj0aMqRI05eXDZR4FMflJHcnSB12Hw-uigwqeeGWxx8f3_R-YQfkMPwRpb3v126lv8FagWvnHiedNepmrmMvwASRq_3kogOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHv9m9YKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCBkQbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=RElN14DWT-4&uach_m=[UACH]&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 18 Sep 2022 19:54:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C4DE 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame C4DE
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

32ms
23ms

Image
image/png

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:38:45 GMT
x-content-type-options: nosniff
age: 382542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 09:38:45 GMT

Redirect headers

date: Sun, 18 Sep 2022 08:06:39 GMT
x-content-type-options: nosniff
server: cafe
age: 42468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Oct 2022 08:06:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F001 41 KB
15 KB 42ms
29ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 07:32:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0EF9 1 KB
749 B 43ms
26ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Mon, 19 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F001 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fb20868d8c1d3ec2a7086448d189163ee2487cb07891ad1dc95f26bdb97d67b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame DF54 36 KB
16 KB 35ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 14:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 14:35:25 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 422F 42 B
64 B 68ms
57ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstebNsSv-fDJ0drG5LFDzRviAKQq05mDSkD9gB574zub99I6Q0Avu4eLcVx-gKgOlYSdWhbU_ALWxVrbBSTlEAUGqK_KKnUdSQJZZEBrNHQgQ08FwnjbpjSuLjpQuFMRRQjWr2QGw&sai=AMfl-YTImyZb4vzuetMdJo5cGg4TNk37Gd5o3596UClx5m3T9tt3WtiS0oMUBgZyS3JcgRjz5eDeVboTVvZh&sig=Cg0ArKJSzHzNokirUGiZEAE&id=lidar2&mcvt=1006&p=0,0,280,336&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=291284351&rs=2&la=0&cr=0&vs=4&r=v&rst=1663530864388&rpt=1726&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C8FC 1 KB
749 B 35ms
25ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Mon, 19 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C4DE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eadb73af4f7bc29b2ad5059e863d6531b6639e6f6a238e620c3addbe70da9ceb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 338F 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 476500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 07:32:47 GMT
expires: Wed, 13 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0EF9
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEMtutDgGK72yQaqbZls8N8&google_cver=1&google_push=AZmPxg-C7z9sqvR5X3PJpPv0XQR5yVtU5guhIhEcx2-E3hoH568EGC5qRB...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-C7z9sqvR5X3PJpPv0XQR5yVtU5guhIhEcx2-E3hoH568EGC5qRBgoS7hlowamPzJTvgTYNa3CT5NmNbZN9JeQ2A44LfSYVQ&google_hm=NIAq4kN-0L...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-C7z9sqvR5X3PJpPv0XQR5yVtU5guhIhEcx2-E3hoH568EGC5qRBgoS7hlowamPzJTvgTYNa3CT5NmNbZN9JeQ2A44LfSYVQ&google_hm=NIAq4kN-0LzZoq_x-C1itg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-C7z9sqvR5X3PJpPv0XQR5yVtU5guhIhEcx2-E3hoH568EGC5qRBgoS7hlowamPzJTvgTYNa3CT5NmNbZN9JeQ2A44LfSYVQ&google_hm=NIAq4kN-0LzZoq_x-C1itg
pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 0EF9 0
98 B 135ms
36ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-NSFy0pkOsVYTvexGeZaTvUHbBegIX0Y-q6I6ix4o6S6dm4nFbmGyeQY32oxsMKoP6QMclJJjCwUWXLsQhjjXPiApTT8zHVA&google_gid=CAESEBDRFAqGXtKOtRejyFVZTdI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0EF9
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-idA2N...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-idA2N...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MTgxOTU0MjcwMDA2Nzg5Mjk4NTczMg%3D%3D&google_push=AZmPxg-idA2N7yN8_Lridwrpx7ukrL3o0G1Zuvv3gIoyL6Xhwb5dpBPVP9vSEY0eLvo69i...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MTgxOTU0MjcwMDA2Nzg5Mjk4NTczMg%3D%3D&google_push=AZmPxg-idA2N7yN8_Lridwrpx7ukrL3o0G1Zuvv3gIoyL6Xhwb5dpBPVP9vSEY0eLvo69ilwtVP6NXxcCAurElv5PivPlbnBjfCt0w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MTgxOTU0MjcwMDA2Nzg5Mjk4NTczMg%3D%3D&google_push=AZmPxg-idA2N7yN8_Lridwrpx7ukrL3o0G1Zuvv3gIoyL6Xhwb5dpBPVP9vSEY0eLvo69ilwtVP6NXxcCAurElv5PivPlbnBjfCt0w
pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sun, 18 Sep 2022 19:54:27 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 0EF9 43 B
135 B 41ms
39ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIIXiEte78tjyhZuIWtlseQ&google_cver=1&google_push=AZmPxg_7pMwiSKvWTnuZCF_7jVoVL6lSQtzWEJwqU_w3s5mTz2o733EvRkTMTlJCMTZnx3a4MYTDU80H3W8C9QDo8FiN4MeNgqJ5_w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 0jvu5nr36eagevrthrn0mau3hpmocfbh

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0EF9 0
41 B 39ms
37ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOzAVf_FMfDAddLCjPHoAzQ&google_cver=1&google_push=AZmPxg9xiTCskimsH5qAcjdNe9OydB4UMVfldd12tuABTgCTXxPmHnCvFXYDdOh_2OIHiPtuH0ZOyHL2d5AOOBgANA-8XXlAsfv2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0EF9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC70bdQ8_U_YYxAOp6Kgl4Y&google_cver=1&google_push=AZmPxg-JecbNb-hKDtzXNkYLSAgkvmcN7OFOR68yiHDkuva9zkdU94GaQA-lesNZrKfxH1RggNF...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg3UkJTM0otUy1JN1NU&google_push=AZmPxg-JecbNb-hKDtzXNkYLSAgkvmcN7OFOR68yiHDkuva9zkdU94GaQA-lesNZrKfxH1RggNFIyZv5HoLQ-e4mH1T84BN9NEkGYw

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg3UkJTM0otUy1JN1NU&google_push=AZmPxg-JecbNb-hKDtzXNkYLSAgkvmcN7OFOR68yiHDkuva9zkdU94GaQA-lesNZrKfxH1RggNFIyZv5HoLQ-e4mH1T84BN9NEkGYw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg3UkJTM0otUy1JN1NU&google_push=AZmPxg-JecbNb-hKDtzXNkYLSAgkvmcN7OFOR68yiHDkuva9zkdU94GaQA-lesNZrKfxH1RggNFIyZv5HoLQ-e4mH1T84BN9NEkGYw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0EF9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_hm=Yyd3c5gsDjXXBOFgYrA_sQAABLsAAAIB&google_nid=index&google_push=AZmPxg-HA2pz1ceBaGt63--PX2bAjkCMj7wBh...

170 B
188 B

42ms
42ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_hm=Yyd3c5gsDjXXBOFgYrA_sQAABLsAAAIB&google_nid=index&google_push=AZmPxg-HA2pz1ceBaGt63--PX2bAjkCMj7wBhkwNgFaYh9NYn_NA06Q9ILiSKNseLn3sbYDnihg7xEQ-51ct1TuhaPE-SePmGPj1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfodY6k8TJX6%2BtF1gQWXJ3FJDKuqU1M%2Bxs1vTDHTVBcNct8Hww0OCdEcEWDi70VJpiU7totWNOrekA1f2ZIQMi%2BCSevSmWs48u2OmidicneQgciMFDRR6M2v1P18BIhzsIi1YIvIkvzYvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_hm=Yyd3c5gsDjXXBOFgYrA_sQAABLsAAAIB&google_nid=index&google_push=AZmPxg-HA2pz1ceBaGt63--PX2bAjkCMj7wBhkwNgFaYh9NYn_NA06Q9ILiSKNseLn3sbYDnihg7xEQ-51ct1TuhaPE-SePmGPj1
cache-control: no-cache
cf-ray: 74cca22febfb9b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0EF9 0
12 B 34ms
33ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ItKtTiCGiKucRTBpq9TzWeDpN4sHwFQcuKg7iMRpZmE713JV-OQbB33EW8JNGGIfL_wsb_

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 2630 21 KB
4 KB 76ms
30ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

054c480b41dbb8bb1a0db0dd51f85a18dafa9679cd1988d4824f9da3f8aa1215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:27 GMT
expires: Mon, 18 Sep 2023 19:54:27 GMT
last-modified: Tue, 10 May 2022 13:01:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F001 0
27 B 119ms
70ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5VxxRBuV1GVu7Bfg5lt-aG_ju-FT0gdRND54yP3Bt8Eod1hAdy61Z_DUtjeKy5waUeLcDjYZe3OuNUSKti4Ei_GsSTmKe1dOrQLAE7OgTmXTdYVZXMPke5dIu6qS9nDGLupGxlNWkZB4qVsGVSW2JMskYqk5CkhKowAIRvZ0lEpg2M0BTGoNOKrSOVsfHdxcwv5Ks-sUhngvLpRAYfky_Q7Ewu5yGf2KvWZtfmdpqzk4Ddz9vZBZgY_SYRRkV5DcqNSwzhMJU59FLmnyJTVKDVnNxCVjKPYywQo74gbaBEUMihzKRhoqqtgY7f3c9DZE9WC-MW-17M7xkaQls_BdGcFYwz_ui4RjMyIQ1kcW1eHzDSgP8soJMnqQ8zTXfWNtY0HGho0fNu1kQ3QuLsf6hI7h4_p4fqIzhVASDz8ewR3A-NKlutCDhjRAuQ0JNMGzae87f_WxKuVKSHstM5yyyGMDbMWZ_K4RMbsBg2OReDah5hF5PM_J9uLRdyJD-h8bSR6z_XL7OMt9hIbW5s_izrPBtGPaF8aZNRMJ0rqkYXdob2aWuIPsv50Mk-ovPhwSeffn9f4Bn4pjwWBrvwf132MIEXRtjFH02XdCGkR8FlT5zIySqle6vBXsG8_avVT8qxOoWUa_gFYkn2ubze5YRBaSsHx1UMIH7xw2qbAUZ6_eINJyNhz_SW8Y52YratjoNPIqpkS_jXHFPKetn0B-8of_wr5L9bO7DtBJYhfW4La8o04sAZvWJ0PuX23Xzm9dcsQ1opbirr-WL63sSHAPFoMNI0XmiruPT8EMfltMXuI8_EspGFA4Umjo5orMJtlboo3PwE-VVSaEQymJ90jSopbUH60Ub0bvt-BdbXc4DvntIJrBAhUcdnlZLKLVuULpn3YLnmeODa5D230npZ216Gg2cc7v1oeb0OnGD8NZxFnjt7_V9wH-aSQe5Via8nTrB55MPXSt66oKM81dLSo24M_5YwHd_h9RtRLPD4GrL9f1NRcQn8wu-THWmgTzAEl5hVuP-Tr1yW2zY-3vs28HFcnaDDORBRkzNfzB9disIIpwqTOIqJUKEPOReJQOcAs7tG64xlOaAnKHoQgdR1UrP0UF_tBL-G4yE5HdChkXeiyInfrduMPR0elajw4zV6f7C64ULqzIfuvRBDv52qT4_wbYoX9reXURE9gdOziQmxSmkFz8p1yEvXrSm1zIOclR7LUiz8IXDtssStFbNZiG1cWitp4Gh4ouL9qQ74bMQgb_yP3FPxjADwgykB2jLNybctWpkiIR6fAi0G9ELdELO4b9tg8H55HQ&sai=AMfl-YQQ7zTR_1J1ff2QsgLQbgGr-9pyWCvMRolzzxQ_1QGboRFQzUplL384flqLFybscIZt9XZRD19gCpE1JAVsWr8jdXOhOGEIVyM6JfHBeUUb0o7myz6H1y0OKwVTDbvBAXKb1kiEnTz2H1ESSyMeJfWCg5pzclG15Xmrn-_Zb0w8BiCrO15hSnLOviKv2jOVIbU6UCWArUWAZhjfj1Ua3oim&sig=Cg0ArKJSzJmxb-DUsvpmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=164&cbvp=1&cstd=158&cisv=r20220914.74923&adurl=

Requested by

Host: contatonline.com
URL: http://contatonline.com/?q0zuHW4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 18 Sep 2022 19:54:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C4DE 16 KB
16 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 543502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 12:56:05 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C8FC 35 B
210 B 31ms
29ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEMtutDgGK72yQaqbZls8N8&google_cver=1&google_push=AZmPxg_U46Zijwnm2ecv0X4eW0guRYYpC8hDbOZJsh0GZdosqTK7D5HwMpUMELYb-iSdblwnrBLT4w0abMUK1nb-hf8s7Qb8Hm0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8FC
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEPEgoJFETPjFaIX2NGyZ94c&google_cver=1&google_push=AZmPxg-nDSQkqljZDv62ZcxuDOf-yiqNBvls_fsKsyGdYbZTVxqzC3mYCmp465PjlYV5OYDCCWztG0QPLafgFQjct4CYILH3JZ8
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-nDSQkqljZDv62ZcxuDOf-yiqNBvls_fsKsyGdYbZTVxqzC3mYCmp465PjlYV5OYDCCWztG0QPLafgFQjct4CYILH3JZ8&google_hm=Q0FFU0VQRWdvSkZFVFBqRm...

170 B
188 B

46ms
35ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-nDSQkqljZDv62ZcxuDOf-yiqNBvls_fsKsyGdYbZTVxqzC3mYCmp465PjlYV5OYDCCWztG0QPLafgFQjct4CYILH3JZ8&google_hm=Q0FFU0VQRWdvSkZFVFBqRmFJWDJOR3laOTRj

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Sep 2022 19:54:26 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-nDSQkqljZDv62ZcxuDOf-yiqNBvls_fsKsyGdYbZTVxqzC3mYCmp465PjlYV5OYDCCWztG0QPLafgFQjct4CYILH3JZ8&google_hm=Q0FFU0VQRWdvSkZFVFBqRmFJWDJOR3laOTRj
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame C8FC 0
42 B 36ms
34ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9gv-i_mjDsfRbIJ5XETmWGSJgn_So8G3nDBBfhv8Syw0k-HPaZwFO-YJJghxn7xWN30XwP6NM0653RonNYNdNgstSHjg&google_gid=CAESEBDRFAqGXtKOtRejyFVZTdI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C8FC 0
41 B 43ms
41ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOzAVf_FMfDAddLCjPHoAzQ&google_cver=1&google_push=AZmPxg_IXJjWxobxDvw_iz3Wm75QUUT3KrOkPdSep_0b-Jr87wqyZaAmmwGrV_sIqUsIJ15klbN9qAY_NuRL-vIcQXAUfDsKXJg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8FC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC70bdQ8_U_YYxAOp6Kgl4Y&google_cver=1&google_push=AZmPxg9BKwA0zCEkALYReQvmkWyHYLXG99Mp9hI8M1ss0qzN2LQnyRQjEzDyzyn9vSfeRMh_d_J...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg3UkJTNjAtMjQtMVBWRg==&google_push=AZmPxg9BKwA0zCEkALYReQvmkWyHYLXG99Mp9hI8M1ss0qzN2LQnyRQjEzDyzyn9vSfeRMh_d_Jdw8PHy1n0fun3Gh_T-5GNvb4

170 B
188 B

47ms
36ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg3UkJTNjAtMjQtMVBWRg==&google_push=AZmPxg9BKwA0zCEkALYReQvmkWyHYLXG99Mp9hI8M1ss0qzN2LQnyRQjEzDyzyn9vSfeRMh_d_Jdw8PHy1n0fun3Gh_T-5GNvb4

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg3UkJTNjAtMjQtMVBWRg==&google_push=AZmPxg9BKwA0zCEkALYReQvmkWyHYLXG99Mp9hI8M1ss0qzN2LQnyRQjEzDyzyn9vSfeRMh_d_Jdw8PHy1n0fun3Gh_T-5GNvb4
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8FC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_hm=Yyd3c5gsDjXXBOFgYrA_sQAABLsAAAIB&google_nid=index&google_push=AZmPxg_K-LJdRcWelOKMcMnerErSEWDzlyM-H...

170 B
188 B

57ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_hm=Yyd3c5gsDjXXBOFgYrA_sQAABLsAAAIB&google_nid=index&google_push=AZmPxg_K-LJdRcWelOKMcMnerErSEWDzlyM-Hq1i8_VZ9zaXK4QN3yF_BcZLG05UlhrJAzoymNtNDmcI9L9jjD1FSRneyThsklE

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcGKuSNwP%2F5Ws3lkwcVamAnQh3%2BgaxQTw4RrODzcv8uce5QkLrXj0e0073%2BwzdhknUM7ycrzMY%2FElcv2CIctDSO0wk7O%2FjTm%2Bb0KY17RoRGzPAreAGmm3blwcwmgOI0U4cHJFmlAM0va2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELEJb9c_5jWkecN7-itaMC4&google_hm=Yyd3c5gsDjXXBOFgYrA_sQAABLsAAAIB&google_nid=index&google_push=AZmPxg_K-LJdRcWelOKMcMnerErSEWDzlyM-Hq1i8_VZ9zaXK4QN3yF_BcZLG05UlhrJAzoymNtNDmcI9L9jjD1FSRneyThsklE
cache-control: no-cache
cf-ray: 74cca2308f229944-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame C8FC 43 B
296 B 205ms
36ms Image
image/gif 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEH-uuYaqCKW0V5GJBYgAqi0&google_cver=1&google_push=AZmPxg_6LB24CASwZTCuOKxTPqf_G3kDI3OnnDebRba5xbbufRcI7hrrVzJfg7lWhWhd8RKu4yA1FH1wlB5SCRTfiGUmTMBxpQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C8FC 0
12 B 36ms
35ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHFlXGW7Jb8MNK6wgjZFgT9te0YDp5aa332XS4AzLtqpruS3PApgGnUYlJfV1S1WSkIWpK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0221 36 KB
16 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=4015929776&adf=4136276705&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530866&rafmt=1&psa=1&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530866270&bpp=2&bdt=2481&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124%2C336x280%2C336x280&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=3605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs%2CAPxP-9CGIHivbReLmRO0uQNz9X87G3MI8whCawjUhhYFaeOxwVby700hJUX9qwf6KyqrgmOWIGA_rdzUuFxN%2CAPxP-9BRvn_JQIvSL43iiOsz8MLTCHmv7RdEl0q82A3JX3Twoc31WH-KelAgaFDTxOtzBeB-N1SbbIAm0ajve68NSA&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=fPvEb4avb3&p=http%3A//smiles.iclou.com.br&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 14:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 14:35:25 GMT

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 338F 36 KB
16 KB 29ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 14:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 14:35:25 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 2630 5 KB
2 KB 30ms
26ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 21:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1870
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 21:07:50 GMT

GET
H3 200 fonts.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 2630 1002 B
256 B 35ms
31ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 21:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 21:07:50 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 2630 5 KB
1 KB 48ms
44ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7041206683c7b5da4188ef7ed1523815102ac13af21f55c4b04b5fbbe4514ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 21:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 21:07:50 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2630 118 KB
40 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 07:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43407
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 19 Sep 2022 07:51:00 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2630 57 KB
23 KB 52ms
49ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Sep 2022 19:54:27 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 2630 9 KB
4 KB 49ms
45ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 21:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3818
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 21:07:50 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 2630 24 KB
10 KB 50ms
47ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe8853b2397a43e20d55fd377aafeed785c7ae335ed07b4986997b9780f48a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 21:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10567
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 21:07:50 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 2630 17 KB
3 KB 49ms
46ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f13bc08411a45add285949483ee8ab65001f6d7ebaddcfc83d5b2df50a4cde0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 21:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2678
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 21:07:50 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame F001
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/886862/62195610/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_cncnY9...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

35ms
27ms

Script
application/javascript

2600:9000:21f3:f800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8
Protocol: H2
Server: 2600:9000:21f3:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 14:19:14 GMT
content-encoding: gzip
age: 192914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Fri, 16 Sep 2022 14:19:08 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
x-amz-version-id: F9SFrZ64oEGbgZWabg99TABbvOn4m_yP
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: 0DrSm5ZGJLKhblMQDd1b_UFnQpTVc2IMshnuVbSeZDjYbjGKo_9i6g==

Redirect headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame AC71 80 KB
21 KB 105ms
26ms Script
application/javascript 2600:9000:21f3:f800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 11:54:48 GMT
content-encoding: gzip
age: 3484780
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: AWW_qZetjsGtJjZ5tok2RyJTFePe4jrhg4DuTC75ks2pkFcyuz599w==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F001 43 B
215 B 578ms
176ms Image
image/gif 2600:1f13:800:7781:bcb5:4dc8:dc7c:df74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=58164a99-6ace-7852-ef39-8e9a26c2eea0&tv=%7Bc:oB7mAZ,pingTime:-3,time:85,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:85,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thOJZlK+11%7C12%7C131%7C132%7C14%7C151%7C152%7C153%7C16%7C171*.886862-62195610%7C1711%7C1712%7C17131%7C1714%7C181%7C182%7C1831%7C191%7C192,idMap:171*,rmeas:1,rend:0,renddet:na,siq:22%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:bcb5:4dc8:dc7c:df74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:28 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F001 43 B
215 B 574ms
175ms Image
image/gif 2600:1f13:800:7781:bcb5:4dc8:dc7c:df74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=58164a99-6ace-7852-ef39-8e9a26c2eea0&tv=%7Bc:oB7mB1,pingTime:-6,time:87,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thOJZlK+11%7C12%7C131%7C132%7C14%7C151%7C152%7C153%7C16%7C171*.886862-62195610%7C1711%7C1712%7C17131%7C1714%7C181%7C182%7C1831%7C191%7C192,idMap:171*,rmeas:1,rend:0,renddet:na,siq:22%7D&tpiLookup=ao:smiles.iclou.com.br%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:bcb5:4dc8:dc7c:df74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:28 GMT
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F001 0
26 B 61ms
60ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: contatonline.com
URL: http://contatonline.com/?q0zuHW4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:54:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F001 43 B
215 B 550ms
179ms Image
image/gif 2600:1f13:800:7781:bcb5:4dc8:dc7c:df74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=58164a99-6ace-7852-ef39-8e9a26c2eea0&tv=%7Bc:oB7mBv,pingTime:-2,time:117,type:a,im:%7Bsf:0,pci:%7Btdr:82%7D,pom:1,prf:%7BbeA:588,beZ:589,mfA:591,cmA:592,inA:592,inZ:597,prA:597,prZ:604,si:610,poA:612,poZ:635,cmZ:635,mfZ:635,loA:675,loZ:677,ltA:705,ltZ:705%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B111~0%5D,as:%5B111~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thOJZlK+11%7C12%7C131%7C132%7C14%7C151%7C152%7C153%7C16%7C171*.886862-62195610%7C1711%7C1712%7C17131%7C1714%7C181%7C182%7C1831%7C191%7C192,idMap:171*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sinceFw:93,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:bcb5:4dc8:dc7c:df74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:28 GMT
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2630 7 KB
6 KB 65ms
64ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd16dc4cf1dd09237702b619decd81cbfefed9c4f5ddf7f205051a61efa325b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5790
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF54 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bg9QMcncnY8qdL8ur3gPM3puIDwAAAAA4AeAEAg&bg=!jY6ljsrNAAZqQh0mSkI7ACkAdvg8WvqBfm6OCmLz37cehFExXMA2eyzrwtWls_ol7GuPkGn11xSmIgIAAAFwUgAAAAJoAQcKAFbQ-JMgUu6E2ou3KSC_QfmJZS3quof625fGYfCDK8vjK8mdNwfPS4b0s_Y9GC-RR1dPGtlfyy0nc6YXoAj7GVzVVhxyRvpFA8Wq3CfhO1GY0WHRC2n6xpkCzdpiRtM455eQp0AOXcOYLJ2g4DZSKJJCU8GmZkruEeZxf25v3_7mvrwfgrpaPL1FrCcfsfgB63dkPogQC1IXrzycM0UwmqsDCdeH4qv-pPZ1xM6JEkXSo8E585cViBLvsOC1HCEBaRAXfwmGbaJ3lo_KoPaFAq6YP10WmQFy5fru5_SUIRpexNqUkoOgwm197QvCZ0JSbomJYFASTrxqQ11mDzfSus7C1DAWFHPMakFdmTgpdF9xiKwUXgN0uI1X8AimiX_7tIyocWDyXWAOl-Hjw-KFgIXegdiiQiyF_nVR5_q6bHUJVaLtlSN1-TWaHR53kmwpACBg6moqsquEusfjhDUrWZP07F6MhgRQbL1BXze3I18OzsDP32YG7gaYO43w_fodc1OzPOjuFZ00_eIjZRMslmZMcjDZbv5tD067IaEbpAdUvnGFNmXiTjPau0dqi3fPJ7RvK98LfM-LMZYbp3eQs2lHPUCTZkBpF830wASyqefC7IOP3E6nmHXJEtVJfsfxoZNq41Ep3QyVJTXerzecwQ04HTAlvX5CFB_Is1IJw7P2N0rzr9CaDeoBfUoZfVfbmqOx87uAcqAEVxI90B3aDchYi1Ta7VZ9jgkFd_AJRdGCsfe4YzUVi68MUiWqHH-_EBUBmnl9vGqIbiicmp0dyeKdAzbKLzED-cvAaRqx7FDoeSTV14p23NjVjoRpdXPar7ELuc7FZCt9FVN6ALawxP4epHSSXjFQmnJ4wITjKm5vYPPLolfuVeQ6fkDMyGjdbVbWFDjNAEUC2PK-X-JxUR-YDpRduV8e3cYlLBDMYcCB26wiXk9E_yYfz8mueWAqt7mOtGgBs_fBWVbV7UAyqoy9wYO0kjxaog9xlc61kzkTjYteJQOv4v-yIVNFg8k5q84L00BdtHri26SEwK8evykGolb61qgu8sVxFZ34b4MOvEgwn3lgfg

Requested by

Host: smiles.iclou.com.br
URL: http://smiles.iclou.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2630 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:54:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 338F 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9Zj7cncnY9OaOcur3gPM3puIDwAAAAA4AeAEAg&bg=!AwClAETNAAZqQh0mSkI7ACkAdvg8WucyGfwfZenUdp-6qNifJMNWz9bv7DYszb0xggXIqrCwZMci6wIAAADOUgAAAAJoAQeZAuZH9s6cOxdUGjRDTCgIzWH2b_4tdwkNSDhdsN2jyEWMXPt2De_gULoRbTA7GbKgi-8IiwXf_GGQ-ZemS3zCOoRrh01VC_qU0CBxitcIeXYFvuOl_rWizV_8wJEGi1sAJ4I88g_VaVcBNbkr0cM5jx5odjvc0b5viP1pCAGPwRQwlY9PJoNpr2smaZ2xSnEvBVo8-Ng5sitZJliLKiTZSY7EqGnSLe4qLZOetjeeiljjY1IoIdkfPYY2eemNAwf2tR2LW1snGRUuaAIJwU8RXgyGymBsjlEkOxLTPycbrrfB69rs0o_TYs3MUkrSK8DX97KlPW_VQu_88Dq9rU6N0Sd-pE_xoTTf7RhZLilG4BkMGEFsYanWr4siPLkoRk2eJ2Bsh-hMyKMQQ72Mx741JmN-zg20YUXv0tPbAYAFhHYCMAwWX1m5PR-fxrF81ejhwBFnHBMRZgwb7ve2sN69CcR3qGwoYpySIfKkEJNCx84iNj1PFbCiFp4D_bOyArLYEiEXr0iUbnrDJn_KaHeuqgj_CzHFH03_aBjhnqoKQW6eIUBi-xf2GXSA9ISYp0WtfUZW3W9XNdMHEiy4ZsjS32lECPSN-yacx72ZoLVqgkJ_ZecE_6sCTzbEAOahNvsIsDXmuNtCvPyYRULVb3kP-OP4PEh8r5xpDis2CCKwXicsYe-pFCOtgLmMZiNQZn7kAYTsPdNbVPQshRlzAfJBVGs5O83FbnwQ5qXCLjEqgM8WclvrD3-xnt1N9a7w8pfRUpsr4iVbzxBAh9l-NaiuCanKqMyUOOhusTSmXb0I9pc3wXcmicjPTYgXIGOM62HBa2C8gEBmMAh9T7raiPF7MTIAWjUroaWwJ55lg-nqgEYMzQ7ikZ-7FT11JQen-S5b1ONoWb_U5KnXapvWZURRzoysWV8tKM-j0NgGKKb0SbyWv6lZJpOR6wD6JgfxZD1B3iE4eAdMsXokejs3axq7INVEGVsN_Sce

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d4acf923678c6222aa94/original/ Frame 2630 2 KB
2 KB 27ms
24ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d4acf923678c6222aa94/original/skyblue.png_1650378740125_skyblue.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

802a0ac9c835c0add64067c222d71b52bff0f5cfaafe4b673b1875a68ffaabb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 12:05:48 GMT
x-content-type-options: nosniff
age: 287319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2050
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 12:05:48 GMT

GET
H3 200 Family_2256_1589_1.00.jpeg_1650378740125_Family_2256_1589_1.00.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182abec64d3296ca5bbae30/original/ Frame 2630 18 KB
18 KB 25ms
22ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182abec64d3296ca5bbae30/original/Family_2256_1589_1.00.jpeg_1650378740125_Family_2256_1589_1.00.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86de4fac038edc1323d1432d293e2de6d4b48abe53577cee3f7350a351385d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:01:38 GMT
x-content-type-options: nosniff
age: 129169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18267
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Sep 2023 08:01:38 GMT

GET
H3 200 gradient.png_1650378740125_gradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d3c7f923674455229a97/original/ Frame 2630 2 KB
2 KB 28ms
25ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d3c7f923674455229a97/original/gradient.png_1650378740125_gradient.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64ab062a2a4d62d22170dd14c4a3a566632d1ebf476ab80d27c7c81901209e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 12:05:49 GMT
x-content-type-options: nosniff
age: 287318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2035
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 12:05:49 GMT

GET
H3 200 baseGradient.png_1650378740125_baseGradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d498f923672aa622aa07/original/ Frame 2630 3 KB
3 KB 28ms
25ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d498f923672aa622aa07/original/baseGradient.png_1650378740125_baseGradient.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e16d841b1486b5bd9c69a543084e0f558463ad9bd7ffd8791301367f8a849a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:00:10 GMT
x-content-type-options: nosniff
age: 129257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3232
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Sep 2023 08:00:10 GMT

GET
H3 200 blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame 2630 91 B
116 B 27ms
24ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:00:04 GMT
x-content-type-options: nosniff
age: 129263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Sep 2023 08:00:04 GMT

GET
H3 200 icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 2630 7 KB
7 KB 34ms
32ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/icon1.png_1650378740125_icon1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:00:10 GMT
x-content-type-options: nosniff
age: 129257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7071
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Sep 2023 08:00:10 GMT

GET
H3 200 icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 2630 6 KB
6 KB 31ms
29ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:00:12 GMT
x-content-type-options: nosniff
age: 129255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5901
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Sep 2023 08:00:12 GMT

GET
H3 200 icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 2630 6 KB
6 KB 31ms
29ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 20:10:32 GMT
x-content-type-options: nosniff
age: 344635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6126
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 20:10:32 GMT

GET
H3 200 logo.png_1650378740125_logo.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 2630 3 KB
3 KB 29ms
27ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:08 GMT
x-content-type-options: nosniff
age: 385759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 08:45:08 GMT

GET
H3 200 logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 2630 2 KB
2 KB 32ms
30ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 12:05:49 GMT
x-content-type-options: nosniff
age: 287318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1701
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 12:05:49 GMT

GET
H3 200 blank_-149_-124_1.00.png_1650378740125_blank_-149_-124_1.00.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61813780cac5bddaebde1d40/original/ Frame 2630 2 KB
2 KB 27ms
25ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61813780cac5bddaebde1d40/original/blank_-149_-124_1.00.png_1650378740125_blank_-149_-124_1.00.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d38edfdaff5a3e6cfcccd26f9eed468207f91adf8833e2dd28e8660035492ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=yqsNiwIYqU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 08:00:10 GMT
x-content-type-options: nosniff
age: 129257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1923
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Sep 2023 08:00:10 GMT

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B02 36 KB
16 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 14:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 14:35:25 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F001 43 B
216 B 215ms
173ms Image
image/gif 2600:1f13:800:7781:bcb5:4dc8:dc7c:df74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=58164a99-6ace-7852-ef39-8e9a26c2eea0&tv=%7Bc:oB7mGN,pingTime:-10,time:445,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1663530867917%7C%7C132682ac73bcf4651f7f797afe1f8a09%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7C9c660019740d4835d9963bd6ef4b2105%7C%7C51fa831dd678425a459783f23ee93f83%7C%7C2f0f15d18acbe969713e677221297a48%7C%7C8003a1f13c57a2fd95f266a10a12573f%7C%7Cc740f958fad31b05db58a362d31f4f83%7C%7C1629390669%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=5410211141&adk=2308955421&adf=785591858&pi=t.ma~as.5410211141&w=336&lmt=1663530865&psa=1&format=336x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&wgl=1&dt=1663530865772&bpp=2&bdt=1984&idt=-M&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C1005x124&nras=2&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&psts=APxP-9DhaeT6KotWfpweupLM6aJk70Ej0tt0IL9pJFmDtMbJ37URYWeAiRImmhp8nvwkbHBHxqO2VZxq3u747C6TnA%2CAPxP-9Bpq1R6XvNeTgOssJcrD3ZgntVMmr2-nUE0XNpkmwSCW_sOW0bCeulTM5b_PkTyGMMWh29LBJBoJEFHs8bjkkjkP_tdheNWAJ_dJptYWvs&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=GOeKJUPZsg&p=http%3A//smiles.iclou.com.br&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:bcb5:4dc8:dc7c:df74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:54:28 GMT
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H/1.1 200
OK printData.php Show response
redirecionador.info/relacionados/aereo/ 7 KB
2 KB 288ms
268ms XHR
text/html 2606:4700:3030::ac43:9016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://redirecionador.info/relacionados/aereo/printData.php
Requested by: Host: redirecionador.info
URL: http://redirecionador.info/relacionados/aereo/requestData.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9016 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash: 4c3d217e121f14401fd4763cb559435eaf76f331644b595fba6465fe34059dc0

Request headers

Referer: http://smiles.iclou.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sun, 18 Sep 2022 19:54:28 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
X-Powered-By: PHP/5.6.38
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obWbs%2FaMtJoOLQ7jplTsq90BvlhRHhNqU71wMeyzGqX9D8YQzJc32Lg5em0W6dxKL7EbI1fC5x6s5Xel8yvf1qtlNzvgjlKjSh%2BAFapqzwWH0ZsD%2F7UJ9VTq8RPpb%2Fd4BVXIKrRMyEGYQanV6EZVQTxc"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 74cca236286d906a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 67ms
67ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b208501c09c82222d4645847ea62944b6f15d66e6e917e34029069c14540bcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 19:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11139
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 19:54:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E955 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 15:20:20 GMT
expires: Mon, 18 Sep 2023 15:20:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3FE7 783 B
534 B 31ms
31ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

60089362d50e3c787cd9c0429490eeefd94f86a7dcd19d9594a352f7f247c30c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rmbmWNp8hx5_5OgocjGAPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smiles.iclou.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-rmbmWNp8hx5_5OgocjGAPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:54:28 GMT
expires: Sun, 18 Sep 2022 19:54:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame E955 36 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 14:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 14:35:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3FE7 0
0 58ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=4177203444710770&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E955 0
12 B 24ms
24ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lxeDDg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK livelo.jpg
redirecionador.info/relacionados/aereo/ 146 KB
147 KB 452ms
451ms Image
image/jpeg 2606:4700:3030::ac43:9016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://redirecionador.info/relacionados/aereo/livelo.jpg
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9016 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3954951fab3308819245253a893dba74d4e3107fb5544392f13712e01b7caf25

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:54:28 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 149972
Last-Modified: Thu, 11 Feb 2021 15:59:44 GMT
Server: cloudflare
ETag: "60255470-249d4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sz8vdy901ZMA7nIJV3AtMALdJ3M5A8Iufermi5i8S96n0tb6NJXjmM%2FU1XQlS1oPfI49w%2BGjHcNNf519nMKzWt0xqVQEIzTZcjI5Z5bxBvvlcxFQB3N71iK%2F0iixEbU%2BzCAgU6ZQ%2F23VXj16lj1AXj7H"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
CF-RAY: 74cca237ed36917d-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK azullinhasaereas.jpg
redirecionador.info/relacionados/aereo/ 35 KB
36 KB 58ms
38ms Image
image/jpeg 2606:4700:3030::ac43:9016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://redirecionador.info/relacionados/aereo/azullinhasaereas.jpg
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9016 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e55453f8187a47dad63c4d8583549a4670733a135ad27e923d83ad3725d94d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:54:28 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 22918
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 36226
Last-Modified: Thu, 11 Feb 2021 15:59:40 GMT
Server: cloudflare
ETag: "6025546c-8d82"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NahHLAx%2FfVmcAITq8IH6GvPOZYmfutcT6zPud6IvN%2BXJrH3yH2nhgxUM3f2phYbjo2hA6N500pdRFqVB1KPofJJTNXl0982pXKvz7dhpkF0q3Qo1eLBMLRA6FRO36kvTxkoglTUsGE2dqa97pyAT5Mk"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
CF-RAY: 74cca2380b589b88-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK petrobraspremia.jpg
redirecionador.info/relacionados/aereo/ 60 KB
60 KB 486ms
466ms Image
image/jpeg 2606:4700:3030::ac43:9016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://redirecionador.info/relacionados/aereo/petrobraspremia.jpg
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9016 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ef1f0738a69cbdef8dd01eaa1d5f01a3887b51637b01edacab04f10a6f2e9d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:54:28 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 60947
Last-Modified: Thu, 11 Feb 2021 15:59:39 GMT
Server: cloudflare
ETag: "6025546b-ee13"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQIsAcw8n6QgoMfSHQXL1oEl%2FW7F6c1tlYEJjNPa3ZK6iKTrDAdrK30NrK7GLLJi%2BAvaCBKtuw4ANJelKq8oAw7o4BxSb9yf1%2FRsbDk1rU2q%2FCCw5CPagiDyog5ZvcwMlU2J85ps1pfPP%2BvMIYUQiQPG"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
CF-RAY: 74cca2380be65b8c-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK smilles.jpg
redirecionador.info/relacionados/aereo/ 46 KB
47 KB 81ms
59ms Image
image/jpeg 2606:4700:3030::ac43:9016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://redirecionador.info/relacionados/aereo/smilles.jpg
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9016 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0480d5a0a6710fa9b3636c890beda2f7a057d3ad3e01facda4486ba8b6066d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:54:28 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 22918
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 47112
Last-Modified: Thu, 11 Feb 2021 15:59:39 GMT
Server: cloudflare
ETag: "6025546b-b808"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgl9tf3ulcccy0ayi%2F17npUG48SDh%2BaHCI3W30qYlKWuKH5M25kg8k4eZuwYBYSLUvMt0apY1lS0SIoCIOgzSkt4fHeYijO7KwP%2BL2%2BG4IlEDIEgGWqjU1T3525wyrbVNPWT5c8eN%2Fy%2ByWCHeTYAmjQs"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
CF-RAY: 74cca2380b74929c-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK latamcargo.jpg
redirecionador.info/relacionados/aereo/ 53 KB
54 KB 498ms
476ms Image
image/jpeg 2606:4700:3030::ac43:9016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://redirecionador.info/relacionados/aereo/latamcargo.jpg
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9016 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fe983c6bb37456c846ef1d5224c2b04b191518fe21432d2962460f0f516e8c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:54:28 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 54159
Last-Modified: Thu, 11 Feb 2021 15:59:42 GMT
Server: cloudflare
ETag: "6025546e-d38f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcmHcgS072cEDxqpkZM0ufGlcIkKfPtFPDPIyOSEDYXjsLQ5XtBKxs1OojwTHG9rvov2rKvVQuAT%2FZcru6QP7VOCxnE4sdwe0trdI1N1D8PoEQwPUcTeK7r0hJfjZbh7%2B%2BzFt8rj9atSx22p967Jxq5F"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
CF-RAY: 74cca23809b59208-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK voejet.jpg
redirecionador.info/relacionados/images/ 112 KB
113 KB 475ms
454ms Image
image/jpeg 2606:4700:3030::ac43:9016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://redirecionador.info/relacionados/images/voejet.jpg
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9016 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711d406e599b1434376708ae019fa188106c48bdc73b5a6d5b50855f9030dfa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 19:54:28 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 115187
Last-Modified: Sat, 21 Sep 2019 14:23:54 GMT
Server: cloudflare
ETag: "5d86327a-1c1f3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gx1ZH5V7QHJ8FtcJBCccJC2C%2FwJs2Cwoh%2BNdvYVkDi8SOCCRZwVAzqZwTfxyNbTb35%2BWcxrCozjOii5%2FFVE47ARMmtToS%2B2ibF5S9Jmjnw%2FgnFJ1Q6rkOJMF8RN38yRgUqFHWueb0Bv2L90D66CCV8b8"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
CF-RAY: 74cca2380e375c85-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 64ms
64ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=4177203444710770&bg=!GRqlGl7NAAZqQh0mSkI7ACkAdvg8Wp9nZF_d0O1v_pwGHX3FYEI-sG4wE1gsEA3LILqMd9RSSWpY4wIAAAB-UgAAAANoAQeZAqj37u4BUB3qvLqgjPoQo5vHyK5LfNh_GLUwFSUhDW9BtYyQQN6X4c0dRxL7WksiD13HKjoypPzwT354nz4s-O-OXo9xakFXQAcaWFnh3MrX9MSpVE3mZWQ7a0Czhei7kOxRD2mNtdwj_yIk4pT_t8eM1k_7ZHBEGMbeoQh0pFNnsazTbLwfZ2bGdCWFSLK9ok1Nxo-aUwYfPro4OSW7ltYgpqH7Ke_oSOBB0AFzz_PyECNPMqncN5NAH-rKqMgCwJuUDsfZ0550ID63M6HXWvkLvILS9Z_rEvbCbrLcw61nUTF5BmR1kDCsiDjSGfQ48e1X2cjYni3MJ1A4u3hBkS3eU2Fu_u2Df15CO9aBRQgltRftGvSEJ7kO0MWymn20ZeB0r6BNDtXX0g7Xo8yL2LTArUE3WaHMAesccvxL2O3x8kzMI-4KM9_v0f_--ORZJxVHKJyfaX-Mdhx008B_S9Olf2hKViItHuZSmhKqoghJo56UqRQOcCBdeOFu6XiMBWHP9nWWHyHXiI_9ZRRx8J7eWYnQL7goZgCx8kZruyrYwYrccooQHT8PTxNQwMpR_aqfk_bAJCu7kqic3RBlZyoOXvQ1c5lklF0YMeiSaym_Ml1_1YkPoR6_2x-FDl1ddGe-wExiPRhGUL3FjIY8yVccSRhxA0zmUkpAoDkqohzSaZd_kJwpmViS1Urm6IpOxyU8FV3pwUMphIaSBFSf3KqdLKsxZFe_bmXO4ceGrfHBWa2mPE3U5TI0NrxDfacmZwxQ1AMu8UvC1LpBvpdQ8-8qBXfL1iXhWD56-QNr-Y024kl_6CoJAKEV3LK2ViGFOWY7uwBEmBmuBLG4IRufpXp69tmjUMWOj9rHXFHvBUxtPBrwe_CrTyqRHCedKWnE4KnHVqjxKYasSA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://smiles.iclou.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.iclou.com.br/	1970-01-20 15:27:06	Name: __gads Value: ID=51cf6fc53a7141f9-224c857825ce0051:T=1663530864:RT=1663530864:S=ALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw
.doubleclick.net/	1970-01-20 06:05:34	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 15:27:06	Name: IDE Value: AHWqTUlN7I1D4-PhiY1U7OSlTW7Pbuxjd84BxPGHFxd2q0Hq2Qy_sEswNgPfoZ3-kB4
.adnxs.com/	1970-01-20 08:15:06	Name: uuid2 Value: 6953020835600599983
.quantserve.com/	1970-01-20 08:15:06	Name: d Value: EC8BCQGQJ4EA
.quantserve.com/	1970-01-20 15:35:45	Name: mc Value: 63277773-1cc8d-29ab1-0f264
.adnxs.com/	1970-01-20 08:15:06	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In>ri@j6!]tbPl1M>e)ZlrFUfJ+tGXxp2_^.n:IR%Ckat7qKUx^eYZiLI._/$SLJ*diQ3If)y3KL9D3I?+Vg<0bQ
.agkn.com/	1970-01-20 14:51:06	Name: ab Value: 0001%3AoBvQCw8k65q94wIg9FazBcqbGwxq6YdM
.casalemedia.com/	1970-01-20 08:15:06	Name: CMPS Value: 1116
.casalemedia.com/	1970-01-20 14:51:06	Name: CMID Value: Yyd3c5gsDjXXBOFgYrA-sQAA
.casalemedia.com/	1970-01-20 08:15:06	Name: CMPRO Value: 1211
.agkn.com/	1970-01-20 14:51:06	Name: u Value: C\|0CEAqujPzKroz8wAAAAABAQ13AQEAAQpAAAAAAA
.casalemedia.com/	1970-01-20 08:15:06	Name: CMTS Value: 1195
.innovid.com/	1970-01-20 08:15:06	Name: uuid Value: 2f2d065f-6436-4e22-85ef-9accac32ee28-20220918 15:54:27
.e.dlx.addthis.com/	1970-01-20 15:35:45	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:35:45	Name: na_id Value: 2022091819542700067892985732
.addthis.com/	1970-01-20 15:35:45	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:35:45	Name: uid Value: 63277773e6fd45f2
.addthis.com/	1970-01-20 15:35:45	Name: ouid Value: 63277773000126d5e58a8c3b6f529f738d7b3ca2c99c3002ec6a
.dlx.addthis.com/	1970-01-20 06:48:42	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 06:48:42	Name: na_sr Value: 20220918
.dlx.addthis.com/	1970-01-20 06:05:30	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 06:48:42	Name: na_sc_e Value: 0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530865&rafmt=1&psa=0&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530865067&bpp=2&bdt=1278&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rrIcTwXTYQ&p=http%3A//smiles.iclou.com.br&dtd=15 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1838989884782542848/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=8876164503&adk=530165087&adf=4093038968&pi=t.ma~as.8876164503&w=770&fwrn=4&fwrnh=100&lmt=1663530865&rafmt=1&psa=0&format=770x280&url=http%3A%2F%2Fsmiles.iclou.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663530865067&bpp=2&bdt=1278&idt=2&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51cf6fc53a7141f9-224c857825ce0051%3AT%3D1663530864%3ART%3D1663530864%3AS%3DALNI_MacDtVFJJsGADAXPyPPyk4RKnVWSw&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=8337573679129&frm=20&pv=1&ga_vid=1431237964.1663530864&ga_sid=1663530864&ga_hid=1479959542&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=415&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C44767167%2C44772927%2C44769662&oid=2&pvsid=4177203444710770&tmod=343495732&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rrIcTwXTYQ&p=http%3A//smiles.iclou.com.br&dtd=15 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1838989884782542848/index.html".
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-NSFy0pkOsVYTvexGeZaTvUHbBegIX0Y-q6I6ix4o6S6dm4nFbmGyeQY32oxsMKoP6QMclJJjCwUWXLsQhjjXPiApTT8zHVA&google_gid=CAESEBDRFAqGXtKOtRejyFVZTdI&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9gv-i_mjDsfRbIJ5XETmWGSJgn_So8G3nDBBfhv8Syw0k-HPaZwFO-YJJghxn7xWN30XwP6NM0653RonNYNdNgstSHjg&google_gid=CAESEBDRFAqGXtKOtRejyFVZTdI&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cdn.ampproject.org
cdn.jsdelivr.net
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
contatonline.com
cse.google.com
d.agkn.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
redirecionador.info
rtb.openx.net
s0.2mdn.net
smailes.com.br
smiles.iclou.com.br
ssum-sec.casalemedia.com
static.adsafeprotected.com
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
www.google.com
www.googletagservices.com
www.gstatic.com
104.18.18.126
104.18.19.126
104.96.159.57
13.58.124.244
142.250.186.130
142.250.186.162
185.64.190.78
185.89.210.82
2.21.185.44
2600:1f13:800:7781:bcb5:4dc8:dc7c:df74
2600:9000:21f3:f800:8:48e:53c0:93a1
2606:4700:3030::ac43:9016
2606:4700::6810:5714
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:803::200e
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2006
2a00:1450:4001:813::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a05:d01c:1d8:8101:fce4:7d96:66d4:9311
34.247.139.125
34.98.64.218
35.157.16.92
35.186.253.211
35.244.174.68
5.161.90.154
69.173.144.139
027a59371d5c0f42561e42ec25a54917efa5df94a52c805aacb2e05a90926010
054c480b41dbb8bb1a0db0dd51f85a18dafa9679cd1988d4824f9da3f8aa1215
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
0a7cac9b8f0b40c02c190a290f821c12d3a30bdd31f99699c96afb6e011f628b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0e16d841b1486b5bd9c69a543084e0f558463ad9bd7ffd8791301367f8a849a6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13ebcc68ad159f9c1ed01a1d7bab0ae6f56dc4b518609b0ff3a578fc757c8dfc
14e8a1ea537be446be3d5e2982f4cc35a1f38ce794f63aef1347634132ad56d9
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
1abec7217e226089caa2b31a77a893f52ff523f9cd225a6ec686f17a333219b5
1d2ed307afe5105e1c26a08eaf57c26cac8cb17ca3fe43e96170e1293d11e05d
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2c6fe93ffc69db5402b8ad227b626892eba9073d681e842df84b0cb82e4171e2
2fd3ec1c9bbd8649a7df803f56aee470fa259abb0a9b70485cd51c9d1bf77a03
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37b76353198aaa176b818f303090bb4e5bec086effea980f25dd04954535927f
3954951fab3308819245253a893dba74d4e3107fb5544392f13712e01b7caf25
39b68bdf3bc0ac982646c51729d59a2a58f25ed048d089b5e5205f876b392dfc
3b40b457fa316cee42f8a4bc97d77182cc54120e33ffbb8a812c05836501134a
3ea571f67616f2ef7b6acacb2a92cecf6a5035424ce962d971e3f32926202e06
3ef1f0738a69cbdef8dd01eaa1d5f01a3887b51637b01edacab04f10a6f2e9d3
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
418c782cd9a0f004f25873525e400620db28bc9d81b2961e5e6be9faa5a900bb
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
476756d5ca23f4bc0086789ce0af7a810be71053bbfa8ea98aed92cc14f123dc
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2
4aa0aeaa1c8cdb17cba5fffd620642edad90c30336c7fd99edf0d30b0e8bb8ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c3d217e121f14401fd4763cb559435eaf76f331644b595fba6465fe34059dc0
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52045d86fa80dbd0f6839ccebf748682d65e552403591dcc03db5f9d956961bd
522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9
5333868ea85475e3d3b958361e49b85f6156ba53d97fb04cc115849a615c88ba
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5cba838b577f9420fae47716730738211dbe95a130091709a04a9d6d878ace14
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60089362d50e3c787cd9c0429490eeefd94f86a7dcd19d9594a352f7f247c30c
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ab062a2a4d62d22170dd14c4a3a566632d1ebf476ab80d27c7c81901209e36
64c9579197a4a0f024459e23bd6e272f1a8bbec4844bd5f9681632fd47ce3868
659e88497037086f548b785858e67802177b50f906e65ab77c6985841b370cf9
65a2e4c23f2e4acf9d9e132be27bd6aaae0792a8adbb11586b1c7a99e8d89972
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
6a62f9b45ebddbac527c5fc17392bfda464d8b29ce0b049a914ab99541112e56
6d38edfdaff5a3e6cfcccd26f9eed468207f91adf8833e2dd28e8660035492ba
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
6fb20868d8c1d3ec2a7086448d189163ee2487cb07891ad1dc95f26bdb97d67b
7041206683c7b5da4188ef7ed1523815102ac13af21f55c4b04b5fbbe4514ae5
708d5c9dbe4b6a80868cef351b45d31093d8dbe6e658f893be79a485c5879adf
711d406e599b1434376708ae019fa188106c48bdc73b5a6d5b50855f9030dfa5
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
7769053d21c254cf49db5618c91fccd58554d1a13363e6ae2da3ce67cd57e59a
7941ea7681b9f03c1b5d38bbc0b8df51b55e7bc613e94649c80af7fe2575a768
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7d2cdc33a01967787075c67728204819a1c4b23d621bdeb44727fa612a25d585
802a0ac9c835c0add64067c222d71b52bff0f5cfaafe4b673b1875a68ffaabb4
82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
833ac858295688dfc58fe2bed126e486451772dd96af356103c36630eec4038b
866a0115ef55a30b1537266767dc26e175b839ea5d4052ef0c45222ad73f96c8
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
8842d55c7ed6bddca9f29e54a22750272dadb786cb8f6bc7b1e3e337510b2621
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
8a8c742162d4336f7579cc2113eeb132065b6875c822c0f6190c8fde9d04adfb
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b41f53d575b1b7bcb942ec26ed2b2c365fd37862cb72d084453a77e6a454a5b
8d08b723f9f76380504784b82b4d4e5f6c2c0da5ca96207dd44e42f2c0d09db8
9055bcafc18be977d98348f51b6c0e7a55c62febc4d9a83de16dfc31267e58aa
90b9cf02713dbb6610b40f38e7f8567dabd65b0aa3d8101066e55941a000fa91
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9737e1f2d8e8394823b95d1c2ed3db1a65efabeb4eaf36b3d35ed053dff921b9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98a2bc2afc0f4cab2b795ad4073bcb8fb4093f2ef1df15ea4f616864416bc7a9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9fe983c6bb37456c846ef1d5224c2b04b191518fe21432d2962460f0f516e8c4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0480d5a0a6710fa9b3636c890beda2f7a057d3ad3e01facda4486ba8b6066d8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a472fb1d9d44328ccefa63a574ee3d83a331b03ef528f536d96a1274327b1780
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6e55453f8187a47dad63c4d8583549a4670733a135ad27e923d83ad3725d94d
a86de4fac038edc1323d1432d293e2de6d4b48abe53577cee3f7350a351385d5
a89aebbe37aecac32f175404d1f31f2679ca7e801f8cd2a8efd21f4f6c07349a
abbbfa07c65a2fb34217085e3ba9d557553990beb54663d6fa4c7468706c184e
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af929ef76b4bef84d3f7861d43850ff24a4c618edf56122f6366caecb3341d26
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b208501c09c82222d4645847ea62944b6f15d66e6e917e34029069c14540bcb0
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b55b5724dbf14228ca2542b5bc92a2c2f9cf4743355cbbfa695edf4245bf4fda
bd16dc4cf1dd09237702b619decd81cbfefed9c4f5ddf7f205051a61efa325b4
bebac62c953edf0d0ce8dced28607c288ca4e8edc7e52b2703bb45f8014bca3b
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
cb836f0e8d6208a7d542587d20b1a24c3750a4e6a3d3d79516acc4fbdb3f654b
ce302760c9165399e108bb066aee20128ed32555c0201b8b240a9342a61b9847
cf2d49f967e0112be0eb0cab4103cdec4cbf10f49810197750ecea6fbe2ba116
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d17e9f4573677f701c55b5c409003537962857c00bde2e34532e7bd3e078baf0
d3b043ba863292f3238b7d6b5f85ade61ae0d4138bb35b53c3dbde0ff5290714
d57b68fd65fe72f8bff06fb054801a4a7a0f9909321733371d4f664e0b9db62e
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dfe8853b2397a43e20d55fd377aafeed785c7ae335ed07b4986997b9780f48a2
e1f061781dd54ac94ee2245db3b03e2fe1604349e42b857a3e5c982d6cdbb5f7
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42635b7e1672b3d00733caace64929e53df48e9f1804f5b3581072ec1c8b3d0
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ea6d1d75101922eefaf1178a8076ce9dea8e89d1ff2d0bd788e4190512e48a59
eadb73af4f7bc29b2ad5059e863d6531b6639e6f6a238e620c3addbe70da9ceb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13bc08411a45add285949483ee8ab65001f6d7ebaddcfc83d5b2df50a4cde0b
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7da7a3265a7d6f483860c21d4b5447ccbeb23a9652f533cbbea8c2f8ef1c2ee
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

smiles.iclou.com.br Open in urlscan Pro 5.161.90.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

248 Requests

85 %HTTPS

60 %IPv6

27 Domains

42 Subdomains

37 IPs

6 Countries

3406 kBTransfer

6890 kBSize

23 Cookies

6 Outgoing links

Page URL History

Redirected requests

248 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

smiles.iclou.com.br Open in urlscan Pro
5.161.90.154 Public Scan

Screenshot
Live screenshot

Full Image

248
Requests

85 %
HTTPS

60 %
IPv6

27
Domains

42
Subdomains

37
IPs

6
Countries

3406 kB
Transfer

6890 kB
Size

23
Cookies

248 HTTP transactions
10 data transactions