www.olx.com.br Open in urlscan Pro
104.18.12.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mg.olx.com.br/
Effective URL:
https://www.olx.com.br/estado-mg
Submission: On November 17 via api (November 17th 2023, 5:24:50 pm UTC) from US — Scanned from DE

Summary HTTP 339 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 85 IPs in 10 countries across 45 domains to perform 339 HTTP transactions. The main IP is 104.18.12.210, located in and belongs to CLOUDFLARENET, US. The main domain is www.olx.com.br. The Cisco Umbrella rank of the primary domain is 351273.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 20th 2023. Valid for: a year.

This is the only time www.olx.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.65.39.69 18.65.39.69	16509 (AMAZON-02) (AMAZON-02)
1 1	18.65.39.70 18.65.39.70	16509 (AMAZON-02) (AMAZON-02)
1	104.18.12.210 104.18.12.210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:244... 2600:9000:244f:ec00:14:f2ba:2b80:93a1	16509 (AMAZON-02) (AMAZON-02)
27	2600:9000:249... 2600:9000:2490:f800:a:8162:78c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:223... 2600:9000:223c:bc00:1d:c6aa:c6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
35	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
8	18.239.69.125 18.239.69.125	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	104.18.13.210 104.18.13.210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.29.175 13.32.29.175	16509 (AMAZON-02) (AMAZON-02)
5	34.200.105.41 34.200.105.41	14618 (AMAZON-AES) (AMAZON-AES)
2	3.209.92.249 3.209.92.249	14618 (AMAZON-AES) (AMAZON-AES)
2	65.9.66.47 65.9.66.47	16509 (AMAZON-02) (AMAZON-02)
3	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6810:bf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1b32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	52.205.52.6 52.205.52.6	14618 (AMAZON-AES) (AMAZON-AES)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
2	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.215.24.0 52.215.24.0	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 8	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
4	2606:4700:7::... 2606:4700:7::a29f:853d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	23.53.43.97 23.53.43.97	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:211... 2600:9000:211e:b800:16:8db5:30c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.117.162.98 34.117.162.98	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 8	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 6	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
8	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	34.111.186.1 34.111.186.1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1f18:649... 2600:1f18:6494:7800:c8c:9279:d9ef:e8fe	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	23.32.184.198 23.32.184.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	2.19.126.74 2.19.126.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:7::... 2606:4700:7::a29f:863d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 5	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:780... 2a02:26f0:780::210:a440	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.19.105.180 2.19.105.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:994e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
8	5.196.111.64 5.196.111.64	16276 (OVH) (OVH)
1	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2602:803:c003... 2602:803:c003:200::43	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	18.198.226.18 18.198.226.18	16509 (AMAZON-02) (AMAZON-02)
18	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	23.35.229.251 23.35.229.251	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.19.244.218 2.19.244.218	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	() ()
339	85

1 18.65.39.69 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-69.ams1.r.cloudfront.net

mg.olx.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.70 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-70.ams1.r.cloudfront.net

mg.olx.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.210 (None, )

ASN13335 (CLOUDFLARENET, US)

www.olx.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:244f:ec00:14:f2ba:2b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

dsapega.olx.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2600:9000:2490:f800:a:8162:78c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.olx.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223c:bc00:1d:c6aa:c6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.track.olx.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.239.69.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-125.ams58.r.cloudfront.net

img.olx.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.13.210 (None, )

ASN13335 (CLOUDFLARENET, US)

apigw.olx.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.29.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-175.fra56.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.200.105.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-105-41.compute-1.amazonaws.com

lurker.olx.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.209.92.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-92-249.compute-1.amazonaws.com

recommendation.olx.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-47.fra56.r.cloudfront.net

pub.olx.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1b32 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.205.52.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-52-6.compute-1.amazonaws.com

services.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.24.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-24-0.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

13034979.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:7::a29f:853d (United States)

ASN13335 (CLOUDFLARENET, US)

olxbrclassificados.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typhoon.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
locationv2.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.53.43.97 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-97.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:b800:16:8db5:30c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-public.liftoffintl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com

pixel.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.184.10.30 (Poland) 1 redirects

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.186.1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 1.186.111.34.bc.googleusercontent.com

evnt.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6494:7800:c8c:9279:d9ef:e8fe (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

analytics.liftoff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.184.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-198.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.126.74 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-74.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)

segment.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.212 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a440 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.105.180 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 5.196.111.64 (France)

ASN16276 (OVH, FR)
PTR: ip64.ip-5-196-111.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

ut.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.226.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-226-18.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.244.218 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-244-218.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, )

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	763 KB
55	olx.com.br 2 redirects mg.olx.com.br www.olx.com.br — Cisco Umbrella Rank: 351273 dsapega.olx.com.br — Cisco Umbrella Rank: 451826 static.olx.com.br — Cisco Umbrella Rank: 285724 cdn.track.olx.com.br — Cisco Umbrella Rank: 526221 img.olx.com.br — Cisco Umbrella Rank: 303825 apigw.olx.com.br — Cisco Umbrella Rank: 242336 lurker.olx.com.br — Cisco Umbrella Rank: 349150 recommendation.olx.com.br — Cisco Umbrella Rank: 357073 pub.olx.com.br — Cisco Umbrella Rank: 469803	1 MB
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	295 KB
23	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 13034979.fls.doubleclick.net — Cisco Umbrella Rank: 465029 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 154	307 KB
19	criteo.com 2 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4133 gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926 ads.eu.criteo.com — Cisco Umbrella Rank: 10450 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732	200 KB
12	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 105	2 KB
9	creativecdn.com 1 redirects invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139 tags.creativecdn.com — Cisco Umbrella Rank: 7125 us.creativecdn.com — Cisco Umbrella Rank: 3193	9 KB
8	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1611	4 KB
8	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 3362 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776 fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3172 eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com	148 KB
8	insurads.com cdn.insurads.com — Cisco Umbrella Rank: 21212 services.insurads.com — Cisco Umbrella Rank: 17678	53 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 742	149 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	384 KB
6	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 acdn.adnxs.com — Cisco Umbrella Rank: 609	20 KB
6	useinsider.com olxbrclassificados.api.useinsider.com — Cisco Umbrella Rank: 447566 typhoon.useinsider.com — Cisco Umbrella Rank: 165740 segment.api.useinsider.com — Cisco Umbrella Rank: 20413 locationv2.api.useinsider.com — Cisco Umbrella Rank: 21814 hit.api.useinsider.com — Cisco Umbrella Rank: 17758	93 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	20 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	70 KB
5	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 28178 usr.navdmp.com — Cisco Umbrella Rank: 33544 cdn.navdmp.com — Cisco Umbrella Rank: 7255 sync2.navdmp.com — Cisco Umbrella Rank: 55137	6 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	158 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	260 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1523 mp.4dex.io — Cisco Umbrella Rank: 2070	27 KB
3	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 534 ut.pubmatic.com — Cisco Umbrella Rank: 12156	147 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	247 B
3	yahoo.com 1 redirects sp.analytics.yahoo.com — Cisco Umbrella Rank: 1417 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	1015 B
3	byspotify.com pixel.byspotify.com — Cisco Umbrella Rank: 11884 evnt.byspotify.com — Cisco Umbrella Rank: 12020	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665	664 B
3	google.de www.google.de — Cisco Umbrella Rank: 6862 adservice.google.de — Cisco Umbrella Rank: 14376	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	254 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 894	104 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 648	7 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1421	45 KB
1	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 1735	400 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1462	381 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	2 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 4680	12 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2858	906 B
1	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1982	418 B
1	liftoff.io analytics.liftoff.io — Cisco Umbrella Rank: 107814	43 B
1	liftoffintl.io cdn-public.liftoffintl.io — Cisco Umbrella Rank: 293120	7 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1383	5 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	mouseflow.com cdn.mouseflow.com — Cisco Umbrella Rank: 7012	21 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1471	48 KB
1	gstatic.com fonts.gstatic.com	31 KB
339	45

	Domain	Requested by
40	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
27	static.olx.com.br	www.olx.com.br static.olx.com.br
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com www.olx.com.br
20	pagead2.googlesyndication.com	www.datadoghq-browser-agent.com tpc.googlesyndication.com www.olx.com.br 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com www.googletagservices.com
18	imageproxy.eu.criteo.net	ads.eu.criteo.com
9	securepubads.g.doubleclick.net	www.olx.com.br securepubads.g.doubleclick.net cdn.insurads.com www.datadoghq-browser-agent.com 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
8	prg.smartadserver.com	www.datadoghq-browser-agent.com
8	www.google.com	www.olx.com.br tpc.googlesyndication.com 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
8	img.olx.com.br	www.olx.com.br
7	390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	analytics.tiktok.com	www.olx.com.br analytics.tiktok.com
6	ad.doubleclick.net	www.olx.com.br
6	www.googletagservices.com	390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
6	us.creativecdn.com	1 redirects www.olx.com.br tags.creativecdn.com
6	gum.criteo.com	2 redirects static.criteo.net dynamic.criteo.com www.datadoghq-browser-agent.com
6	cdnjs.cloudflare.com	www.googletagmanager.com ads.eu.criteo.com
5	ib.adnxs.com	1 redirects www.datadoghq-browser-agent.com acdn.adnxs.com
5	services.insurads.com	cdn.insurads.com
5	lurker.olx.com.br	cdn.track.olx.com.br static.olx.com.br www.datadoghq-browser-agent.com
4	connect.facebook.net	www.olx.com.br connect.facebook.net
4	cdn.track.olx.com.br	www.olx.com.br cdn.track.olx.com.br
3	csm.eu.criteo.net	ads.eu.criteo.com
3	cat.nl3.eu.criteo.com	ads.eu.criteo.com
3	s0.2mdn.net	390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
3	googleads.g.doubleclick.net	390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
3	ads.eu.criteo.com	390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
3	www.facebook.com	www.olx.com.br
3	region1.analytics.google.com	www.googletagmanager.com
3	c.amazon-adsystem.com	pub.olx.com.br www.datadoghq-browser-agent.com
3	cdn.insurads.com	pub.olx.com.br services.insurads.com
3	www.googletagmanager.com	cdn.track.olx.com.br www.olx.com.br www.googletagmanager.com
3	apigw.olx.com.br	static.olx.com.br www.datadoghq-browser-agent.com
2	eus.rubiconproject.com	micro.rubiconproject.com eus.rubiconproject.com
2	prebid-a.rubiconproject.com	www.datadoghq-browser-agent.com
2	rtb.nl3.eu.criteo.com	390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
2	i.clean.gg	www.datadoghq-browser-agent.com
2	script.4dex.io	micro.rubiconproject.com www.datadoghq-browser-agent.com
2	ads.pubmatic.com	cdn.insurads.com www.datadoghq-browser-agent.com
2	evnt.byspotify.com	www.datadoghq-browser-agent.com
2	mug.criteo.com	www.olx.com.br
2	dynamic.criteo.com	www.googletagmanager.com
2	tags.creativecdn.com	www.olx.com.br
2	s.yimg.com	www.olx.com.br www.datadoghq-browser-agent.com
2	olxbrclassificados.api.useinsider.com	www.googletagmanager.com olxbrclassificados.api.useinsider.com
2	13034979.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.datadoghq-browser-agent.com
2	oajs.openx.net	1 redirects www.olx.com.br
2	aax.amazon-adsystem.com	www.datadoghq-browser-agent.com
2	www.google.de	www.olx.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.datadoghq-browser-agent.com
2	tag.navdmp.com	www.olx.com.br tag.navdmp.com
2	pub.olx.com.br	static.olx.com.br
2	recommendation.olx.com.br	static.olx.com.br www.datadoghq-browser-agent.com
2	mg.olx.com.br	2 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	acdn.adnxs.com	micro.rubiconproject.com
1	rtb.fr3.eu.criteo.com	390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
1	cadmus.script.ac	script.4dex.io
1	ut.pubmatic.com	www.datadoghq-browser-agent.com
1	fastlane.rubiconproject.com	www.datadoghq-browser-agent.com
1	prebid-server.rubiconproject.com	www.datadoghq-browser-agent.com
1	s.seedtag.com	www.datadoghq-browser-agent.com
1	a.teads.tv	www.datadoghq-browser-agent.com
1	mp.4dex.io	www.datadoghq-browser-agent.com
1	cdn.jsdelivr.net	www.datadoghq-browser-agent.com
1	websdk.appsflyer.com	www.olx.com.br
1	micro.rubiconproject.com	static.olx.com.br
1	hit.api.useinsider.com	www.datadoghq-browser-agent.com
1	adservice.google.de	adservice.google.com
1	locationv2.api.useinsider.com	www.datadoghq-browser-agent.com
1	segment.api.useinsider.com	www.datadoghq-browser-agent.com
1	typhoon.useinsider.com	www.datadoghq-browser-agent.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	analytics.pangle-ads.com	analytics.tiktok.com
1	ups.analytics.yahoo.com	www.olx.com.br
1	cms.analytics.yahoo.com	1 redirects
1	pixel.mathtag.com	www.olx.com.br
1	sync2.navdmp.com	www.olx.com.br
1	cm.g.doubleclick.net	1 redirects
1	cdn.navdmp.com	tag.navdmp.com
1	adservice.google.com	13034979.fls.doubleclick.net
1	analytics.liftoff.io	www.datadoghq-browser-agent.com
1	sp.analytics.yahoo.com	www.olx.com.br
1	usr.navdmp.com	tag.navdmp.com
1	pixel.byspotify.com	www.olx.com.br
1	cdn-public.liftoffintl.io	www.olx.com.br
1	bcp.crwdcntrl.net	www.datadoghq-browser-agent.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.mouseflow.com	www.googletagmanager.com
1	www.datadoghq-browser-agent.com	www.olx.com.br
1	fonts.gstatic.com	www.olx.com.br
1	dsapega.olx.com.br	www.olx.com.br
1	www.olx.com.br
339	97

This site contains links to these domains. Also see Links.

Domain
planoprofissional.olx.com.br
conta.olx.com.br
meus-pedidos.olx.com.br
www2.olx.com.br
mg.olx.com.br
ajuda.olx.com.br
compra-segura.olx.com.br
seguranca.olx.com.br
www.facebook.com
www.youtube.com
www.tiktok.com
instagram.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.olx.com.br Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
*.olx.com.br Amazon RSA 2048 M02	`2023-11-13` - `2024-12-11`	a year	crt.sh
olx.com.br Amazon RSA 2048 M01	`2023-03-13` - `2024-04-10`	a year	crt.sh
*.track.olx.com.br Amazon RSA 2048 M01	`2023-03-27` - `2024-04-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-20` - `2024-04-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
tracking.olx.com.br Amazon RSA 2048 M01	`2023-03-01` - `2024-02-03`	a year	crt.sh
*.insurads.com Go Daddy Secure Certificate Authority - G2	`2023-05-01` - `2024-06-01`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.mouseflow.com Cloudflare Inc ECC CA-3	`2023-10-25` - `2024-10-23`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-11-06` - `2023-12-27`	2 months	crt.sh
1589314308.rsc.cdn77.org R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-26` - `2023-11-24`	3 months	crt.sh
liftoffintl.io R3	`2023-10-19` - `2024-01-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
pixel.byspotify.com GTS CA 1D4	`2023-11-06` - `2024-02-04`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
prfx.byspotify.com GTS CA 1D4	`2023-11-11` - `2024-02-09`	3 months	crt.sh
liftoff.io R3	`2023-10-17` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
script.ac E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://www.olx.com.br/estado-mg
Frame ID: 571AD3E97E1416C7EAEB6DA734D9924F
Requests: 166 HTTP requests in this frame

Frame: https://13034979.fls.doubleclick.net/activityi;dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b81v892095748;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.olx.com.br%2Festado-mg
Frame ID: A903883DF265AFB1933FEB5478F2EA5C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.olx.com.br
Frame ID: 58A9E718A7018797023BA0DA7FCBF503
Requests: 2 HTTP requests in this frame

Frame: https://olxbrclassificados.api.useinsider.com/worker-new.html
Frame ID: 9DCF7F51C4B0303B8B6A5E5DFF36A1D3
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.olx.com.br&origin=onetag
Frame ID: 362C0D5B2A4A02D949635B4CC11FCB5F
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b81v892095748;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.olx.com.br%2Festado-mg
Frame ID: 0A1729852D66EA2F5FB81AFF43BC34EE
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 64DAE868E43618EF64F0AABB72DCF204
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b81v892095748;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.olx.com.br%2Festado-mg
Frame ID: 516AA9CA83B080A9A35A1A8E44278E80
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/ad?auid=783361&appId=1984&s=2360&dm=1&is=0&csz=%5B%5D&sz=%5B%5D&ct=%7B%7D&h=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&sid=6899F05E2FB2D822&v=1.14.21b&ts=1700241882159
Frame ID: 12427DE123FA3E2FE20C389142942EAC
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/ig-membership?ntk=Ap9gcVfLhau7Z7L1LJRjlH_8KFILWnu-SGpLFqO7Y9bz0_y4mx-vnifynfvsXUVJDat3nes-5thKenVvQgmkJXFzG0Io5K6mGLK90K_4Ub4
Frame ID: DE1CC472A3206D15A7667153B8DAF973
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/topics-membership?ntk=5hpOI7jg1RaekIrQ5rP6NbM5OECvaigf-xt9YqfEmGdUf2amJaUtToHexMi_YhRXce3s_V_iWm6zxpca2IvMDA
Frame ID: 2C4E3B960BB524E8607417F898028F19
Requests: 1 HTTP requests in this frame

Frame: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BEC907F3F148F91073983CCA54A28E9B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F9A9F41DCD4CCB91B94777FED0B494A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3EFD410B8AE557DF01327EE18B503924
Requests: 2 HTTP requests in this frame

Frame: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 03017DF2F3BFDAF8066BC3FA76D6993B
Requests: 9 HTTP requests in this frame

Frame: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4AE3B7FA2589411C7CFC8824D1AB702C
Requests: 14 HTTP requests in this frame

Frame: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CD4531AB5BD716735A8C2DACB3A6A3AA
Requests: 13 HTTP requests in this frame

Frame: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 48101CC3FA024BCCFE32EC4C3AC1A4D2
Requests: 13 HTTP requests in this frame

Frame: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FA0ABD45E6AD46EC30D3428AFBD921FE
Requests: 9 HTTP requests in this frame

Frame: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B7B49AA31DF35E7B4AA6E70CC68D754E
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeh2wAFSbEGUI16AAekVSF0kDhF1pdS-u8Hgw&u=%7Clo5T2BSvE6SwFpya4b5LViqJrWg7qCEiZmc51YnjxuA%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yLMIlVEtJyUVvlIvkzjr4Hi9mKGctDqo4_EosBq_f39mE0jxpnuyPxwePsAcuuyCoUvdsXZnxxkTr95P_rWlLf4nbqBF8Ac9BFllNGNJeM4fDwhJrFIAzn6aqdGFP_9uy7c1JGGtM2WwaMGiRkuNGZVUYazR3VFVNzV0u9_TA6O0DDJcNyf3z6hxUtK8FUIu4a_08W0ZlbHP7ce4EN28b950ee5DffWT-TSL2sfWyGbieZX4niB3mapuvTSIrSCBrErLQ7bl4ot9Wiwag_yLKUqC76F4dHjXnE-7UcAq7b3-ARuopuzxN-IljiAdC0uvYzWlh-v5ugvKhfRp9n_3rfL4X0LTTiA0aGajaX-cdhloFledWUZm-LqI_HJ1_6Ky_xeuq2UefETT53pxcvX-RtVXsoMbp7n9PHREvcokmDuaFls-Y_QWSq7D2yo5kPEtWQAVhUz4oGtB210_-zN_P-8GprIlrPPmBwgyfcdWRGOIZ_38j9wRvsroZ4VEZE1uejSo3qFs-eovbs-5hyvLGiAF8Wim20KWn5Ta3XFRPmB54Bt45gC-MdqynkUO2Da5K5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZYMV26FXZbGTFfqawuIP1ciegAnJntKxXNWdkfdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTMyNDk0NjI2NjcwNTcxNDPIAQmpAgpl964YNbI-4AIAqAMByAMCqgTqAU_QXd6LfULhLSznWETZgtICjZvcoqRYu3cqrVre7Bqwroi3Fnkc-HwpdVRM2L72JJapmRXwQJaLBYA6V0Ju9O_CEDJigqOfRhVTWfa_eyM6fXBnLuLQtFaPgaOQ0DX0eoMS8KmAQtWy7h5A7qlLDvcPbapJcIm-Z768Qh4E-3VtBbbtkd_GUeWC8zx_EwO8-tSy68YbzeQIzaFjdX8ygnQ30OlXDh8NDonft11ZO3F_8kRsSQ4fP37m6A59GpO7GPLWjvrY2I6DuVgJxXn9xauJqDQuVe-l8TwO6I6w5uE8XUtgIQxX2Jgw4-AEAYAGp8msjb6KmOg9oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHiDRMIuNzvy8bLggMVeo1QBh1VpAeQ0BUBgBcB%26num%3D1%26sig%3DAOD64_1B2g2ZFVwr5iIrpSYfO6bWurhLjg%26client%3Dca-pub-3249462667057143%26adurl%3D
Frame ID: 9BE408A00EA56406CFE68340805C3140
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGKq2lPgBMAE&v=APEucNWDfCTzanhs5FFCCr3VEBx6zg76MPXIK2cD3Kw3HSIMEOGN_44FLQ-wN_rKHoM09lTUSA-bNF5Pz-P5AdjfflvfwH0zaQ
Frame ID: B2AC843E04E45C8808C51FA10D251877
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARidjb_nATAB&v=APEucNV5LOXpB6d-nyf3zxn9-cY7NH6wS0tpoAlLAjRha251wBEK8HASwZ9ngWQlpwEhRWyVNZ5-U1Qf8De5li76mMGIpcevwg
Frame ID: 328FA6849C1A760412C79A9A9B73E544
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=1984&requests=[{%22eaUp%22:%22/73314699/OLX/Listing%22,%22eoId%22:263436899,%22advId%22:39983459,%22ct%22:%22%7B%27pos%27%3A%5B%27web_native4%27%5D%7D%22,%22w%22:728,%22h%22:90,%22eId%22:%22main_olx_listing_5%22},{%22eaUp%22:%22/73314699/OLX/Listing%22,%22eoId%22:263436899,%22advId%22:39983459,%22ct%22:%22%7B%27pos%27%3A%5B%27web_native2%27%5D%7D%22,%22w%22:728,%22h%22:90,%22eId%22:%22main_olx_listing_4%22},{%22eaUp%22:%22/73314699/OLX/Listing%22,%22eoId%22:263436899,%22advId%22:39983459,%22ct%22:%22%7B%27pos%27%3A%5B%27web_native%27%5D%7D%22,%22w%22:728,%22h%22:90,%22eId%22:%22main_olx_listing_3%22},{%22eaUp%22:%22/73314699/OLX/Listing%22,%22eoId%22:263436899,%22advId%22:39983459,%22ct%22:%22%7B%27pos%27%3A%5B%27web_right_2%27%5D%7D%22,%22w%22:300,%22h%22:600,%22eId%22:%22main_olx_listing_2%22},{%22eaUp%22:%22/73314699/OLX/Listing%22,%22eoId%22:263436899,%22advId%22:39983459,%22ct%22:%22%7B%27pos%27%3A%5B%27web_right%27%5D%7D%22,%22w%22:300,%22h%22:600,%22eId%22:%22main_olx_listing_1%22},{%22eaUp%22:%22/73314699/OLX/Listing%22,%22eoId%22:263436899,%22advId%22:39983459,%22ct%22:%22%7B%27pos%27%3A%5B%27web_bottom%27%5D%7D%22,%22w%22:728,%22h%22:90,%22eId%22:%22main_olx_listing_0%22}]&h=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&ts=1700241883908
Frame ID: A36B423F789C39BE08594653E1D89C53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi1_OzzATAB&v=APEucNUDBFDKKsSrFja36Y3Gz1Qn00s28mVWDEJyrvTR6b3qDp9Eu6wsjcnWyaWAwH6U3A_B5eoDiKJ8Sz_SqZhAj_1JHc6T1A
Frame ID: 89444D621B1A08CA173B93EA26A294B0
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeh2wAFSbUGUI16AAekVThAygdSopAqXfbzgw&u=%7Clo5T2BSvE6QtXIa72yi1xc9q%2BgbrfHiKJjwyY8mecRM%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yLMIlVEtJyUVvlIvkzjr4Hi9mKGctDqo4_EosBq_f39mF_W8feyQ9ow_UY7Z28SiGb39yVARuNmcqfreTO7Ihcs5GGE4fMmVQ41Tw_BJ3MllpehR9ZJyteNoKwgGwKGEFyzKPifyFJ6yoY6eyYEjmrvzIJNh060IDBKn3APJ2p-Oga8Hf73LE_JKHX8F3BgdtYws_wWAthlkaMr_drzIHfCL7F2AId6MK1OrNvc3xDJsU796qeGspLRFUJQYRLdLFUclgCFoq_1tTRLiiJ1nSN4KQvXmPAqywRHYfDHaprtgHkfiCciELRYany9n8ABu0hjmgtphR3IovARCj046qHmFNRCBYhEuAQUbCv0BNAJ3c2g62IJ606Lp_JM8pC9quiEinFxxQMgG8cOI6P1JS4Ljiq5UwB6tlj-_Q4wkzLCYfB8X_ZQkP8TO_R2RGS18riwW70RKwv5ijd3jUTkRiHInu5UdYSvhcs3QmyEuYAEaFMc96p7yCtG6vYCSa86zg8fMSc5gK_dVELV0AN_N-uOxJugH8za50-a8xwEOrETRBsnLrOYrrkHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYxra26FXZbWTFfqawuIP1ciegAnJntKxXNWdkfdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTMyNDk0NjI2NjcwNTcxNDPIAQmpAgpl964YNbI-4AIAqAMByAMCqgTqAU_QvHvpIBg5uPEkVn_sJahO4FS1sK2YT-IoJw0MRUN_dOyx03owFmBrqXHdIoqBzdwhhZa-c5Ge6IJjwtlTC9q3_OsKZlEhsZsSeUv4AsrUMUCLm89IJWcZ_3E97ppwTNOfJnXK7SUuuidU4SpQi8WarhZtbIydcd2Lb_1i7VMT_mnIXY9jXq1UZ3Nloi7qs_iUMmDlduQ3eQkyBFJ1KOtB7BDc_lK-I0xcykeBlzRo14kaZI6jWeUIIBjVbs7FQjHitlLacK66GvLLgjW9RdHS-sxgeap3aJHoPFhvrOdfdoHboEqidmJPMOAEAYAGp8msjb6KmOg9oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHiDRMIvNzvy8bLggMVeo1QBh1VpAeQ0BUBgBcB%26num%3D1%26sig%3DAOD64_1x96GiuRxHuLKkfyXjyjmpAC0jVA%26client%3Dca-pub-3249462667057143%26adurl%3D
Frame ID: 5CF0DD1DDB3505D84B0669700A2CE369
Requests: 23 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeh2wAFSbYGUI16AAekVaMzOjDGQ3_riBTTrA&u=%7Clo5T2BSvE6R3zhBB0jSJb6%2BryJ90XmqRE5PTLp1QsrY%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yLMIlVEtJyUVvlIvkzjr4Hi9mKGctDqo4_exTefkQKAimDR_81lgFL9mTcyuhm2VWdIrKFLuK8fuKZZGh0bqTATgm0lPNSua9F7-V18eRJ_h_JirFrgOYZZixdEqYKtnld61oq3B6LIHaEBw2eQ5EmCviU2oAR_-YHOSWxgNZWlaQPTM7dNwQPqt2k7WtMWlYKzHlD6mWMdseXElmTt8NqQVneGqKofnjMa-qrBhs-D9yXLjFEfwN-TK8qcjHlt3L52_pVDUp9odSSLiWp-ul2iVYvpyb4ZZet9oBy0845LXX67G6ZCi0wjz51HARwEojDT-5oRTPECbR6qE7QptMIbAm5gFoXjWJzEUPKlYk2I875uEzA1z9l7SseriUG4O-BYuGsPc4iOzd98B3ph05X8-PYtNzibgojcFM-tBIWYVg7ULELTeMvqCGrDT1kzXmoxt6-RuSJPjDWBNCTbR8wNPIhSf--Tu3IQNLokPvc9qlrWUkOcVomnD8Yif_8SJ3JDPnVaRZbqgQfOJzxTt3IaH75_NHuu9WpAPXDeIN7riI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsmc726FXZbaTFfqawuIP1ciegAnJntKxXNWdkfdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTMyNDk0NjI2NjcwNTcxNDPIAQmpAgpl964YNbI-4AIAqAMByAMCqgTqAU_Qod1bGxp7hhWAN4fxQPTNOyZVPS-EGn6-Urq6Xe_UfJg8jZQsrHMr8oUfG3ZChe6s4s9pCTYdDeo_fzswGV9U88kJaEWA7AityATxQcV8f19Yp5y0Nsr9nTqxnlCDzNHH1hrU6_FyLg6xq51_KQyX1YmYJsJm9X3xPhiOvf8vI3kVm7cn6EkGkwECajgvTIE4P6toQCbnrUw_HR8u411xvjYQ0LkprXtm86dl4sNUIBqyhUwcLxRH51LpRa_ldxaZ9AQ48DnFezvGL9End_h5AIgqDBIEX-iRUlz_ka4Da8Xi_vWx5mDpXeAEAYAGp8msjb6KmOg9oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHiDRMIx9zvy8bLggMVeo1QBh1VpAeQ0BUBgBcB%26num%3D1%26sig%3DAOD64_2sNtUH02RMejB_-lWkdj0PJRzFFA%26client%3Dca-pub-3249462667057143%26adurl%3D
Frame ID: B2B9A600617B52527F2D7F73B934A999
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 182931CA427558C73367153460EBB93D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 20CC16FB010479BF9C32A2561358E480
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4524DD0C59DC86A03823AE4BEFDBEB63
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A6C7145CF934A32AA8F4C2C5AB1EE0A2
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 820CC0369CC8EE00407FA34A60DCB3BD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anúncios em Minas Gerais

Page URL History Show full URLs

http://mg.olx.com.br/ HTTP 301
https://mg.olx.com.br/ HTTP 301
https://www.olx.com.br/estado-mg Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

339
Requests

98 %
HTTPS

49 %
IPv6

45
Domains

97
Subdomains

85
IPs

10
Countries

5024 kB
Transfer

15177 kB
Size

50
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://planoprofissional.olx.com.br/
Title: Plano Profissional

Search URL Search Domain Scan URL

URL: https://conta.olx.com.br/anuncios
Title: Meus Anúncios

Search URL Search Domain Scan URL

URL: https://conta.olx.com.br/chats
Title: Chat

Search URL Search Domain Scan URL

URL: https://conta.olx.com.br/notificacoes
Title: Notificações

Search URL Search Domain Scan URL

URL: https://meus-pedidos.olx.com.br/minhas-vendas
Title: Minhas vendas

Search URL Search Domain Scan URL

URL: https://meus-pedidos.olx.com.br/minhas-compras
Title: Minhas compras

Search URL Search Domain Scan URL

URL: https://www2.olx.com.br/desapega
Title: Anunciar

Search URL Search Domain Scan URL

URL: https://mg.olx.com.br/belo-horizonte-e-regiao/autos-e-pecas/carros-vans-e-utilitarios/renegade-1245016457

Search URL Search Domain Scan URL

URL: https://mg.olx.com.br/belo-horizonte-e-regiao/agro-e-industria/outros-itens-para-agro-e-industria/maquina-de-cortar-mandiocas-e-legumes-1250658269

Search URL Search Domain Scan URL

URL: https://mg.olx.com.br/belo-horizonte-e-regiao/moveis/box-bau-casal-1253724384

Search URL Search Domain Scan URL

URL: https://mg.olx.com.br/belo-horizonte-e-regiao/comercio-e-escritorio/outros-itens-para-comercio-e-escritorio/cabide-acrilico-1-60-1232552134

Search URL Search Domain Scan URL

URL: https://mg.olx.com.br/regiao-de-juiz-de-fora/terrenos/rvca1965lote-terreno-para-venda-com-312-metros-quadrados-em-lourdes-juiz-de-fora-mg-1253743035

Search URL Search Domain Scan URL

URL: https://mg.olx.com.br/regiao-de-juiz-de-fora/autos-e-pecas/carros-vans-e-utilitarios/onix-1-4-ltz-2013-2014-1253743036

Search URL Search Domain Scan URL

URL: https://mg.olx.com.br/regiao-de-montes-claros-e-diamantina/autos-e-pecas/motos/honda-cg-160-start-2023-1253743021

Search URL Search Domain Scan URL

URL: https://mg.olx.com.br/belo-horizonte-e-regiao/autos-e-pecas/carros-vans-e-utilitarios/toyota-yaris-1-3-xl-plus-automatico-1228752717

Search URL Search Domain Scan URL

URL: https://ajuda.olx.com.br/s/tema/sobre-a-olx
Title: Sobre a OLX

Search URL Search Domain Scan URL

URL: https://compra-segura.olx.com.br/compra-segura
Title: Vender na OLX

Search URL Search Domain Scan URL

URL: https://seguranca.olx.com.br/?ic=prod-mkt&local=footer_web&campaign=hubseguranca&message=footer_web
Title: Dicas de segurança

Search URL Search Domain Scan URL

URL: https://ajuda.olx.com.br/s/article/politica-de-privacidade
Title: Política de privacidade

Search URL Search Domain Scan URL

URL: https://ajuda.olx.com.br/s/article/protecao-a-propriedade
Title: Propriedade intelectual

Search URL Search Domain Scan URL

URL: https://www.facebook.com/olxbrasil
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/OLXBrasil
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@olx_brasil
Title: TikTok

Search URL Search Domain Scan URL

URL: https://instagram.com/olxbr
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/olx_Brasil
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/olx-brasil
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://ajuda.olx.com.br/s/article/politica-de-cookies-olx
Title: Política de Cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mg.olx.com.br/ HTTP 301
https://mg.olx.com.br/ HTTP 301
https://www.olx.com.br/estado-mg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&rid=esp&cc=1

Request Chain 79

https://13034979.fls.doubleclick.net/activityi;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b81v892095748;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.olx.com.br%2Festado-mg HTTP 302
https://13034979.fls.doubleclick.net/activityi;dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b81v892095748;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.olx.com.br%2Festado-mg

Request Chain 95

https://us.creativecdn.com/tags/v2?type=json HTTP 307
https://us.creativecdn.com/tags/v2?type=json&tc=1

Request Chain 102

https://gum.criteo.com/sid/json?origin=publishertagids&domain=olx.com.br&sn=ChromeSyncframe&so=0&topUrl=www.olx.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=nuhrOXxZK2FXd3ByTE1vR1RrU3BZeHJtUVRuSjdjejY1cjlWQmdibFc0L2grd212SVJEK28zZzM4c3RPWDZlNThHeGxWODl4S3VncVBPVnZTQjlLN3dzMXRJZUtjMmNWVnNWSzNFQllPb2RnR1ZlRkdhYlV2SnVYaHpXT0tJanBLNXVBZlhRcTRhSzkrR1VFSVphcUFTNXdWUmhGbjNTK0tMamo0TWlBN0w1ZzMzK3p1ZHZGdFhBNXk2eThaYnFZMmU4VzA4NlNVTlV5MTVscmM5L0NYajFuU2wrVmphdGc3N0J4V2IxVm85T3owc2FmODA5ZWpaUWZyUHBIUEl1MWxkbmFrSE1zMG5ocGxZWFdnbks5a1ZnYmZwQT09fA&cppv=2

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=84419578957 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=84419578957&google_gid=CAESEMpQ4CpFNSn--3pC1XJohZE&google_cver=1

Request Chain 120

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Request Chain 125

https://gum.criteo.com/sid/json?origin=onetag&domain=olx.com.br&sn=ChromeSyncframe&so=0&topUrl=www.olx.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=YcHYtXwvUk1pWXg5OVk3anl3bUpCcWhxZ2hTMmI4eGxXL1puWm9NMmtBcnU3ai9DaS9yNzc0ZURyNWVkRHRVRnN3WWpNRkxRdmtSZWoxaGdUMkJIOG4vWHlpZzRWZDVFd3d6OGlZbFVjdnVOem1jRjRGTzFHaUZwZUdRUmd6QTNFcmZUZnZGMXFxSWRBMnBMZEY1VXpLa2sxLzhBeDJsUUVkZHJrNUQyaURqcEJIWkFOR3J0MWpRVjRPT2N3a2VPcUNocm5sU0Jua2psNUZpNCtKbDU3aERpYm5wWHFPS2tUTjFOUnlJZFhTdnhqOGpkTHVPekhYZk1FTXQrNTlRcWxaTitpNmFSM3YzV3ZnTFRiSDdObDA3QU9IUT09fA&cppv=2

Request Chain 142

https://ib.adnxs.com/setuid?entity=315&code=iXtDZTGKJqjau9FUugqMoVp07OmFRZ8hsc2pJtud39M HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3DiXtDZTGKJqjau9FUugqMoVp07OmFRZ8hsc2pJtud39M

339 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request estado-mg Show response
www.olx.com.br/
Redirect Chain

http://mg.olx.com.br/
https://mg.olx.com.br/
https://www.olx.com.br/estado-mg

352 KB
54 KB

569ms
442ms

Document
text/html

104.18.12.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.210 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

9f4d95b6c1554b2f0beb7ad9e89a86dd9b82582336fb42097765717dd100c3bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
cache-control: max-age=60 no-transform
cf-cache-status: DYNAMIC
cf-ray: 8279ab1c6d8d3488-WAW
content-encoding: gzip
content-security-policy-report-only: default-src https: wss: data: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri https://cspreport.olx.com.br/api/v1/cspreport/mixedcontent
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 17:24:38 GMT
etag: "xrtuckk1k37p5h"
expires: Fri, 17 Nov 2023 17:25:38 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
x-amz-cf-id: BHPGnFLY6e1RaaBSvFpqAWQNbdh1-Cz1XWwdeU4eHbJjhGmXc2eI4Q==
x-amz-cf-pop: AMS58-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-nc: 0
x-powered-by: Next.js

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
cache-control: max-age=60 no-transform
content-length: 120
content-security-policy-report-only: default-src https: wss: data: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri https://cspreport.olx.com.br/api/v1/cspreport/mixedcontent
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 17:24:38 GMT
expires: Fri, 17 Nov 2023 17:25:38 GMT
location: https://www.olx.com.br/estado-mg
server: nginx
vary: Accept
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
x-amz-cf-id: s0OREKK0MH6DAjAWDJhPKY0Njq69Di-zkQ-fFrQ0wY7H1mlUb8J2vA==
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-nc: 0
x-powered-by: Express

GET
H2 200 ds-tokens.css
dsapega.olx.com.br/olx/v1/ 24 KB
4 KB 228ms
50ms Stylesheet
text/css 2600:9000:244f:ec00:14:f2ba:2b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dsapega.olx.com.br/olx/v1/ds-tokens.css

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:244f:ec00:14:f2ba:2b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2135337bc4ff0a5a28fdf13464b716dd334daa431a7813d01f4fa203297c0327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:34:56 GMT
content-encoding: gzip
via: 1.1 f328a0489a804ca030fedcbc744c4bf6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: CDG52-P4
age: 42640
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 14 Nov 2023 13:36:02 GMT
server: AmazonS3
etag: W/"5896f50b4a3e5d0a33ce10342550c4b1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: VRFPCumm1WUnAejIQAY7AePBtPLGfsuKBcUrlNjVEsR8Qyt2Q8Pt9g==

GET
H2 200 olx-reset.min.css
static.olx.com.br/design-system/ 1 KB
1 KB 173ms
40ms Stylesheet
text/css 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.olx.com.br/design-system/olx-reset.min.css

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

15b48d471195d61517f77c8b25a80da14c9cfb4186a5f1db341faac21f1ebeae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: dV6kiwfyFoyBqqcylB84e_VaRFjdK9Sh
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 08:52:48 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
age: 32908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 14 Nov 2023 13:35:52 GMT
server: AmazonS3
etag: W/"a18b647f4fcf409fb7bc9a062ab964b7"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: KFx-F1SlazJDP8g6c6qzTqU8gRiS-kTOsym_JQbLnir6iA5qouPy6Q==

GET
H2 200 lurker.min.js Show response
static.olx.com.br/olx/js/ 113 KB
39 KB 64ms
55ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/olx/js/lurker.min.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b921d4afae4fc93b3350c54e884b66b5c7094e5d321daa0b76b2412606784580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 0G030MjulxVNy9dk9NXGuuW3Q_jOSm6I
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 09:24:29 GMT
last-modified: Mon, 23 Oct 2023 17:57:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 28832
x-amz-server-side-encryption: AES256
etag: W/"35a0102261448b3bf06ec618432e3198"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-replication-status: COMPLETED
x-amz-cf-id: GZEiGlXfHZEapJZGlkZbX98GIAwJvaXs02DbpYo3RWyYENGonpDJcQ==

GET
H2 200 tracker.min.js Show response
cdn.track.olx.com.br/assets/ 101 KB
35 KB 173ms
45ms Script
text/javascript 2600:9000:223c:bc00:1d:c6aa:c6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.track.olx.com.br/assets/tracker.min.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:bc00:1d:c6aa:c6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4168ba17a882bfe4e59cbfca2608e8d74d8be6593547e597d4eb7e2a0c35aa8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:23:45 GMT
content-encoding: br
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Oct 2023 12:56:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 84
x-amz-server-side-encryption: AES256
etag: W/"08210d0edf3a3170605a3b4dd459855f"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 8F8-_N7Hf8dIVmHrqtWAfuMVQIC7c436Ja8QQ-TlZcG-iNQT8E6CLQ==

GET
H2 200 d9cd38f51b4350fa.css
static.olx.com.br/cd/vi/js/listing-next/_next/static/css/ 116 KB
17 KB 179ms
46ms Stylesheet
text/css 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/css/d9cd38f51b4350fa.css
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 640ce37aa187514eea05474d866de5d976327784c001d4e07ca96ea74f4fb864

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:06:47 GMT
x-amz-version-id: Rd3PZTTAdCcw_AScObMRRPOEjlYOqpHC
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 83873
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Nov 2023 18:05:30 GMT
server: AmazonS3
etag: W/"d3350a59f5b72a20ff836a458314e3ba"
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: max-age=86400
x-amz-cf-id: 1DVSvrXoO4UTNPv1Zy4GwuA1oqcEumXfgEBy4xhA1ey2a6pqWA7I8A==

GET
H2 200 4115.0ca50fc8e08eb916.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 10 KB
4 KB 58ms
49ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/4115.0ca50fc8e08eb916.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f91fbbf9b6512e3d02e2284188d0e09d3cbb1a519374758a590783dde271370

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: R7NQl6TKK65Q60O0MGdwAgcYkfEXriVe
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 19:28:57 GMT
x-amz-cf-pop: FRA56-P6
age: 78948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 14 Nov 2023 19:25:24 GMT
server: AmazonS3
etag: W/"d568606640776a61da23ab7c56115782"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: LkpxI0ma2Pdy2G5bdB19GBGAygCPIka-x4EvlB5CmuvFme0p52z50g==

GET
H2 200 8226.ef118a172a95e7a7.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 12 KB
4 KB 66ms
57ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/8226.ef118a172a95e7a7.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f41c9b5a15257ff40b9a4dcd7824f3d679461813e9a369e8af58ce874c3da77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: VObq4GrHJBdd6OUv6OeCosM_AlOH5yL5
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 19:28:57 GMT
x-amz-cf-pop: FRA56-P6
age: 78948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 14 Nov 2023 19:25:24 GMT
server: AmazonS3
etag: W/"7dea2019df67725165ef6617a8ddd06c"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: f1ZWAly0f6NsGVHKlQQAijCY91Ar2K88XJclmAS_ixzj_a5f6RNawg==

GET
H2 200 4135.73bc4511d64fe584.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 76 KB
26 KB 57ms
49ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/4135.73bc4511d64fe584.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 661805e33631aff69eb55fc98335de2181f565b69b40f0e0c52be5792e6d27a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:07:12 GMT
x-amz-version-id: Af.6x6J0V08MBXlUo5zrrSLwMmEdP_Bv
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 83847
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Nov 2023 18:05:27 GMT
server: AmazonS3
etag: W/"e936ac620ef4b0f1037ef1885c49da58"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: Q4i1Kbda8QvtD-WnR_g8ZP186dLz3gyE4I_w9zZn0whHnbFqk0l3rA==

GET
H2 200 webpack-6d32f0577e569815.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 4 KB
3 KB 86ms
78ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/webpack-6d32f0577e569815.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef408bc86cee4ee96710380f0ab741072bb0a1ed68960e58875dc4d0ca1a36c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:06:47 GMT
x-amz-version-id: OznUCFDar0P879of77_Y2SuYyoxxUZ47
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 83873
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Nov 2023 18:05:30 GMT
server: AmazonS3
etag: W/"1a01f76a5ae07e137eb629ed84382d22"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: Ue-RzoKXbKL8mE9NjwiRIXC2FL4078yroLYl7_KFx2M5lPx6jYUasg==

GET
H2 200 framework-2114f3935436c3d0.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 138 KB
45 KB 104ms
97ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/framework-2114f3935436c3d0.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2894dd119677ebcc2205fbfc8c90548d2b14f5580a74fac48486c393ac35da64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: RddBqJz3Y_tbwSaP3dLDZXivPymmtE71
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 06:21:03 GMT
x-amz-cf-pop: FRA56-P6
age: 39878
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 14 Nov 2023 19:25:24 GMT
server: AmazonS3
etag: W/"d5ecb0a4a407dd8c94842bd0af7a26ea"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: YWiFZbFhoGWsqtGlr2Al7tBJUFhqe1b5bBJGCm2zEp5w7SGaoA5_Gw==

GET
H2 200 main-8e21920bfa8fe738.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 124 KB
37 KB 120ms
113ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/main-8e21920bfa8fe738.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 282e82056ff52434deafef55bbe056693c269ed0e9527cacb40cc4cd0b5dc8e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: RncSjIad8AsW3K6T.V6QKbKudYEFZBl4
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 08:38:44 GMT
x-amz-cf-pop: FRA56-P6
age: 31656
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 14 Nov 2023 19:25:24 GMT
server: AmazonS3
etag: W/"03f40a87b60e5182252209aaa795ba53"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 7IrDcVZr1wb4UKcWpUr8Q13RqinrZ_uBXB8dKArYwqEsP2d3dTUHxg==

GET
H2 200 _app-93b07266f46faaeb.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/pages/ 4 MB
582 KB 111ms
104ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/pages/_app-93b07266f46faaeb.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4475eebe7a6c4db702858320687b472a94f31308abb289c2df866eaf15c09c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:06:48 GMT
x-amz-version-id: cVUueHCvmSKrZhqRazlDaXLibroGW4yO
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 83872
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Nov 2023 18:05:27 GMT
server: AmazonS3
etag: W/"1c9e61d06b7264a549dddd166f278401"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: L9oDy35ufUfG4UuYlpCISghO1aShvnp5_2nJkAWwlhrNrNDiXtAeIQ==

GET
H2 200 2831-76b9e1e02d64a81e.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 25 KB
8 KB 114ms
106ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/2831-76b9e1e02d64a81e.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19c259f7c3d679a72e54a760f0d11498312363fb20a74247ea610f0684ebe00e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:06:49 GMT
x-amz-version-id: eva.oKbVorDO_16iz6CLR2EDY6UgV_jv
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 83871
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Nov 2023 18:05:27 GMT
server: AmazonS3
etag: W/"7406161ae3fb0d85e40d9a61d9f71071"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: mOwYylNye8RXHIwWwlRsV1TQXch2GD93jX9Y2zCshGEkiN7lLX32gQ==

GET
H2 200 387-bf4e6d58c24c240b.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 106 KB
35 KB 214ms
207ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/387-bf4e6d58c24c240b.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7b7325f788bdf584dadf59ffdeff7f575c3f914f4c2236dc043c4222ef3c217

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:06:49 GMT
x-amz-version-id: Tkd81daamrExLu0bYaVqae7sBNJoQWaC
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 83871
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Nov 2023 18:05:27 GMT
server: AmazonS3
etag: W/"429fe630890531fe6cc5815fe25b7611"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: kAkhKnsk71qc7hk_a3y7mof2jt3vxgrl7C89SIFVLgDY5vw8SGZ_6w==

GET
H2 200 4554-38f625986702f614.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 184 KB
27 KB 223ms
217ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/4554-38f625986702f614.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81be954315cac889885c5d3206190e5b4608214a7a9cfb7c4b6ab77c7dcc64a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 3PsNJPOpK2kVtauunWI86hFhPvqyVtxK
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 07:51:33 GMT
x-amz-cf-pop: FRA56-P6
age: 34448
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 14 Nov 2023 19:25:24 GMT
server: AmazonS3
etag: W/"c020da971689893da02356bb302c206a"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: zFXOYEZ_4EOICrA_LzO4JtnPLMTU-cDqh6KrgrsCrnLyu-Ii3bE2GQ==

GET
H2 200 8724-dbf2da8532b1e04a.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 239 KB
77 KB 224ms
217ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/8724-dbf2da8532b1e04a.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e8c7ce80364c0fa515e26dd21e641c44b08f7bceb833da76b8ffd150ee0a635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: BbppGrynOZQVglD5tgFCSMOwee.6ypE6
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 19:28:58 GMT
x-amz-cf-pop: FRA56-P6
age: 78948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 14 Nov 2023 19:25:24 GMT
server: AmazonS3
etag: W/"4b1f27fb7c2a590cde34f6057b3384a4"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: wI6m9Ty5BFwfy_eKaoLdQuxGdHD2E9ZdmXAttA2YlwfIAfGnIkuVoA==

GET
H2 200 651-9aaab39935b68217.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 26 KB
9 KB 227ms
220ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/651-9aaab39935b68217.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24b5a1d5f962cc3e261516b26fc64c6195c126b90d0450f2fb160dabf7c48a04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: sOd5h0mwPNhE7yYrWLGNr2eDXjcnyn5L
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 19:28:58 GMT
x-amz-cf-pop: FRA56-P6
age: 78948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 14 Nov 2023 19:25:24 GMT
server: AmazonS3
etag: W/"543b4712fb403c3f67be52f13efaf6dd"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: YLsaSxCfMhMHAvRS4vaWzbPtabLdQGmc8vOXMDMoXzOALchH-BJfHg==

GET
H2 200 3211-d45f47f002113e86.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 97 KB
29 KB 221ms
218ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/3211-d45f47f002113e86.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71287d958bd57502cc10da99734d1cb551eb056b51899d34d9710493a23196ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:06:49 GMT
x-amz-version-id: Yiixya6NraljKByTqAw7Z7vkB33Q9yfG
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 83871
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Nov 2023 18:05:27 GMT
server: AmazonS3
etag: W/"e38979f152b1a60e27c79672dd9c3793"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: -5YSRQF-0kTeaJ6OiMUC-FOmt77D9EgGM0frxKLuSZKbTUiB_cYGtg==

GET
H2 200 %5B%5B...route%5D%5D-39ccf8323f2afe97.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/pages/estado/ 421 B
873 B 222ms
219ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/pages/estado/%5B%5B...route%5D%5D-39ccf8323f2afe97.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9c247a12eef68baaa1da9fe38621bed237384853475c85ab046772e1d841b3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:07:12 GMT
x-amz-version-id: 4bkuH.WTDPW_lrgXBR4PtmY_o0WwbHyE
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 83847
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 421
last-modified: Thu, 16 Nov 2023 18:05:29 GMT
server: AmazonS3
etag: "d3f904a8501df38f9627ce58b1894467"
vary: Origin
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: gP6RLbhtPmLVbd5IfcTxXAZinD8HipY7NU-n2_BQkSjF_e8XJ_sk0w==

GET
H2 200 _buildManifest.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/NFSJs7iobPSlF8v9RqKbb/ 6 KB
2 KB 221ms
219ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/NFSJs7iobPSlF8v9RqKbb/_buildManifest.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03775ae2e0910182149cc19e25ad1ed6c0101e32c80425b00527e56c022e2c0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:06:50 GMT
x-amz-version-id: CaLztL1cDq8p_YlgjbBcydqRi9Mw0Zxz
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 83870
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Nov 2023 18:05:27 GMT
server: AmazonS3
etag: W/"24377beca1e2b84fa5c7114f736e7bce"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: ee59FYYNrlqqHbVW7NBFhDOJtPZru03ogi9pdevQCRpCfgMSUuAv4w==

GET
H2 200 _ssgManifest.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/NFSJs7iobPSlF8v9RqKbb/ 91 B
541 B 219ms
217ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/NFSJs7iobPSlF8v9RqKbb/_ssgManifest.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:06:50 GMT
x-amz-version-id: 25GUIqRx_WsrMJnzvBcsqMSj3EEY1A_s
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 83869
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 91
last-modified: Thu, 16 Nov 2023 18:05:27 GMT
server: AmazonS3
etag: "5ce0d2713404bd05c9502cc490488dca"
vary: Origin
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: he4e5aUXNAtvCAOsbhn632wIHxxZy0zyNp06HCoAwegYjfyILxSHiQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
30 KB 218ms
128ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ebf899b71151cd85495a6e42e7392a06ca26b75e50bc7c79b3e3e573c17e6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30612
x-xss-protection: 0
server: cafe
etag: 501 / 19678 / 31079695 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:24:39 GMT

GET
H2 200 294320465088424.webp
img.olx.com.br/images/29/ 39 KB
39 KB 180ms
46ms Image
image/webp 18.239.69.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.olx.com.br/images/29/294320465088424.webp

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.69.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-69-125.ams58.r.cloudfront.net

Software

nginx /

Resource Hash

9fab2fec46a56919e883b417c5da64223de5e5ab476d3019850d3a54a570ba5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800, max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:54:05 GMT
via: 1.1 19ae37472a5ba1dbeb7e045a5cb1b166.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800, max-age=300; includeSubDomains
server: nginx
x-amz-cf-pop: AMS58-P4
age: 70234
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YbvqtqoDVUQki1Uo7N_XOILfcA9cJCuEs5ZqRG5cV_QT6CxjJ1_L3A==
expires: Thu, 23 Nov 2023 21:54:05 GMT

GET
H2 200 454385221091061.webp
img.olx.com.br/images/45/ 36 KB
36 KB 219ms
85ms Image
image/webp 18.239.69.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.olx.com.br/images/45/454385221091061.webp

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.69.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-69-125.ams58.r.cloudfront.net

Software

nginx /

Resource Hash

9b4278f0f256fbe989c5fcdd2216d59183294474b5da1ee5d9fd4e308ae9fccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800, max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:25:18 GMT
via: 1.1 19ae37472a5ba1dbeb7e045a5cb1b166.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800, max-age=300; includeSubDomains
server: nginx
x-amz-cf-pop: AMS58-P4
age: 86361
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fR-VzjeGy7tYwvDq0vFDc2Kvv8fshLerNMSaJZtNS1kXwaiSlltm-A==
expires: Thu, 23 Nov 2023 17:25:18 GMT

GET
H2 200 686355343853538.webp
img.olx.com.br/images/68/ 13 KB
13 KB 232ms
231ms Image
image/webp 18.239.69.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.olx.com.br/images/68/686355343853538.webp

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.69.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-69-125.ams58.r.cloudfront.net

Software

nginx /

Resource Hash

10b5069518d85215f9c1da15722744e18b916b927be323a233d21b89ecc0f966

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800, max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:39 GMT
via: 1.1 19ae37472a5ba1dbeb7e045a5cb1b166.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800, max-age=300; includeSubDomains
server: nginx
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: y8cc2jENCJ31x8vtjuXESkmSwppIJ-LcOX_nLKfr0pvv0aZFzYohAg==
expires: Fri, 24 Nov 2023 17:24:39 GMT

GET
H2 200 277328448854907.webp
img.olx.com.br/images/27/ 19 KB
19 KB 78ms
68ms Image
image/webp 18.239.69.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.olx.com.br/images/27/277328448854907.webp

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.69.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-69-125.ams58.r.cloudfront.net

Software

nginx /

Resource Hash

f5c05b916cb1b2614d8d84f975995734f09f79ea0e9743d1399df159458f4d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800, max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:25:18 GMT
via: 1.1 19ae37472a5ba1dbeb7e045a5cb1b166.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800, max-age=300; includeSubDomains
server: nginx
x-amz-cf-pop: AMS58-P4
age: 86361
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5661GkclCvWISI5ygnEeFLaTHoaTVgQF7zbC8JX8L8qUigg-fSs7mw==
expires: Thu, 23 Nov 2023 17:25:18 GMT

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQKr51.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
31 KB 135ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQKr51.woff2

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cdf1e4b27f7420b0ad37ad1d6bac03f7470438bc8f49de10bcf1440dc4fd37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.olx.com.br/
Origin: https://www.olx.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 04:49:29 GMT
x-content-type-options: nosniff
age: 304510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31040
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 01:15:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 04:49:29 GMT

GET
H3 200 627368342506716.webp
img.olx.com.br/images/62/ 33 KB
33 KB 192ms
191ms Image
image/webp 18.239.69.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.olx.com.br/images/62/627368342506716.webp

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

18.239.69.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-69-125.ams58.r.cloudfront.net

Software

nginx /

Resource Hash

9f1b207c17f6f654614d22fe5f5e079e223422005e24b81c882e2de0cf7e3c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800, max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:39 GMT
strict-transport-security: max-age=15724800, max-age=300; includeSubDomains
via: 1.1 9dfbacf2c8a61beb17591bdaab142956.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: slmvrV1ZFq6ujtiq0cQiiq15bBXuFnSsZwA0Z9SLS-H_0Rv9BsQPig==
expires: Fri, 24 Nov 2023 17:24:39 GMT

GET
H3 200 944390703199952.webp
img.olx.com.br/images/94/ 47 KB
48 KB 300ms
299ms Image
image/webp 18.239.69.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.olx.com.br/images/94/944390703199952.webp

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

18.239.69.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-69-125.ams58.r.cloudfront.net

Software

nginx /

Resource Hash

646d66d9967be6d6a7a6da463cb778d2c5122d92a9ac26b265a762fd5023f70b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800, max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:39 GMT
strict-transport-security: max-age=15724800, max-age=300; includeSubDomains
via: 1.1 9dfbacf2c8a61beb17591bdaab142956.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UcAI-VNPOeyVeg4MkpTKABQ2-G8NtgeJtoR9-vy2dINnevnQNVu2sA==
expires: Fri, 24 Nov 2023 17:24:39 GMT

GET
H3 200 417361701874028.webp
img.olx.com.br/images/41/ 60 KB
60 KB 214ms
213ms Image
image/webp 18.239.69.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.olx.com.br/images/41/417361701874028.webp

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

18.239.69.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-69-125.ams58.r.cloudfront.net

Software

nginx /

Resource Hash

084e035db971b80d8d599116fda9bae31b9f37d16a3192996383b697c2adae21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800, max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:39 GMT
strict-transport-security: max-age=15724800, max-age=300; includeSubDomains
via: 1.1 9dfbacf2c8a61beb17591bdaab142956.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gm8HqgKoRiV1N8_AX9YvLTFAuPibi_k4GezX3oD_K5vFGfhwWVGx-A==
expires: Fri, 24 Nov 2023 17:24:39 GMT

GET
H2 200 cookie-notice.js Show response
static.olx.com.br/cookie-notice/ 6 KB
2 KB 117ms
116ms Script
application/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cookie-notice/cookie-notice.js
Requested by: Host: static.olx.com.br
URL: https://static.olx.com.br/olx/js/lurker.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3de19c83ad6dc2f992392e4bd61189ea0a34388200efee551f75fc079aa8f5f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: l_.QLMfwPtfZCSoQRwkbdG0eXnEuGR9F
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 08:34:33 GMT
last-modified: Wed, 19 Jul 2023 23:04:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 31950
x-amz-server-side-encryption: AES256
etag: W/"4a7749036b5ec7f46537fa67af4d325f"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
x-amz-cf-id: gtxOX3Zzs3O_yk4m5vEHIm-zjkhnrEKx7x3JNYMLRIlL7TUiOoVEyw==

GET
H2 200 tachometer.min.js Show response
static.olx.com.br/olx/js/ 1 KB
1 KB 118ms
118ms Script
application/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/olx/js/tachometer.min.js
Requested by: Host: static.olx.com.br
URL: https://static.olx.com.br/olx/js/lurker.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b6ce77c08edeec4977f6a2aecd2ec96ffab1795aaa806564df27af38aebb632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: Zf2HXePoE956WdyyjheYP85P3sMFQp09
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 09:58:23 GMT
last-modified: Thu, 13 Jan 2022 12:16:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 26778
x-amz-server-side-encryption: AES256
etag: W/"350abdaf3cb29573bf4348524edc31c5"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
x-amz-cf-id: 9HwGO6WmlqomdtUAEDO7cMCP_JTWcOLvtRvCNaRYuvtalpYmyoRTCw==

GET
H2 204 me
apigw.olx.com.br/v2/ 0
0 811ms
499ms Fetch 104.18.13.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apigw.olx.com.br/v2/me?X-OLX-TEAM-KEY=hQIPDF7Bfpw2WJUDwr9GV21jIoDSEJGl
Requested by: Host: static.olx.com.br
URL: https://static.olx.com.br/olx/js/lurker.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.210 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/estado-mg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
via: kong/0.14.1
cf-cache-status: DYNAMIC
server: cloudflare
x-kong-proxy-latency: 0
vary: Origin
access-control-allow-origin: https://www.olx.com.br
x-kong-upstream-latency: 2
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8279ab236b5d3494-WAW

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
90 KB 238ms
64ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-50C013M2CC

Requested by

Host: cdn.track.olx.com.br
URL: https://cdn.track.olx.com.br/assets/tracker.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c983b36767dac79e37dc3f29c03610e090e2ea315469add28ec7389bf96f744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92035
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 17:24:39 GMT

GET
H2 200 olx-web.json Show response
cdn.track.olx.com.br/data/ 9 KB
1 KB 137ms
44ms Fetch
application/json 2600:9000:223c:bc00:1d:c6aa:c6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.track.olx.com.br/data/olx-web.json
Requested by: Host: cdn.track.olx.com.br
URL: https://cdn.track.olx.com.br/assets/tracker.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:bc00:1d:c6aa:c6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 303e3802c160b17e0d3c4ca6e3de5d9c42189db2298fb7ecba3aee9c084400a1

Request headers

Accept: application/json
Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:39 GMT
content-encoding: br
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 22:14:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 61
x-amz-server-side-encryption: AES256
etag: W/"92f0f7c23d81d522cc4dc110f98faf1d"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://www.olx.com.br
x-amz-cf-id: aX5KEpn5dWzlK1lICDahWO-jioaI-iAqICwArfJe1A_lyOCa262EMQ==

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/us1/v4/ 150 KB
48 KB 203ms
45ms Script
application/javascript 13.32.29.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-175.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:11 GMT
content-encoding: br
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 09:24:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 30
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: EPcxNny0Tx4wmxw97P7Yca1ek1qTJmbNAwe7jNDK71NEY2LnoQsVBA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ 431 KB
135 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20881
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137994
x-xss-protection: 0
server: cafe
etag: 6213585212225905441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 16 Nov 2024 11:36:38 GMT

GET
H2 200 5685.238a7bfa87acc35b.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 14 KB
5 KB 40ms
40ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/5685.238a7bfa87acc35b.js
Requested by: Host: static.olx.com.br
URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/webpack-6d32f0577e569815.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb3f989735a31d1228cee7f91675b7c5c4a1e8b51a89b03d3ee24d05bcac5156

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: VDW76mIVOBa888wFYg03FPYJHYbEjyaS
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 07:51:34 GMT
x-amz-cf-pop: FRA56-P6
age: 34447
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 14 Nov 2023 19:25:24 GMT
server: AmazonS3
etag: W/"45d72447a08812915b2947fd7c69d0cd"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: rjIdV1wCLoInSJKKyC7L5DZJrm3vDLrKh_iH1Dmb0QUQHmYCMhhWKQ==

GET
H2 200 5511.b77e1f56fad6f45b.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 94 KB
29 KB 41ms
40ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/5511.b77e1f56fad6f45b.js
Requested by: Host: static.olx.com.br
URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/webpack-6d32f0577e569815.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d517e17fce4f66ffd99c26253ff105853e8cf825f9e25b72e18244cc303ca815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: SFj4bf1.JxSfbU8Gt3nEBMdcxdKYbWJ_
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 09:36:50 GMT
x-amz-cf-pop: FRA56-P6
age: 28073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Nov 2023 20:10:34 GMT
server: AmazonS3
etag: W/"03e7cf3ca2db80c26eb834434d90a40e"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: ZEufygWg7HN9um6Nux9kLzg86zVpDwhnPfVkj42Y3ylK-0ddC2cyzg==

GET
H2 200 4900.2b630d177a4950cd.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 1 KB
1 KB 40ms
39ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/4900.2b630d177a4950cd.js
Requested by: Host: static.olx.com.br
URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/webpack-6d32f0577e569815.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62c7dabe20ee09d4bd72b6f916bda13b8dcfe0a0dd1fa9686797e30468e96b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: jCCIAzM2vfPGPVNPsx2XH4saBz_WAg01
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 07:19:13 GMT
x-amz-cf-pop: FRA56-P6
age: 36327
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 14 Nov 2023 19:25:24 GMT
server: AmazonS3
etag: W/"b7dd322edeeccae13c91507cc101c007"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: BDnBdgAvyYMH14O1pIvAtRqPdlHJme-IDZMHQqMBIdRSWXuXK3w8DA==

GET
H2 200 6900.ba3b6500aac4b56d.js Show response
static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/ 2 KB
1 KB 39ms
39ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/6900.ba3b6500aac4b56d.js
Requested by: Host: static.olx.com.br
URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/webpack-6d32f0577e569815.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0162218d88a3da843fb29d0dc9ddad8b99be48bffe8b3470c6fb014abaedd557

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: I1XaLbqoH0QlKNIYYW3dQevWH9aMv6ba
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 10:01:48 GMT
x-amz-cf-pop: FRA56-P6
age: 26761
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 14 Nov 2023 19:25:24 GMT
server: AmazonS3
etag: W/"0bba7abefde46dc8a3fb6798324fb277"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: gKHC7JAijOOdSDEg4Qil-AVbB9Rlzp5Agw2Nd_atHn1q2jUbT0Zpjw==

GET
H2 204 me
apigw.olx.com.br/v2/ 0
0 487ms
486ms Fetch 104.18.13.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apigw.olx.com.br/v2/me?X-OLX-TEAM-KEY=rZNX9XwMdF9ZY7deAzKEJEvQ5cC7JOgQ
Requested by: Host: static.olx.com.br
URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/pages/_app-93b07266f46faaeb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.210 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
via: kong/0.14.1
cf-cache-status: DYNAMIC
server: cloudflare
x-kong-proxy-latency: 0
vary: Origin
access-control-allow-origin: https://www.olx.com.br
x-kong-upstream-latency: 2
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8279ab25ef713494-WAW

POST
H2 202 track
lurker.olx.com.br/ 0
333 B 405ms
116ms Ping
text/html 34.200.105.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lurker.olx.com.br/track
Requested by: Host: cdn.track.olx.com.br
URL: https://cdn.track.olx.com.br/assets/tracker.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.200.105.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-105-41.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.olx.com.br
date: Fri, 17 Nov 2023 17:24:40 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/html;charset=utf-8

GET
H2 200 olx-web.json Show response
cdn.track.olx.com.br/data/ 9 KB
1 KB 43ms
42ms Fetch
application/json 2600:9000:223c:bc00:1d:c6aa:c6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.track.olx.com.br/data/olx-web.json
Requested by: Host: cdn.track.olx.com.br
URL: https://cdn.track.olx.com.br/assets/tracker.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:bc00:1d:c6aa:c6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 303e3802c160b17e0d3c4ca6e3de5d9c42189db2298fb7ecba3aee9c084400a1

Request headers

Accept: application/json
Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:39 GMT
content-encoding: br
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 22:14:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 62
x-amz-server-side-encryption: AES256
etag: W/"92f0f7c23d81d522cc4dc110f98faf1d"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://www.olx.com.br
x-amz-cf-id: I-q4lFT6SgYvQNmahf6mGOtHUkXaxuTIO3ZruasOcXcJCc6eDGlwcQ==

GET
H/1.1 400
Bad Request / Show response
recommendation.olx.com.br/api/rec/ 2 B
358 B 534ms
132ms Fetch
application/json 3.209.92.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://recommendation.olx.com.br/api/rec/?lurker_id=&region_id=&object_name=listing&custom_tag=listing_web&state_id=2&test_id=hold&platform=web

Requested by

Host: static.olx.com.br
URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/8724-dbf2da8532b1e04a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.209.92.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-209-92-249.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 17:24:40 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=300; includeSubDomains
Server: nginx
X-Sommelier-API-Version: 2.8.67
Content-Type: application/json
Access-Control-Allow-Origin: *
cache-control: max-age=5
Connection: keep-alive
Content-Length: 28

GET
H2 200 listing.js Show response
pub.olx.com.br/ 30 KB
10 KB 223ms
115ms Script
text/javascript 65.9.66.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.olx.com.br/listing.js
Requested by: Host: static.olx.com.br
URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/main-8e21920bfa8fe738.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6fb71436f49efc8c5c483c9c9164dd3831de0e8451f0f7b7030d5c34a88bf07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 5RK2Nv79xetlPEYRoHwpdP8EwnQ0bXym
content-encoding: gzip
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 06:48:37 GMT
last-modified: Wed, 08 Nov 2023 13:16:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 38344
x-amz-server-side-encryption: AES256
etag: W/"9338b9bf90291adc5e5311855800eebd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: jMpz8Mu2XKJz05O3RsIjoVXbl3U5WBA-SCatTJW5RLgmce9qfwp9Vw==

GET
H2 200 web-vitals.js Show response
static.olx.com.br/web-vitals/ 7 KB
3 KB 43ms
41ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.olx.com.br/web-vitals/web-vitals.js

Requested by

Host: static.olx.com.br
URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/main-8e21920bfa8fe738.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 15:02:38 GMT
x-amz-version-id: ePcxQ0GnisE8BsMZWWD0DegTQOwx0Pw2
content-encoding: br
x-content-type-options: nosniff
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
age: 8522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 15:02:24 GMT
server: AmazonS3
etag: W/"377e79edeb1105b21d5e3020bb9a77a3"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: NMbQl0sFSV-k91vmadh_97wuz99ydCZTqWiQYQ-DxezqQSiJbtHvew==

GET
H2 200 web-vitals-tracker.js Show response
static.olx.com.br/web-vitals/ 2 KB
1 KB 41ms
40ms Script
text/javascript 2600:9000:2490:f800:a:8162:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.olx.com.br/web-vitals/web-vitals-tracker.js

Requested by

Host: static.olx.com.br
URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/main-8e21920bfa8fe738.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:f800:a:8162:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bbc24942842dbd52528400dbc37496b8773885220cfdb36cdf6f66801e649819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 15:02:39 GMT
x-amz-version-id: qr6XEuNNYRFvjJCfB505MrbyB1dodmr2
content-encoding: br
x-content-type-options: nosniff
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P6
age: 8522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 15:02:24 GMT
server: AmazonS3
etag: W/"479469cae61cbddbacc379649b7fb9ec"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: h1f4df7BeIhv3snYzsKVgRAidNMIdpl7OR7OUV-G0g2VreI7lBoc_A==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
64 KB 65ms
64ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-546N2JV

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f3a3cc09d0ae7f2d54573d41a354e44e65c984f81c0df951f7f4f0f10be9d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65440
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Nov 2023 17:24:40 GMT

POST
H2 202 track
lurker.olx.com.br/ 0
333 B 451ms
230ms Ping
text/html 34.200.105.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lurker.olx.com.br/track
Requested by: Host: cdn.track.olx.com.br
URL: https://cdn.track.olx.com.br/assets/tracker.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.200.105.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-105-41.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.olx.com.br
date: Fri, 17 Nov 2023 17:24:40 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/html;charset=utf-8

GET
H2 200 olx-web.json Show response
cdn.track.olx.com.br/data/ 9 KB
1 KB 45ms
43ms Fetch
application/json 2600:9000:223c:bc00:1d:c6aa:c6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.track.olx.com.br/data/olx-web.json
Requested by: Host: cdn.track.olx.com.br
URL: https://cdn.track.olx.com.br/assets/tracker.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:bc00:1d:c6aa:c6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 303e3802c160b17e0d3c4ca6e3de5d9c42189db2298fb7ecba3aee9c084400a1

Request headers

Accept: application/json
Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:39 GMT
content-encoding: br
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 22:14:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 62
x-amz-server-side-encryption: AES256
etag: W/"92f0f7c23d81d522cc4dc110f98faf1d"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://www.olx.com.br
x-amz-cf-id: cU_RIouW7OfdCGXDTL0VNHBIE9VQRnuqjLUaJY4TL5cFFkecOew6ZA==

GET
H2 200 C89SDYUY.js Show response
cdn.insurads.com/bootstrap/ 7 KB
3 KB 184ms
62ms Script
application/x-javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/bootstrap/C89SDYUY.js
Requested by: Host: pub.olx.com.br
URL: https://pub.olx.com.br/listing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 5942e371f51bd4a914c9fbd516988a50da14c9a490399be4fae51810c15454f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
content-encoding: gzip
cdn-edgestorageid: 1081
x-amz-request-id: MZ39KVMJ1V3H6W85
cdn-cachedat: 07/07/2023 01:56:31
cdn-pullzone: 55316
x-amz-id-2: GMJ4/N5tuJKojudUN1ZWRdqPKHZh9kGJXJhgKI+Bwv0Fu2KNJViKJdu7zi2w7BK6LQsopIt/8T4=
last-modified: Tue, 01 Feb 2022 19:20:27 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "d40b8c84673d22156a345e922cf836a0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=86400, s-maxage=604800
cdn-requestid: 80e64521f3b9448ada6ee7207832a9dd
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 159ms
47ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: pub.olx.com.br
URL: https://pub.olx.com.br/listing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:38:10 GMT
content-encoding: gzip
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront), 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 2791
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 7sPt7pPmkVUIH6bMozqP-rIt83FK8ZrKleqJjpNiDegt0RcbeEsfDg==

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 158ms
59ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 2105
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8279ab29580c9061-FRA
expires: Fri, 17 Nov 2023 17:49:35 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 139ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-50C013M2CC&gtm=45je3b81v872586341&_p=1700241879986&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1986320353.1700241880&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700241880&sct=1&seg=0&dl=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&dt=An%C3%BAncios%20em%20Minas%20Gerais&en=page_view_sdk&_fv=1&_nsi=1&_ss=1&_ee=1&ep.object_name=listing&ep.event_type=page_view&ep.object_detail=load&tfd=2545
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50C013M2CC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.olx.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 151ms
49ms Ping
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-50C013M2CC&cid=1986320353.1700241880&gtm=45je3b81v872586341&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50C013M2CC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.olx.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 track
lurker.olx.com.br/ 0
245 B 119ms
117ms Ping
text/html 34.200.105.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lurker.olx.com.br/track
Requested by: Host: static.olx.com.br
URL: https://static.olx.com.br/olx/js/lurker.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.200.105.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-105-41.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.olx.com.br
date: Fri, 17 Nov 2023 17:24:40 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/html;charset=utf-8

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 170ms
78ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-50C013M2CC&cid=1986320353.1700241880&gtm=45je3b81v872586341&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1290295573

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 track
lurker.olx.com.br/ 0
245 B 119ms
118ms Ping
text/html 34.200.105.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lurker.olx.com.br/track
Requested by: Host: static.olx.com.br
URL: https://static.olx.com.br/olx/js/lurker.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.200.105.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-105-41.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.olx.com.br
date: Fri, 17 Nov 2023 17:24:40 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/html;charset=utf-8

GET
H2 200 b837e449-83ee-457f-9ef5-8f976953f2bc.js Show response
cdn.mouseflow.com/projects/ 69 KB
21 KB 141ms
55ms Script
application/javascript 2606:4700::6812:1b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mouseflow.com/projects/b837e449-83ee-457f-9ef5-8f976953f2bc.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-546N2JV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

134eac047038b831d518110e9d38775fafd3d8aaf986528c1bf9e2825d6ab40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 262721
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
x-mf-script-region: EU
last-modified: Tue, 14 Nov 2023 16:24:20 GMT
server: cloudflare
etag: W/"0923651717da1:0"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 8279ab2a4ad191f5-FRA
expires: Sat, 18 Nov 2023 17:24:40 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 356 KB
99 KB 88ms
88ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TNX8FDS&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-546N2JV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dde20b8631da4cdc7514c48b062ec195a580bde1c260bf113cc7922a1fc762fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101554
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Nov 2023 17:24:40 GMT

GET
H2 200 core.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 4 KB
2 KB 129ms
47ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/core.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-546N2JV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bb7f063a5afba0172b0d2eef6fb64cdae6bfc2034494bf440019e247f562ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 474440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1425
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61182885-591"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQvCc7DyGj1I3U1nVpuTEdcHEOxOLjxHZnMZfJbvjTgTWWojFdnXT2ooX4t6YHTqrapWM9C2hb8RqtZYhn0gnF2hJCQZYeqUxCtvp%2FWv8WaA9zQDmoUvABTYzabK2jr88gbABBcU48gwjmg4pxS65%2BHJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8279ab2a4d1d3685-FRA
expires: Wed, 06 Nov 2024 17:24:40 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 141ms
45ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:38:20 GMT
content-encoding: gzip
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 35181
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: UIz2-2xY-hKS9KoFAY5bRIVKbMUq2CMbzLOus_jINwRCg6wYXoenaQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 167ms
54ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: f3489ea2b8cf9b5dcb124bd32a568052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 130ms
40ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:33:06 GMT
content-encoding: gzip
age: 157894
x-guploader-uploadid: ABPtcPrqGz7i4b9X49L9eZEbjaAbFM55tbQRn0BKbMVn_v-U_dgPoRxczAfmBkK87VkUdZ8shqnzaHD4tud84RJI-4De
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 14 Nov 2024 21:33:06 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 122ms
46ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 329113
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8279ab2a58756a78-TXL
expires: Mon, 20 Nov 2023 17:24:40 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 157ms
57ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Nov 2023 17:24:40 GMT

GET
H/1.1 404
Not Found / Show response
recommendation.olx.com.br/api/rec/ 90 B
438 B 136ms
136ms Fetch
application/json 3.209.92.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://recommendation.olx.com.br/api/rec/?lurker_id=0477a79d-2d79-4985-bc54-2a9635049ff4&region_id=&object_name=listing&custom_tag=listing_web&state_id=2&test_id=hold&platform=web

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.209.92.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-209-92-249.compute-1.amazonaws.com

Software

nginx /

Resource Hash

24b8a509dda8d90465da9795813e1be77058c88de3f2e6a59686825a02bbc8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 17:24:40 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=300; includeSubDomains
Server: nginx
X-Sommelier-API-Version: 2.8.67
Content-Type: application/json
Access-Control-Allow-Origin: *
cache-control: max-age=5
Connection: keep-alive
Content-Length: 109

GET
H2 200 83482 Show response
tag.navdmp.com/u/ 507 B
480 B 238ms
236ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/83482
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7abe7516493f0373870d99512676d4f21f498682263038d9961e3ccc79335e45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 06 Jan 2023 18:02:13 GMT
server: cloudflare
etag: W/"63b86225-1fb"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8279ab29f89e9061-FRA
expires: Fri, 17 Nov 2023 18:24:40 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 120ms
40ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 10:08:39 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 26162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: HG-HcjeNzrrFUzOev_LIRmpeGyU1gXf6DntAYvTLstHtxqtj200oTw==

GET
H3 200 501377559670698.webp
img.olx.com.br/images/50/ 78 KB
78 KB 341ms
341ms Image
image/webp 18.239.69.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.olx.com.br/images/50/501377559670698.webp

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

18.239.69.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-69-125.ams58.r.cloudfront.net

Software

nginx /

Resource Hash

9e89c6927038c2c14f784a17d20fb9defcae2faca47de1dd19db461671f2093f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800, max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
strict-transport-security: max-age=15724800, max-age=300; includeSubDomains
via: 1.1 9dfbacf2c8a61beb17591bdaab142956.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cq0c3uMeFVJY7puDFOuPauGl_BqXrS4kRwmOKQ_AFd5BuZ49FD7eiA==
expires: Fri, 24 Nov 2023 17:24:40 GMT

GET
H2 200 init Show response
services.insurads.com/ 2 KB
1 KB 474ms
119ms Script
application/javascript 52.205.52.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/init?appId=C89SDYUY&h=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&tcfc=1&t=1700241880699
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/C89SDYUY.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.52.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-52-6.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 390cb2690e5f1abfb0ab7abb1d5cff4c1887e6b03c82b28d2ce30fd55c953844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 12f22e07-5e35-42ce-af8a-327c465973dd Show response
config.aps.amazon-adsystem.com/configs/ 537 B
812 B 386ms
43ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/12f22e07-5e35-42ce-af8a-327c465973dd
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: d19204c50a2911f2e51b35dc91ad022b91d932576e3883779ec9b0ba0f26b0fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:59:05 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1536
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: y5M48o9Bvw_U3b34BghyqDvymRXPYh4eyoulq6iDf5Qpp3PMviqDiw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 44ms
43ms XHR
text/plain 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.olx.com.br&pubid=12f22e07-5e35-42ce-af8a-327c465973dd
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:06:08 GMT
via: 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 19111
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.olx.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 1WhUORG2gfB95PQM-QeG10QUjAFsYbx-bo2jvpU9NhNVNzCs6yiDFw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 412ms
80ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&pid=AMC3GmbLP30xa&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22listing-bottom-pub%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F73314699%2FOLX%2FListing%22%7D%2C%7B%22id%22%3A%22listing-page-right-pub%22%2C%22sd%22%3A%22listing-page-right-pub%22%2C%22sn%22%3A%22%2F73314699%2FOLX%2FListing%22%2C%22mt%22%3A%22mf%22%2C%22mfp%22%3A%7B%22d%22%3A%7B%22s%22%3A%5B%22120x600%22%2C%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%7D%2C%22v%22%3A%7B%22s%22%3A%5B%22300x250%22%5D%7D%7D%7D%2C%7B%22id%22%3A%22listing-page-middle-right-pub%22%2C%22sd%22%3A%22listing-page-middle-right-pub%22%2C%22sn%22%3A%22%2F73314699%2FOLX%2FListing%22%2C%22mt%22%3A%22mf%22%2C%22mfp%22%3A%7B%22d%22%3A%7B%22s%22%3A%5B%22120x600%22%2C%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%7D%2C%22v%22%3A%7B%22s%22%3A%5B%22300x250%22%5D%7D%7D%7D%2C%7B%22sd%22%3A%22listing-native-list-item-1-pub%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F73314699%2FOLX%2FListing%22%7D%2C%7B%22sd%22%3A%22listing-native-list-item-2-pub%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F73314699%2FOLX%2FListing%22%7D%2C%7B%22sd%22%3A%22listing-native-list-item-4-pub%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F73314699%2FOLX%2FListing%22%7D%5D&pubid=12f22e07-5e35-42ce-af8a-327c465973dd&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: ZMA06SJ6F3CNHD717E8H
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.olx.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: vB0qlRVGNn8T8V_Zh8qnAxQFaImh_kUca90zOe31JoJuq0cIVeZlFw==

GET
H2 200 md5.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 9 KB
2 KB 65ms
52ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/md5.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-546N2JV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97dc67431dbd3360ea838fecad611a30f540f8389bbd15b89a1e14ba8dbb54aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1518340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1676
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61182885-68c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ld4jgzlaL0mCu0swMpHZBkHYv0I04X4kGUGTQNoY7%2FFRDyDZxwSIxOzTBpM00AwPiBtN8rHyGIpMw9T%2FyWYBCi%2FKQizysBpMQk%2B7dKyNbf9xgoAJKrGsayGzLCk9hr0IPbME3JkVw1bgEuSlW6Y23%2BIs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8279ab2addd53685-FRA
expires: Wed, 06 Nov 2024 17:24:40 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&rid=esp&cc=1

85 B
194 B

153ms
152ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&rid=esp&cc=1
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: effdbeb581b06bd65a3c5b7525cf964212cb2d45160207a4581996f387de1d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-k/6jn+0lQhIKdQSEGX8+ZthaeEo"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.olx.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 17 Nov 2023 17:24:41 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.olx.com.br
location: /esp?url=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 308ms
56ms XHR
application/json 52.215.24.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.24.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-24-0.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5e45bb4934f81ca6d18d7beb4cca90cc586a943059d0a37870e41baa1d4447d8

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.olx.com.br
cache-control: no-cache
x-server: 10.45.16.89
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 250ms
39ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TNX8FDS&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 15:49:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5700
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 17 Nov 2023 17:49:41 GMT

GET
H2

200

activityi;dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b8... Show response
13034979.fls.doubleclick.net/ Frame A903
Redirect Chain

https://13034979.fls.doubleclick.net/activityi;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He...
https://13034979.fls.doubleclick.net/activityi;dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.ol...

650 B
527 B

79ms
77ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://13034979.fls.doubleclick.net/activityi;dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b81v892095748;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.olx.com.br%2Festado-mg?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TNX8FDS&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

3f0a30d0bb63e016d95d91e87e3b80a8ecce5ec56b16c2cb48b28e6e87f26d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 351
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://13034979.fls.doubleclick.net/activityi;dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b81v892095748;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.olx.com.br%2Festado-mg?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ins.js Show response
olxbrclassificados.api.useinsider.com/ 319 KB
87 KB 265ms
70ms Script
application/javascript 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://olxbrclassificados.api.useinsider.com/ins.js?id=10007563

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TNX8FDS&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ef06ac12f16660abe007fbc69e5b825d38fea9e6c49ec061df1449a9fa8be57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: tL3RDkDaX2UM.FlPb4gwH9AwqBOfgY.8
cf-cache-status: HIT
x-amz-request-id: NZ0EP29EF60BYV2V
age: 3247
content-encoding: br
x-amz-id-2: VS3ZmDw0hoXHV7TGxLGosQP6jtm2jGucFYYqgoNvIZ0iQ/wi3DBWxIauk8cXCKa3Qu9CTUdcvT8=
x-xss-protection: 1
pragma: public
last-modified: Tue, 14 Nov 2023 19:43:52 GMT
server: cloudflare
etag: W/"e994e0019f15e688a89744693b5676ea"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 8279ab2ccab718db-FRA
expires: Fri, 17 Nov 2023 17:29:41 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 516ms
322ms Script
application/javascript 23.53.43.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8LQ3HO3N5R2M2PTDC50&lib=ttq
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7feb96df9b77fcc4ec752cd81d31d4c1eb9fe81d7177ddf8cc4409efca65548b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: 1c2c6f30.11502f23
date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-93.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 215,23.53.43.93
server-timing: cdn-cache; desc=MISS, edge; dur=211, origin; dur=7, inner; dur=3
content-length: 1336
pragma: no-cache
server: nginx
x-tt-logid: 20231117172441D0443A94F6EE656D8CF2
x-cache-remote: TCP_MISS from a23-48-100-79.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.48.100.79
x-tt-trace-host: 01bbb14ff5615a00adc7e08e5a85701af2feff9be1a182f36f5335625877bdd3431f4ace7ec3993404f0da95e882e3557d98377a98bc4a8d0fc499c3ec591f72995fdf0ce4f02d4b52c886cf9ddb71f14ab6c540917e2f38a01d03c98a4b49fbc3192c677ad48a8f32dda9338b0cb7edb7
expires: Fri, 17 Nov 2023 17:24:41 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 327ms
133ms Script
application/javascript 23.53.43.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL4LE3C77UEUGLEBCA0&lib=ttq
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 55b1b36276fb785950bd896ca687ab65587a3412c36723c603153c20d3a1a20b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: 3d95259e.11502f24
date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-93.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 89,23.53.43.93
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=7, inner; dur=3
content-length: 1332
pragma: no-cache
server: nginx
x-tt-logid: 202311171724412222698D4C84AC746AD5
x-cache-remote: TCP_MISS from a23-48-100-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.48.100.74
x-tt-trace-host: 01bbb14ff5615a00adc7e08e5a85701af2feff9be1a182f36f5335625877bdd3432024d9d47c73724ec4b830194ac07ff8deed36b7ccf8cb8ebcd5a7d32ca6d9ee5ac3e86773473a02a67e20a35fd7ba7d3d08cca51f199f604e13f6ad76702f6f30e0b9789c21f1fc048b993ea7202ecc
expires: Fri, 17 Nov 2023 17:24:41 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 232ms
40ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:39 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: N6BH1P4Z838NM8Y0
age: 3
x-amz-server-side-encryption: AES256
x-amz-id-2: IEY2OPa9Iml/wLqZQVRK7sn+zT3J5DIqs2dJnl8es5KIyvPfiv3G8a4mnrUs/lZzEJScJHx8iMLnOjXq1ushW13fycsyHiRjc43awznv7SA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 wBiML0Lv0cEh18cEd5DU.js Show response
tags.creativecdn.com/ 4 KB
2 KB 225ms
40ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/wBiML0Lv0cEh18cEd5DU.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: gzip
x-age-lb: 2105
x-guploader-uploadid: ABPtcPpdeUfoZT0rWzgi2zQAlZH5_kEHVazuT7jabGdyeuO5igDwSm5-TF99694tUjCVZtwPTrRnw9a9d2aYJ96ZnvECsymKTn31
x-77-cache: HIT
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
x-accel-date: 1700239776
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt: AcO1rw43Nzf/OQgAAA
x-accel-expires: @1700243302
x-77-age: 2105
x-cache-lb: HIT
last-modified: Tue, 20 Sep 2022 08:33:09 GMT
server: CDN77-Turbo
etag: W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray: 9083393001cb0e96d9a15765f4377c04
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1663662789715573
content-type: application/javascript
x-goog-hash: crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control: public, max-age=3600
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 1741
expires: Tue, 24 Oct 2023 11:32:12 GMT

GET
H2 200 ksNueAhJvrDj7158OcT4.js Show response
tags.creativecdn.com/ 4 KB
2 KB 227ms
42ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/ksNueAhJvrDj7158OcT4.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: gzip
x-age-lb: 2593
x-guploader-uploadid: ABPtcPodqLSubwUpuffi7Os55KOiFSdFMImXWTwEMO6ZV8JDxELQZhbxkQgtSleR-uDT5uP3HXsz9-x323Jj0Cl4419LDQp3uCSK
x-77-cache: HIT
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
x-accel-date: 1700239288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt: AcO1rw43Nzf/IQoAAA
x-accel-expires: @1700242824
x-77-age: 2593
x-cache-lb: HIT
last-modified: Tue, 06 Dec 2022 20:34:16 GMT
server: CDN77-Turbo
etag: W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray: 9083393001cb0e96d9a15765e55a8a04
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1670358856157380
content-type: application/javascript
x-goog-hash: crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control: public, max-age=3600
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 1741
expires: Tue, 24 Oct 2023 12:32:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 228ms
46ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Nov 2023 17:24:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: FiPJ3GU+D/82jC11YUFw7J7a5eNuye8AqPE4KD2dffT0uuqT9RGCuJ+oRMylBHUibHKIM/IC5W1AbVJes+ZMKQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
cdn-public.liftoffintl.io/app2web-sdk/ 7 KB
7 KB 204ms
41ms Script
application/javascript 2600:9000:211e:b800:16:8db5:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-public.liftoffintl.io/app2web-sdk/sdk.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:b800:16:8db5:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a787de9412f9fbd82b31a6e246d06680d9fe3e2f64d76f42f068ac545cc68d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: VQKipXp9vtpfFsLz42vm4.0tfuR4NihW
date: Fri, 17 Nov 2023 05:47:25 GMT
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
last-modified: Tue, 17 Jan 2023 22:49:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 41837
x-amz-server-side-encryption: AES256
etag: "c7c125b29df345fe0d2a948916501435"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 7075
x-amz-cf-id: ExBkB0oR4oQKH7SmDTcP-Tyjfqn083kfH7A3wjP-Hp6spnGnyeudHA==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 146ms
49ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=47286

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TNX8FDS&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3a17f5b59cdad45ec376cfc6056b685dff3409a7aae130d92e6419e9fc2b4b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ping.min.js Show response
pixel.byspotify.com/ 32 KB
7 KB 146ms
41ms Script
application/javascript 34.117.162.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.byspotify.com/ping.min.js
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.162.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 20c0114a672ac0b5b31a1c0100543a2306bf389816ab20774b66e8f7b30fb60c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:54:57 GMT
content-encoding: gzip
via: 1.1 google
age: 1784
x-guploader-uploadid: ABPtcPrBy55o0xreeGCeFR4ZFN8g480iwqyrAIcqa3dRT0NTCfP6oejEOoxp36H2FRRUv6wCEg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6158
last-modified: Wed, 11 Oct 2023 19:00:35 GMT
server: UploadServer
etag: "13069f74108a788c598831c3a4ff2cdf"
vary: Accept-Encoding
x-goog-generation: 1697050835633914
x-goog-hash: crc32c=We0+rw==, md5=EwafdBCKeIxZiDHDpP8s3w==
content-type: application/javascript;
cache-control: public, max-age=3600
x-goog-stored-content-length: 6158
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:54:57 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-50C013M2CC&gtm=45je3b81v872586341&_p=1700241879986&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1986320353.1700241880&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700241880&sct=1&seg=0&dl=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&dt=An%C3%BAncios%20em%20Minas%20Gerais&tfd=2990
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50C013M2CC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.olx.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 58A9 15 KB
6 KB 144ms
46ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.olx.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:41 GMT
server: Kestrel
server-processing-duration-in-ticks: 401890
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sha256.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 5 KB
2 KB 48ms
47ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/sha256.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-546N2JV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8074f23cbd27aa6c2f231b8bdad34bbd8d49c7e47ffa0d7cd07a2c4d1d3c798

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 750618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1428
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61182885-594"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sZzM3AZtoJNk%2FAkqjYB6R5c0vJHTMWRr89fAWEU9ApT3woadAV2mVij5O1af7%2BA%2Bm7Iapnf9B3T98Sa8CnO%2FilC4LKgB2NclmSlkqTYUqGAmO%2BD2XIUOm4vnlfdLootaiPBhu%2FaRrKPHWIxbrefkjKc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8279ab2bff623685-FRA
expires: Wed, 06 Nov 2024 17:24:40 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
477 B 197ms
179ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=83482&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4acf27f22f34bb32264b38f2bc226b856919f8c837bbc0a1ff5043294c10341d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 8279ab2d5c479061-FRA
expires: Fri, 17 Nov 2023 18:24:41 GMT

OPTIONS
H2 200 v2
us.creativecdn.com/tags/ Frame 0
0 406ms
127ms Preflight 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.olx.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.olx.com.br
access-control-max-age: 3600
content-length: 0
date: Fri, 17 Nov 2023 17:24:41 GMT
vary: Origin

POST
H2

200

v2 Show response
us.creativecdn.com/tags/
Redirect Chain

https://us.creativecdn.com/tags/v2?type=json
https://us.creativecdn.com/tags/v2?type=json&tc=1

453 B
835 B

131ms
131ms

Fetch
application/json

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json&tc=1
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: 408ee36974b3e3a96e66c27f06e1168525cfa88f4893f360fc4c8c2a6ac8af3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/estado-mg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:42 GMT, Fri, 17 Nov 2023 17:24:42 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-max-age: 3600
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.olx.com.br
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 338
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 17:24:41 GMT
vary: Origin
access-control-max-age: 3600
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: https://www.olx.com.br
access-control-allow-methods: GET, POST
location: https://us.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 10189502.json Show response
s.yimg.com/wi/config/ 2 B
448 B 126ms
44ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10189502.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:23:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: S1J8AQZ54DEDZH7V
age: 60
content-length: 2
x-amz-id-2: sRnrpyOzi9Jv7JOb72gKYd40oVUdW+AL6FUZCaRmwNWeddIQIq7H1RHa7rbCg6NcIpP0KEC8nbE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 48ms
45ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=319709823&t=pageview&_s=1&dl=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&ul=en-us&de=UTF-8&dt=An%C3%BAncios%20em%20Minas%20Gerais&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=683014565&gjid=552569142&cid=1986320353.1700241880&tid=UA-70177409-2&_gid=1739484175.1700241881&_r=1&_slc=1&gtm=45He3b81n81TNX8FDSv892095748&cg1=listing&cd52=1986320353.1700241880&cd56=listing&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=284135500

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.olx.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iat-realtime-7.0.11-ws.js Show response
cdn.insurads.com/ 64 KB
16 KB 46ms
42ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/iat-realtime-7.0.11-ws.js
Requested by: Host: services.insurads.com
URL: https://services.insurads.com/init?appId=C89SDYUY&h=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&tcfc=1&t=1700241880699
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: c2b126f8cf108b0b24da09947ec0f6ae3d55df120a87e1dd9ab6527fee53fe55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: gzip
cdn-edgestorageid: 1081
x-amz-request-id: XVY63RPQKTKV1SE5
x-amz-server-side-encryption: AES256
cdn-cachedat: 10/31/2023 18:07:11
cdn-pullzone: 55316
x-amz-id-2: OxSGwyV44A+UPoEv0j8nNL559Iq2zLjsX/92R3MyIkAZOVf/S1W6zOzKRs0lP9OafSx5FUrd8OY=
last-modified: Tue, 19 Sep 2023 08:22:46 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "75857c4fac071c7c848bbe0f76263cf8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=2592000
cdn-requestid: 086129ee2b87ec0aa05097759a4e187c
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 iat-1.14.21b.js Show response
cdn.insurads.com/ 111 KB
31 KB 63ms
60ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/iat-1.14.21b.js
Requested by: Host: services.insurads.com
URL: https://services.insurads.com/init?appId=C89SDYUY&h=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&tcfc=1&t=1700241880699
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 7fd9a8a8925e61a98a80214ba14b5daccc0c5b0759cb090674d6a9cbd0622b1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: gzip
cdn-edgestorageid: 1080
x-amz-request-id: 1M625MTWYJVVTFSA
x-amz-server-side-encryption: AES256
cdn-cachedat: 11/16/2023 14:35:33
cdn-pullzone: 55316
x-amz-id-2: YK2VTV3z6E03VGtyGJrH4sa520z1LaLKeFwdPjV6fWmxEKxJwAPyHATTc2GsSX6xUGT0TkWHXtA=
last-modified: Thu, 16 Nov 2023 14:34:30 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "c831539692ac529cdb5f6e3fa07d11fe"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=2592000
cdn-requestid: 3a787d7d0947a5d2e7c9bd329a82b6e4
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 initcb Show response
services.insurads.com/ 138 B
445 B 125ms
124ms Script
application/javascript 52.205.52.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/initcb?v=1.0.12&appId=1984&vId=6899F05E2FB2D822&s=2360&fpc=1&nv=1&h=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&tcfc=1&lts=0&ts=1700241881217&iatId=75740ad30ede67d312e8bb4d7fdcd431&iatIdB=76b8632ce2d469b285f776f5dccc72a0&iatIdM=11111111&iatIdV=1.0&lIatId=0&lIatIdB=0&lIatIdM=0&lIatIdV=0&lch=JBUEIZEBOM
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/C89SDYUY.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.52.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-52-6.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b2be998af7bc5c3d0c2404d79aac315f7827ad228c20a2e282e5088b5d05d09a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 51ms
49ms XHR
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-70177409-2&cid=1986320353.1700241880&jid=683014565&gjid=552569142&_gid=1739484175.1700241881&_u=YADAAEAAAAAAACAAI~&z=1929386998

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 Nov 2023 17:24:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.olx.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 58A9
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=olx.com.br&sn=ChromeSyncframe&so=0&topUrl=www.olx.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=nuhrOXxZK2FXd3ByTE1vR1RrU3BZeHJtUVRuSjdjejY1cjlWQmdibFc0L2grd212SVJEK28zZzM4c3RPWDZlNThHeGxWODl4S3VncVBPVnZTQjlLN3dzMXRJZUtjMmNWVnNWSzNFQllPb2RnR1ZlRkdhYlV2SnVYaHpXT0...

438 B
654 B

77ms
49ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=nuhrOXxZK2FXd3ByTE1vR1RrU3BZeHJtUVRuSjdjejY1cjlWQmdibFc0L2grd212SVJEK28zZzM4c3RPWDZlNThHeGxWODl4S3VncVBPVnZTQjlLN3dzMXRJZUtjMmNWVnNWSzNFQllPb2RnR1ZlRkdhYlV2SnVYaHpXT0tJanBLNXVBZlhRcTRhSzkrR1VFSVphcUFTNXdWUmhGbjNTK0tMamo0TWlBN0w1ZzMzK3p1ZHZGdFhBNXk2eThaYnFZMmU4VzA4NlNVTlV5MTVscmM5L0NYajFuU2wrVmphdGc3N0J4V2IxVm85T3owc2FmODA5ZWpaUWZyUHBIUEl1MWxkbmFrSE1zMG5ocGxZWFdnbks5a1ZnYmZwQT09fA&cppv=2

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9ad5cf8c3b001a0e633f91c4d19bdf6e8ba1e30df229dbbf0ec8848e498cd5e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2662932
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=nuhrOXxZK2FXd3ByTE1vR1RrU3BZeHJtUVRuSjdjejY1cjlWQmdibFc0L2grd212SVJEK28zZzM4c3RPWDZlNThHeGxWODl4S3VncVBPVnZTQjlLN3dzMXRJZUtjMmNWVnNWSzNFQllPb2RnR1ZlRkdhYlV2SnVYaHpXT0tJanBLNXVBZlhRcTRhSzkrR1VFSVphcUFTNXdWUmhGbjNTK0tMamo0TWlBN0w1ZzMzK3p1ZHZGdFhBNXk2eThaYnFZMmU4VzA4NlNVTlV5MTVscmM5L0NYajFuU2wrVmphdGc3N0J4V2IxVm85T3owc2FmODA5ZWpaUWZyUHBIUEl1MWxkbmFrSE1zMG5ocGxZWFdnbks5a1ZnYmZwQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 269917
content-length: 0
expires: 0

GET
H2 200 824100678149653 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 48ms
46ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/824100678149653?v=2.9.138&r=stable&domain=www.olx.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90bc1b3105b4e8b9173267a7d8cc207e8660b6046bdbe1c9f70435e042f7c4a6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Nov 2023 17:24:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35403
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: N14kDxHNi0STGlme9nbk2FwYmq5o9XNDOSVBKsftSiBNvIVsqrFlWc6Fv4xispunXTl99Nzav0R4OQEdsQleyQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 45ms
44ms Script
application/javascript 23.53.43.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL4LE3C77UEUGLEBCA0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: 11503006
date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090731376EB14F68E34DA9E86159
vary: Accept-Encoding
x-cache: TCP_HIT from a23-53-43-93.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01344ffb0bd32d160fe2acaed6ffe8849031d088a1c2091fab6432c5b3492ced40792f70a5537926c4a0c71e7f496c34b9d8fec4c738a71f17b2805024156eeef335756ab4973a19dc0e849453c745dc8c63fbc8aa9b1ecf17fb908b4c8cbc45b2
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=18
content-length: 108282

GET
H2 200 worker-new.html Show response
olxbrclassificados.api.useinsider.com/ Frame 9DCF 10 KB
3 KB 61ms
60ms Document
text/html 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://olxbrclassificados.api.useinsider.com/worker-new.html
Requested by: Host: olxbrclassificados.api.useinsider.com
URL: https://olxbrclassificados.api.useinsider.com/ins.js?id=10007563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c3d3f8f234c097ceffd6fa4f04eb721a627e0149d07e68125f318b1be1bb841

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 3295
cache-control: public, max-age=1209600
cf-cache-status: HIT
cf-ray: 8279ab2e4c8618db-FRA
content-encoding: br
content-type: text/html
date: Fri, 17 Nov 2023 17:24:41 GMT
expires: Fri, 01 Dec 2023 17:24:41 GMT
last-modified: Fri, 17 Nov 2023 07:44:32 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 198ms
61ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2017%20Nov%202023%2017%3A24%3A41%20GMT&n=-1&b=An%C3%BAncios%20em%20Minas%20Gerais&.yp=10189502&f=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&enc=UTF-8&yv=1.15.1&auid=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&tagmgr=gtm

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Nov 2023 17:24:41 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 172ms
79ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-70177409-2&cid=1986320353.1700241880&jid=683014565&_u=YADAAEAAAAAAACAAI~&z=616821486

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 78ms
76ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-70177409-2&cid=1986320353.1700241880&jid=683014565&_u=YADAAEAAAAAAACAAI~&z=616821486

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 51ms
50ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=3959

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TNX8FDS&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

df9bd97e327ee17311bd56f2f4c760c2a9800632c55cc3ab5721a3ec91c6c55a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 401 me Show response
apigw.olx.com.br/v3/ 2 KB
2 KB 164ms
164ms XHR
text/html 104.18.13.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apigw.olx.com.br/v3/me
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.210 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88ecf19de4301a87f150682faff638a5f48fb8c4ef280fcfbe62aa2fa9a47fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.olx.com.br
access-control-allow-credentials: true
cf-ray: 8279ab2e9c903494-WAW

POST
H2 200 / Show response
evnt.byspotify.com/ 2 B
97 B 178ms
167ms Fetch
application/json 34.111.186.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://evnt.byspotify.com/
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.186.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.186.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json
Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
via: 1.1 google
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Accept
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 /
evnt.byspotify.com/ Frame 0
0 262ms
153ms Preflight 34.111.186.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://evnt.byspotify.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.186.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.186.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.olx.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.olx.com.br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 17 Nov 2023 17:24:41 GMT
via: 1.1 google

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 362C 15 KB
6 KB 53ms
51ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.olx.com.br&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=47286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:40 GMT
server: Kestrel
server-processing-duration-in-ticks: 887865
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 events Show response
analytics.liftoff.io/pixel/v1/092db8465b/ 0
43 B 391ms
116ms XHR
text/plain 2600:1f18:6494:7800:c8c:9279:d9ef:e8fe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.liftoff.io/pixel/v1/092db8465b/events?event_name=page_view&lo_uid=1700241881404-piuc5bgzzzd&sdk_version=1.0&lo_ec=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:6494:7800:c8c:9279:d9ef:e8fe Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 17:24:41 GMT
content-length: 0

GET
H2 200 dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b81v89209574... Show response
adservice.google.com/ddm/fls/i/ Frame 0A17 649 B
727 B 207ms
78ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b81v892095748;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.olx.com.br%2Festado-mg

Requested by

Host: 13034979.fls.doubleclick.net
URL: https://13034979.fls.doubleclick.net/activityi;dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b81v892095748;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.olx.com.br%2Festado-mg?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f45546844d1d0962a476ec995925e4f8de0a5441c2ead745c439667715ef47f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://13034979.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 592658194155317 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 198ms
194ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/592658194155317?v=2.9.138&r=stable&domain=www.olx.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5275d2584d8af32ceb5b4c4f2be8a375edf79fd19f22844c3d3dbfd9dd3744a8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Nov 2023 17:24:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Ic2k7tIEBbVcM5rRx7PtJFjt9b/RvOvWwR8tfdvsmUgmbtjET0p25RWfUApWyjCE3TRELYmw6riuXlkOy1Hj9Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 178ms
169ms Script
application/x-javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=13a7cc8c4d62e9b554fec5d9cf10%7C0&acc=83482&tit=An%25FAncios%2520em%2520Minas%2520Gerais&url=https%253A%2F%2Fwww.olx.com.br%2Festado-mg&upd=1&new=1&h1=An%25FAncios%2520em%2520Minas%2520Gerais
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8279ab2f2eaa9061-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=84419578957
https://sync2.navdmp.com/sync?prtid=2&id=84419578957&google_gid=CAESEMpQ4CpFNSn--3pC1XJohZE&google_cver=1

6 B
57 B

202ms
174ms

Script
application/javascript

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=84419578957&google_gid=CAESEMpQ4CpFNSn--3pC1XJohZE&google_cver=1
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8279ab30f8c99061-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=84419578957&google_gid=CAESEMpQ4CpFNSn--3pC1XJohZE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/sync/ 43 B
418 B 181ms
56ms Image
image/gif 23.32.184.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-198.deploy.static.akamaitechnologies.com
Software: MT3 1075 283b7e3 master zrh zrh-pixel-x31 config_version:"1369" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 17:24:41 GMT
Server: MT3 1075 283b7e3 master zrh zrh-pixel-x31 config_version:"1369"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Fri, 17 Nov 2023 17:24:40 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

0
87 B

77ms
46ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date: Fri, 17 Nov 2023 17:24:41 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.87
content-length: 344
content-language: en

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 48ms
47ms Script
application/javascript 23.53.43.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: 115030c8
date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073151111B4CD2494DDFE40889
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-53-43-93.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0131c97ea717a60ce12e0afbc3a7bdfd84e0febdc4bbf76925d5d2e827ddf526efbe7d128163601627f3d755fceb63a69555dbc2469a99b3d480a2de5af23bb3288cf2446109049910b8b4a19bd31df3c04b28d8d95a3e382fba269ba19f633569
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=1
content-length: 36049

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
906 B 283ms
137ms Ping
text/plain 2.19.126.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 78012c2f.2cfaa2e4
date: Fri, 17 Nov 2023 17:24:41 GMT
x-bytefaas-request-id: 20231117172441E468BC12B2665697A3C4
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-121-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time: 96,2.16.121.74
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231117172441E468BC12B2665697A3C4
x-cache-remote: TCP_MISS from a23-218-219-15.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.32
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01bebdcd0d5642d80e2bac0bb2240c851fdfa57804398e9c9bc40809491438669a63249d4a3e16b6ca3cb1bc28dee273f1e3af858f4d1a910bc030dabf6be009f0c8ce7eddb115f6de86209c5979f15a0a24f30ddc3edbb0944d026e3c9e2d7d5cf97290d0e76b0a1eb99f899e2fdced44
x-origin-response-time: 9,23.218.219.15
access-control-allow-headers: *
expires: Fri, 17 Nov 2023 17:24:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
791 B 168ms
168ms Ping
text/plain 23.53.43.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 43625614.1150312b
date: Fri, 17 Nov 2023 17:24:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-93.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 118,23.53.43.93
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=35, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231117172441855145D2E370A5A7A931
x-cache-remote: TCP_MISS from a23-218-220-142.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 35,23.218.220.142
x-tt-trace-host: 01bbb14ff5615a00adc7e08e5a85701af2e2ae07d5ad0331d17dfd314734ba8b851699ef540e7b981bfc980f01931602bd5a3d0f688f48efa8caea3d8bbfdb618865b4bd596673c611791f90e7c7bde8488ce6156c48d8b8cfe9d906fc742c24cd97ed58aef8247accec3658e7faca42ac
access-control-allow-headers: Authorization,*
expires: Fri, 17 Nov 2023 17:24:41 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 64DA 0
167 B 183ms
52ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 17 Nov 2023 17:24:41 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sid Show response
mug.criteo.com/ Frame 362C
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=olx.com.br&sn=ChromeSyncframe&so=0&topUrl=www.olx.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=YcHYtXwvUk1pWXg5OVk3anl3bUpCcWhxZ2hTMmI4eGxXL1puWm9NMmtBcnU3ai9DaS9yNzc0ZURyNWVkRHRVRnN3WWpNRkxRdmtSZWoxaGdUMkJIOG4vWHlpZzRWZDVFd3d6OGlZbFVjdnVOem1jRjRGTzFHaUZwZUdRUm...

431 B
652 B

48ms
48ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YcHYtXwvUk1pWXg5OVk3anl3bUpCcWhxZ2hTMmI4eGxXL1puWm9NMmtBcnU3ai9DaS9yNzc0ZURyNWVkRHRVRnN3WWpNRkxRdmtSZWoxaGdUMkJIOG4vWHlpZzRWZDVFd3d6OGlZbFVjdnVOem1jRjRGTzFHaUZwZUdRUmd6QTNFcmZUZnZGMXFxSWRBMnBMZEY1VXpLa2sxLzhBeDJsUUVkZHJrNUQyaURqcEJIWkFOR3J0MWpRVjRPT2N3a2VPcUNocm5sU0Jua2psNUZpNCtKbDU3aERpYm5wWHFPS2tUTjFOUnlJZFhTdnhqOGpkTHVPekhYZk1FTXQrNTlRcWxaTitpNmFSM3YzV3ZnTFRiSDdObDA3QU9IUT09fA&cppv=2

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6115b469f14c5dfa197d2be8b75f38d8f388920cb144378d85d87089365e3c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1019480
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=YcHYtXwvUk1pWXg5OVk3anl3bUpCcWhxZ2hTMmI4eGxXL1puWm9NMmtBcnU3ai9DaS9yNzc0ZURyNWVkRHRVRnN3WWpNRkxRdmtSZWoxaGdUMkJIOG4vWHlpZzRWZDVFd3d6OGlZbFVjdnVOem1jRjRGTzFHaUZwZUdRUmd6QTNFcmZUZnZGMXFxSWRBMnBMZEY1VXpLa2sxLzhBeDJsUUVkZHJrNUQyaURqcEJIWkFOR3J0MWpRVjRPT2N3a2VPcUNocm5sU0Jua2psNUZpNCtKbDU3aERpYm5wWHFPS2tUTjFOUnlJZFhTdnhqOGpkTHVPekhYZk1FTXQrNTlRcWxaTitpNmFSM3YzV3ZnTFRiSDdObDA3QU9IUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 291818
content-length: 0
expires: 0

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
789 B 173ms
173ms Ping
text/plain 23.53.43.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d62f28f.1150315e
date: Fri, 17 Nov 2023 17:24:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-93.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 123,23.53.43.93
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=38, inner; dur=35
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023111717244198C398358D278E0D9048
x-cache-remote: TCP_MISS from a23-48-100-68.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,23.48.100.68
x-tt-trace-host: 01bbb14ff5615a00adc7e08e5a85701af2feff9be1a182f36f5335625877bdd343302cce5d4e06b4770831e1d9c51d15882e7e8bb9a03d4bfdc7d93ebe812f717e8dd7b5d74d195be8f5cd73fd65a2f3ccef50b18f1e539103567112b7d97300f0da216786d120b6543a69e388a5a80720
access-control-allow-headers: Authorization,*
expires: Fri, 17 Nov 2023 17:24:41 GMT

GET
H2 200 / Show response
typhoon.useinsider.com/ 597 B
499 B 200ms
104ms XHR
text/plain 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://typhoon.useinsider.com/?
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbbb73a9a5340753ac4f61b88004dcd30bb83d4cac63135b127fb38651a530f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8279ab30acd63826-FRA
content-type: text/plain; charset=utf-8

GET
H2 200 1700241881610491204230e.d4dae775 Show response
segment.api.useinsider.com/v4/segments/ 927 B
774 B 200ms
90ms XHR
application/json 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.api.useinsider.com/v4/segments/1700241881610491204230e.d4dae775?partnerid=10007563&fields=f9d5ccb0e1e321b4f205e786027578b8,2612e8457db82f1cf7fa6af3de9d5ba0,223e10f4d81e5d3fb2734be5cf6eda01&
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13c0c8db1f42b94b1e5f90ccf0510b034bd9c8c415f821760f46bedc5e945702

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 8279ab30e8763730-FRA

GET
H2 200 / Show response
locationv2.api.useinsider.com/ 241 B
506 B 181ms
77ms XHR
application/json 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://locationv2.api.useinsider.com/?v=2&pId=10007563&
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbf7d81a6bdc6c8e73b84a1d39645907286a66ac8c343737142eae5a0ba9bf23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 8279ab312c413a6d-FRA

GET
H2 200 dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b81v89209574... Show response
adservice.google.de/ddm/fls/i/ Frame 516A 194 B
515 B 198ms
79ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b81v892095748;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.olx.com.br%2Festado-mg

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CP-X8srGy4IDFYHkOwIdJwUEPg;src=13034979;type=olxpg0;cat=pgvall;ord=3069892463233;auiddc=714919832.1700241881;u1=listing;u2=https%3A%2F%2Fwww.olx.com.br%2Festado-mg;u4=0;gtm=45He3b81v892095748;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.olx.com.br%2Festado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:41 GMT
expires: Fri, 17 Nov 2023 17:24:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 823257647881358 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 188ms
188ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/823257647881358?v=2.9.138&r=stable&domain=www.olx.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e622464ec261f7fa7ece329e25abb843f026cfcf9c9d3c2503ca9bb981e7facd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Nov 2023 17:24:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: lsJqkEXFBJTfHRLlnvhGcwl0IoaDnYhV5KVdB9XAvxmSrDU7Qc/XkWHHpN4ZOM4s63qe/CsSiPAC6bfPIdRfuQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
792 B 247ms
246ms Ping
text/plain 23.53.43.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6cdfa66.1150321c
date: Fri, 17 Nov 2023 17:24:42 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-93.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 195,23.53.43.93
server-timing: cdn-cache; desc=MISS, edge; dur=126, origin; dur=79, inner; dur=70
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231117172441AE3EBEF88F1F720C60A7
x-cache-remote: TCP_MISS from a23-218-220-137.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 79,23.218.220.137
x-tt-trace-host: 01bbb14ff5615a00adc7e08e5a85701af2e2ae07d5ad0331d17dfd314734ba8b85c451b5a04fdf34881c4200dab49da89704e40964f110f1d27d252d586d9f3ca904fd1ba2bc1688d99bd155746b7e8c77b7a7f5db7dd0528c3d308f030bba51ce531a3445a382cd0f8f52abbab1f2c6a2
access-control-allow-headers: Authorization,*
expires: Fri, 17 Nov 2023 17:24:42 GMT

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
327 B 89ms
79ms XHR
text/plain 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Nov 2023 17:24:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 37cbe62c-a429-4f2c-96f2-8e5d4f8a280a
cf-ray: 8279ab31c9693730-FRA
content-length: 16

OPTIONS
H2 200 v2
us.creativecdn.com/tags/ Frame 0
0 127ms
127ms Preflight 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.olx.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.olx.com.br
access-control-max-age: 3600
content-length: 0
date: Fri, 17 Nov 2023 17:24:41 GMT
vary: Origin

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 123ms
41ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=824100678149653&ev=PageView&dl=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&rl=&if=false&ts=1700241881977&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1700241881976.2058423828&ler=empty&it=1700241881266&coo=false&rqm=GET

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 Nov 2023 17:24:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 123ms
41ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=592658194155317&ev=PageView&dl=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&rl=&if=false&ts=1700241881979&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1700241881976.2058423828&ler=empty&it=1700241881266&coo=false&rqm=GET

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 Nov 2023 17:24:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 123ms
42ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=823257647881358&ev=PageView&dl=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&rl=&if=false&ts=1700241881980&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1700241881976.2058423828&ler=empty&it=1700241881266&coo=false&rqm=GET

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 Nov 2023 17:24:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 202 track Show response
lurker.olx.com.br/ 0
245 B 118ms
118ms Fetch
text/html 34.200.105.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lurker.olx.com.br/track?defaultEvent=true
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.200.105.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-105-41.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/estado-mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.olx.com.br
date: Fri, 17 Nov 2023 17:24:42 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/html;charset=utf-8

GET
H2 200 ad Show response
services.insurads.com/ Frame 1242 493 B
544 B 125ms
125ms Script
application/javascript 52.205.52.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/ad?auid=783361&appId=1984&s=2360&dm=1&is=0&csz=%5B%5D&sz=%5B%5D&ct=%7B%7D&h=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&sid=6899F05E2FB2D822&v=1.14.21b&ts=1700241882159
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.21b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.52.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-52-6.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 50dad5c959e8638b572b58fedeb9dcf2f461cf1848d40c5b0d175aa6a7311cda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:42 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ig-membership Show response
us.creativecdn.com/ Frame DE1C 1 KB
659 B 131ms
131ms Document
text/html 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/ig-membership?ntk=Ap9gcVfLhau7Z7L1LJRjlH_8KFILWnu-SGpLFqO7Y9bz0_y4mx-vnifynfvsXUVJDat3nes-5thKenVvQgmkJXFzG0Io5K6mGLK90K_4Ub4
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/wBiML0Lv0cEh18cEd5DU.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: c151b52d412461fc03fb9901c6b5c2e1f457e1ee33286e18a2b0d0438d411193

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 471
content-type: text/html;charset=utf-8
date: Fri, 17 Nov 2023 17:24:42 GMT Fri, 17 Nov 2023 17:24:42 GMT
expires: Sat, 18 Nov 2023 17:24:42 GMT
vary: Accept-Encoding

GET
H2 200 topics-membership Show response
us.creativecdn.com/ Frame 2C4E 943 B
654 B 131ms
130ms Document
text/html 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/topics-membership?ntk=5hpOI7jg1RaekIrQ5rP6NbM5OECvaigf-xt9YqfEmGdUf2amJaUtToHexMi_YhRXce3s_V_iWm6zxpca2IvMDA
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/wBiML0Lv0cEh18cEd5DU.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: 84c73324842a7de1e47b8d41cc1edc9d8a7afb1f2ba05a412f22a338a7bec456

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 466
content-type: text/html;charset=utf-8
date: Fri, 17 Nov 2023 17:24:42 GMT Fri, 17 Nov 2023 17:24:42 GMT
expires: Sat, 18 Nov 2023 17:24:42 GMT
vary: Accept-Encoding

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/setuid?entity=315&code=iXtDZTGKJqjau9FUugqMoVp07OmFRZ8hsc2pJtud39M
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3DiXtDZTGKJqjau9FUugqMoVp07OmFRZ8hsc2pJtud39M

43 B
904 B

45ms
45ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3DiXtDZTGKJqjau9FUugqMoVp07OmFRZ8hsc2pJtud39M

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:42 GMT
an-x-request-uuid: 853eac71-18af-4c7d-a008-5384bc779d07
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.109; 80.255.7.109; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:42 GMT
an-x-request-uuid: 24359950-4d3e-4ce3-be02-76fc19bbfcab
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3DiXtDZTGKJqjau9FUugqMoVp07OmFRZ8hsc2pJtud39M
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.109; 80.255.7.109; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 14702.js Show response
micro.rubiconproject.com/prebid/dynamic/ 394 KB
122 KB 155ms
50ms Script
text/javascript 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/14702.js?DM_env=web
Requested by: Host: static.olx.com.br
URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/main-8e21920bfa8fe738.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash: f8d0a8fc53a7a934014287ec8775245c473a9794fe517219f9cfa16458372468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:42 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary: Accept-Encoding
edge-cache-tag: prod-prebid-14702_OLX_Web.js
content-type: text/javascript;charset=UTF-8
cache-control: public, must-revalidate, max-age=14400
content-length: 124802
expires: Sat, 18 Nov 2023 06:31:11 GMT

GET
H2 200 detect-adblocker.js Show response
pub.olx.com.br/ 2 KB
1 KB 42ms
40ms Script
text/javascript 65.9.66.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.olx.com.br/detect-adblocker.js
Requested by: Host: static.olx.com.br
URL: https://static.olx.com.br/cd/vi/js/listing-next/_next/static/chunks/main-8e21920bfa8fe738.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ba02bb2f068a5fc02144e564a107bf68f88b1d8aaa29f05ca9d903b9de98dc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: QCYfD4KBHa5m2BKMyEA1aovxsN72UpBI
content-encoding: br
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 06:56:19 GMT
last-modified: Wed, 08 Nov 2023 13:16:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 37820
x-amz-server-side-encryption: AES256
etag: W/"bd9b0d246cb382acb20815366bca90c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: KAg5FKjkWpYsKOE4nzwlZuQXge7TH0nFEZTYQYMY-h-cbu5Z2aDD9A==

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 248ms
57ms Script
application/javascript 2a02:26f0:780::210:a440
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a440 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 17:24:42 GMT
Content-Encoding: gzip
x-amz-request-id: YNGC7PCXVN28Z00Q
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 11792
x-amz-id-2: vrDln2XCGOFSFkLE6Ln17Y/P092c846kqJOj1nLZLa1T5AvAIx9Wt+4jaFyZJcu85WAzx+0b3iU=
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
ETag: "5a676288bcea03bd05e483bc4ce066ae"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2552
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Fri, 17 Nov 2023 18:07:14 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/ 478 KB
145 KB 143ms
43ms Script
application/javascript 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/pwt.js?sid=5XDTIES2
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.21b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e450109b1306817cb914db65e6781e931fa5f820efd06c14faaa37a77e53d4ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:42 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 12:43:05 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=59812
accept-ranges: bytes
content-length: 147591
expires: Sat, 18 Nov 2023 10:01:34 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 82ms
82ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&pid=AMC3GmbLP30xa&cb=1&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22gpt_unit_%2F22954957514%2C73314699%2Folxbrasil%2FIAT_0%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F22954957514%2C73314699%2Folxbrasil%2FIAT%22%7D%5D&pubid=12f22e07-5e35-42ce-af8a-327c465973dd&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: K7Q8AXK1QYXX7GRBGH9J
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.olx.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: P2bSfWM4ra8dF619PAXxQkbTbCodqPqlFt6UeZ6VAod92xrQEuZfGA==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 157ms
48ms Fetch
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231117

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4df58cee20a9a69513c308801405c294e57e222ddfef71dedaf9a99da600ee43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 17 Nov 2023 17:24:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5033
x-jsd-version: 1.0.1877
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230068-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"641-1YKVPSNSxEtps6XrkJSRmQ2Gkf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3FYTbf7puEmhjrK4vjDpPiGdt2tqo6NiV2XKrrAbHwBCqi%2BQbQVTP8kvoTy3hJ3A5xqRio4pbtbdfufESRtmQh5oCvRCXHyY16sas%2BhrFwA8RInRAKKhdtJbXVp3uhzyJjKohyEg7H5yGpzit8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8279ab364c771cad-FRA

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 160ms
63ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14702.js?DM_env=web
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 17:24:42 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 06 Nov 2023 14:13:09 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 470473
ETag: W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cbh97MPa7XiKYRshMgyyyGnv7MNtw1F4GticAd%2BfY5b4XKXx1KC9K4xVn%2ByeHiWy1NP1CMThzCmBYqidvEPgjgY995MS%2FcryiBZgNOsrqVqjuZu1zKLAJ43XvHp9fzveEvs%2FPBFv5eMtZeMq"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 8279ab364a503a92-FRA

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 53 B
728 B 46ms
45ms Fetch
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:42 GMT
an-x-request-uuid: 8ce001f3-6f9b-46be-bd73-57b844b48017
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.olx.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.109; 80.255.7.109; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 53
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
397 B 497ms
390ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:42 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.olx.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8279ab36880fbb49-FRA
expires: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
381 B 244ms
85ms Fetch
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:42 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.olx.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 17 Nov 2023 17:24:42 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
556 B 497ms
159ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 , France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.olx.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
561 B 483ms
144ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 , France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.olx.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
556 B 628ms
291ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 , France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.olx.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
336 B 387ms
50ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 , France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:42 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.olx.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
336 B 388ms
51ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 , France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:41 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.olx.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
561 B 628ms
240ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 , France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:43 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.olx.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
336 B 437ms
51ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 , France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:42 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.olx.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
556 B 535ms
199ms Fetch
application/json 5.196.111.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.64 , France, ASN16276 (OVH, FR),
Reverse DNS: ip64.ip-5-196-111.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.olx.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
400 B 367ms
265ms Fetch
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 17 Nov 2023 17:24:42 GMT
via: 1.1 google
server: openresty
etag: W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.olx.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 173 B
464 B 178ms
43ms Fetch
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 1aa481fcf0ef1f8e041a650289f55d90fa7aae9865283c7ce0a565e502cc2fcc

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.3.0
Content-Type: application/json
access-control-allow-origin: https://www.olx.com.br
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 25 KB
11 KB 493ms
346ms Fetch
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14702&site_id=415114&zone_id=2340486&size_id=2%3B15%3B15%3B2%3B2%3B2&alt_size_ids=%3B10%3B10%3B%3B%3B&eid_pubcid.org=444bbd01-dd58-4239-b1cf-ab5adcfb2703%5E1&rf=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&kw=An%C3%BAnciosMinasGerais%2Colx&tg_i.domain=olx.com.br&tg_i.page=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&tg_i.aupname=%2F73314699%2FOLX%2F.*%26listing-bottom-pub%3B%2F73314699%2FOLX%2F.*%26listing-page-right-pub%3B%2F73314699%2FOLX%2F.*%26listing-page-middle-right-pub%3B%2F73314699%2FOLX%2F.*%26listing-native-list-item-1-pub%3B%2F73314699%2FOLX%2F.*%26listing-native-list-item-2-pub%3B%2F73314699%2FOLX%2F.*%26listing-native-list-item-4-pub&tg_i.pbadslot=%2F73314699%2FOLX%2FListing%23listing-bottom-pub%3B%2F73314699%2FOLX%2FListing%23listing-page-right-pub%3B%2F73314699%2FOLX%2FListing%23listing-page-middle-right-pub%3B%2F73314699%2FOLX%2FListing%23listing-native-list-item-1-pub%3B%2F73314699%2FOLX%2FListing%23listing-native-list-item-2-pub%3B%2F73314699%2FOLX%2FListing%23listing-native-list-item-4-pub&tk_flint=dmpbjs_v8.17.0&x_source.tid=e2a73b66-6534-4cb7-aefa-4af66cfff564&l_pb_bid_id=37391dae493c16b%3B381d573a38eeb38%3B399a02677c91c25%3B40ece298d76f0c3%3B41076208e30598%3B4229125385256ce&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=fcca0941-7afd-4a6a-89a4-6ab94b4428e6%3B63fe73ac-7a96-46e5-89f4-f77652b1a52f%3B0d7ccfa4-d7cc-4148-b59c-cade157821bf%3B743b8d82-7991-4f9c-b0e8-68c9f5fdf95f%3B73c2638e-9e16-4939-8759-3bcd22c3a824%3B8f760f2a-de05-4afa-908b-9d1e764b9532&rp_maxbids=1&p_gpid=%2F73314699%2FOLX%2FListing%23listing-bottom-pub%3B%2F73314699%2FOLX%2FListing%23listing-page-right-pub%3B%2F73314699%2FOLX%2FListing%23listing-page-middle-right-pub%3B%2F73314699%2FOLX%2FListing%23listing-native-list-item-1-pub%3B%2F73314699%2FOLX%2FListing%23listing-native-list-item-2-pub%3B%2F73314699%2FOLX%2FListing%23listing-native-list-item-4-pub&p_formats=%3Bvideo%2Cbanner%3Bvideo%2Cbanner%3B%3B%3B&slots=6&rand=0.5543275641250962
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5ba368d78f16e3ba8960a58f0a46dbd281bfa403bbfa617681ada7408c58178d

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:43 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.olx.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 floors.json Show response
ads.pubmatic.com/AdServer/js/pwt/floors/162930/9578/ 18 KB
2 KB 138ms
47ms XHR
application/json 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/floors/162930/9578/floors.json
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0f55067bacb0c69f8c30ec2a6c913cb0e813a90a466a930617568218d98bf1a8

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Nov 2023 17:24:42 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 14:33:40 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: application/json
cache-control: public, max-age=4161
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1636
expires: Fri, 17 Nov 2023 18:34:03 GMT

GET
H2 200 geo Show response
ut.pubmatic.com/ 12 B
93 B 253ms
44ms XHR
application/json 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ut.pubmatic.com/geo?pubid=162930
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 17:24:42 GMT
cache-control: max-age=172800
content-length: 12
content-type: application/json

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 184ms
183ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.21b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f89ad200f51a7703bb594a5cfe8c211c5c4a1efed621019bda507c9941457c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31664
x-xss-protection: 0
server: cafe
etag: 223 / 19678 / 31079657 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:24:42 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 129 KB
45 KB 254ms
50ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b1e8c5e21adb456083ce280f3874f1eca6c45deb9524ecd38175798005d33f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:42 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 17:13:52 GMT
server: cloudflare
age: 0
etag: W/"1fe6f66b5926f62f7f37177741666bd83afba3fe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 8279ab37ff345c9e-FRA

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 77 KB
24 KB 138ms
56ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 17:24:42 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 672686
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 06 Nov 2023 14:13:08 GMT
Server: cloudflare
ETag: W/"ccc354615ffb5b4afd96268bab4a6502"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9J2UVe1teZh4c3k6aSUShu3oD%2FMlWbTEyhG4n%2BCu%2BQi4VDJphdJFltC6QPLKv00QXaRrf3OBuy5mK76grj88aZcShX1cmV7rAW74oNUsVnqsRp%2FMoDhwZ3vj2l8OE8h8RYGpoFRq5sClazm"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 8279ab373ba991e7-FRA

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 226ms
132ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.olx.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 17 Nov 2023 17:24:43 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 129ms
128ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 17:24:43 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 380 KB
93 KB 543ms
542ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4457378105197553&correlator=4186388046193972&eid=31079667%2C31079673%2C31079312%2C31079695%2C31079527&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fifs&iu_parts=73314699%2COLX%2CListing&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C320x50%7C728x90%2C320x50%7C728x90%2C320x50%7C728x90&fluid=0%2C0%2C0%2Cheight%2Cheight%2Cheight&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700241883193&lmt=1700241883&adxs=325%2C1269%2C1269%2C325%2C325%2C325&adys=10718%2C157%2C5510%2C2665%2C5180%2C7146&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C3%7C4%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&vis=1&psz=728x90%7C300x600%7C300x600%7C728x90%7C728x90%7C728x90&msz=728x0%7C300x0%7C300x0%7C728x0%7C728x0%7C728x0&fws=4%2C516%2C516%2C4%2C4%2C4&ohw=729%2C301%2C301%2C729%2C729%2C729&ga_vid=1986320353.1700241880&ga_sid=1700241883&ga_hid=319709823&ga_fc=true&dlt=1700241878896&idt=1648&prev_scp=pos%3Dweb_bottom%26amznbid%3D2%26amznp%3D2%7Cpos%3Dweb_right%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.51%26hb_adid%3D430ede28ebb9e28%26hb_bidder%3Drubicon%7Cpos%3Dweb_right_2%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.50%26hb_adid%3D44a7f4a20a79ebc%26hb_bidder%3Drubicon%7Cpos%3Dweb_native%26amznbid%3D2%26amznp%3D2%7Cpos%3Dweb_native2%26amznbid%3D2%26amznp%3D2%7Cpos%3Dweb_native4%26amznbid%3D2%26amznp%3D2&cust_params=plataforma%3Ddesktop%26pageType%3Dlisting%26uf%3DMG%26search_kw%3D%26bairro%3D%26zona%3Dnull%26state_id%3D2%26ABTest%3Dsanityweb50_control%252Cds-web-vitals_enabled%252Cngage-chat-on-gallery_enabled%252Ctxp-fakedoor-buy-button_optreq%252Cpayg-discount-re-julius_ml-ranges%252Cfee-boost-goods-parcela_enabled%252Cppc-myplan-redirect-lp_enabled%252Cgoods-history-sales_enabled%252Cppf-free-insertion-re_enabled%252Cds-header-navbar_enabled%252Cfree-edtion-goods-parcela_enabled%252Cdelivery-quote-weight-11060_control%252Cdelivery-quote-weight-3040_control%252Ctxp-expanded-delivery-method_control%252Cbilling-history_enabled%252Cpay-now-always_enabled%252Capmkel-filters-fair_switch%252Ctxp-retry-by-id-pay_enabled%252Cadv-remocao-topo_enabled%252Cppf-myplan-new-marketplace-pos_enabled%252Cpayg-discount-julius_ml-c-mab%252Cimo-xp-linkshelf-autocomplete_enabled%252Cngage-chat-miniprofile_enabled%252Cppf-boost-motos_control%252Cngage-adview-miniprofile_enabled%252Cdelivery-methods-modal_enabled%252Cbumpds-bjperformancetrackb_control%252Crec-adv-package_on%252Capmkel-list-item-fair-badge_orange%252Cautospp-notshow-modal-hv-myads_control%252Cppf-edition-re_enabled%252Cchatmod-logged-user-showphonebody_enabled%252Cautos-aqui-mileage_control%252Cadsxp-adviewlinks-bjQTZ-3020_enabled%252Ccontentmod-gallery-tip_control%252Cimo-xp-adview-modules_priceInfoAtTop%252Cacc-split-login-v2_control%252Cimo-xp-privatead_enabled%252Clisting-grid_control%252Cngage-listing-badges_control%252Cpos-cars-fee-boost_control%26adv_ab%3D9&adks=3277397056%2C3209054416%2C4157412074%2C1238849680%2C1235208812%2C909097025&frm=20

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d407ee27ce80a1d5cf193323fab00bc12dce0773d6fd5e3989c06d8726e2ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95676
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.olx.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
611 B 482ms
482ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4457378105197553&correlator=4186388046193972&eid=31079667%2C31079673%2C31079312%2C31079695%2C31079527&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fifs&iu_parts=22954957514%3A73314699%2Colxbrasil%2CIAT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700241883209&lmt=1700241883&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1986320353.1700241880&ga_sid=1700241883&ga_hid=319709823&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRiY7MDyvTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiX7MDyvTFIAFICCGQSFwoIcnRiaG91c2UY6O7A8r0xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJjswPK9MUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2ljMWs1TUdWMk5FUlJRMjF6VVRBclJIQnRVMnRwZHowOUluMD0YyfPA8r0xSAA.&dlt=1700241878896&idt=1648&prev_scp=iat-req%3D1%26amznbid%3D2%26amznp%3D2&cust_params=plataforma%3Ddesktop%26pageType%3Dlisting%26uf%3DMG%26search_kw%3D%26bairro%3D%26zona%3Dnull%26state_id%3D2%26ABTest%3Dsanityweb50_control%252Cds-web-vitals_enabled%252Cngage-chat-on-gallery_enabled%252Ctxp-fakedoor-buy-button_optreq%252Cpayg-discount-re-julius_ml-ranges%252Cfee-boost-goods-parcela_enabled%252Cppc-myplan-redirect-lp_enabled%252Cgoods-history-sales_enabled%252Cppf-free-insertion-re_enabled%252Cds-header-navbar_enabled%252Cfree-edtion-goods-parcela_enabled%252Cdelivery-quote-weight-11060_control%252Cdelivery-quote-weight-3040_control%252Ctxp-expanded-delivery-method_control%252Cbilling-history_enabled%252Cpay-now-always_enabled%252Capmkel-filters-fair_switch%252Ctxp-retry-by-id-pay_enabled%252Cadv-remocao-topo_enabled%252Cppf-myplan-new-marketplace-pos_enabled%252Cpayg-discount-julius_ml-c-mab%252Cimo-xp-linkshelf-autocomplete_enabled%252Cngage-chat-miniprofile_enabled%252Cppf-boost-motos_control%252Cngage-adview-miniprofile_enabled%252Cdelivery-methods-modal_enabled%252Cbumpds-bjperformancetrackb_control%252Crec-adv-package_on%252Capmkel-list-item-fair-badge_orange%252Cautospp-notshow-modal-hv-myads_control%252Cppf-edition-re_enabled%252Cchatmod-logged-user-showphonebody_enabled%252Cautos-aqui-mileage_control%252Cadsxp-adviewlinks-bjQTZ-3020_enabled%252Ccontentmod-gallery-tip_control%252Cimo-xp-adview-modules_priceInfoAtTop%252Cacc-split-login-v2_control%252Cimo-xp-privatead_enabled%252Clisting-grid_control%252Cngage-listing-badges_control%252Cpos-cars-fee-boost_control%26adv_ab%3D9&adks=111700959&frm=20

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46f4b31a821678f32971d8a288ce31667b410eb1b1f0158c794043ddea753d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 581
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.olx.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 178ms
87ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311140101&st=env

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0543aab461bd9f1255167187a0590ba4499e96ca08f1a9359179c69b004c427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12144
x-xss-protection: 0

GET
H2 200 container.html Show response
390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BEC9 6 KB
3 KB 161ms
47ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:43 GMT
expires: Sat, 16 Nov 2024 17:24:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ 39 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl_page_level_ads.js?cb=31079695

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c33f40ab939ca2d48b1aae408ad1a69c0d758f0d8cccf8fab6d78ec5a8524f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20875
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13749
x-xss-protection: 0
server: cafe
etag: 15176684494565588641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 16 Nov 2024 11:36:48 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 153ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:24:43 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F9A9 13 KB
5 KB 43ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 14:56:44 GMT
expires: Sat, 16 Nov 2024 14:56:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3EFD 829 B
996 B 51ms
49ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8c640f80f6c78de08ed1be56a0ee569cacc3f685ac55447c232432be686f38a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1JCIJ_yc0w0E-h6ot9IHSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1JCIJ_yc0w0E-h6ot9IHSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:43 GMT
expires: Fri, 17 Nov 2023 17:24:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 lb
services.insurads.com/ 0
156 B 117ms
117ms Image
text/plain 52.205.52.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.insurads.com/lb?appid=1984&acid=434&s=2360&sid=6899F05E2FB2D822&auid=783361&mawId=0&ts=1700241883708&iid=m1a48320d943633d894d12ea95d4340919c753dfdf6&is=0&m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.52.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-52-6.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nocache: true
pragma: no-cache
date: Fri, 17 Nov 2023 17:24:43 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx/1.18.0 (Ubuntu)
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 container.html Show response
390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0301 6 KB
3 KB 42ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:43 GMT
expires: Sat, 16 Nov 2024 17:24:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3EFD 0
0 74ms
74ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311140101&jk=4457378105197553&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame F9A9 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 09:24:52 GMT

GET
H2 200 container.html Show response
390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4AE3 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:43 GMT
expires: Sat, 16 Nov 2024 17:24:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CD45 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:43 GMT
expires: Sat, 16 Nov 2024 17:24:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4810 6 KB
3 KB 41ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:43 GMT
expires: Sat, 16 Nov 2024 17:24:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FA0A 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:43 GMT
expires: Sat, 16 Nov 2024 17:24:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B7B4 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:43 GMT
expires: Sat, 16 Nov 2024 17:24:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9BE4 142 KB
47 KB 210ms
89ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeh2wAFSbEGUI16AAekVSF0kDhF1pdS-u8Hgw&u=%7Clo5T2BSvE6SwFpya4b5LViqJrWg7qCEiZmc51YnjxuA%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yLMIlVEtJyUVvlIvkzjr4Hi9mKGctDqo4_EosBq_f39mE0jxpnuyPxwePsAcuuyCoUvdsXZnxxkTr95P_rWlLf4nbqBF8Ac9BFllNGNJeM4fDwhJrFIAzn6aqdGFP_9uy7c1JGGtM2WwaMGiRkuNGZVUYazR3VFVNzV0u9_TA6O0DDJcNyf3z6hxUtK8FUIu4a_08W0ZlbHP7ce4EN28b950ee5DffWT-TSL2sfWyGbieZX4niB3mapuvTSIrSCBrErLQ7bl4ot9Wiwag_yLKUqC76F4dHjXnE-7UcAq7b3-ARuopuzxN-IljiAdC0uvYzWlh-v5ugvKhfRp9n_3rfL4X0LTTiA0aGajaX-cdhloFledWUZm-LqI_HJ1_6Ky_xeuq2UefETT53pxcvX-RtVXsoMbp7n9PHREvcokmDuaFls-Y_QWSq7D2yo5kPEtWQAVhUz4oGtB210_-zN_P-8GprIlrPPmBwgyfcdWRGOIZ_38j9wRvsroZ4VEZE1uejSo3qFs-eovbs-5hyvLGiAF8Wim20KWn5Ta3XFRPmB54Bt45gC-MdqynkUO2Da5K5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZYMV26FXZbGTFfqawuIP1ciegAnJntKxXNWdkfdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTMyNDk0NjI2NjcwNTcxNDPIAQmpAgpl964YNbI-4AIAqAMByAMCqgTqAU_QXd6LfULhLSznWETZgtICjZvcoqRYu3cqrVre7Bqwroi3Fnkc-HwpdVRM2L72JJapmRXwQJaLBYA6V0Ju9O_CEDJigqOfRhVTWfa_eyM6fXBnLuLQtFaPgaOQ0DX0eoMS8KmAQtWy7h5A7qlLDvcPbapJcIm-Z768Qh4E-3VtBbbtkd_GUeWC8zx_EwO8-tSy68YbzeQIzaFjdX8ygnQ30OlXDh8NDonft11ZO3F_8kRsSQ4fP37m6A59GpO7GPLWjvrY2I6DuVgJxXn9xauJqDQuVe-l8TwO6I6w5uE8XUtgIQxX2Jgw4-AEAYAGp8msjb6KmOg9oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHiDRMIuNzvy8bLggMVeo1QBh1VpAeQ0BUBgBcB%26num%3D1%26sig%3DAOD64_1B2g2ZFVwr5iIrpSYfO6bWurhLjg%26client%3Dca-pub-3249462667057143%26adurl%3D

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

abdf77b2bbf03eea9dd60de3a1c22365231e4f292759d5a2dc766d9076658d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:43 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZuMXohitQDhTSwUEb_E1fRlDApOrAR1dLebT3bQu32URXCqtCmGgyog8mQ-d0QyGsoLnrQUC8_PzvyNbUmxvNo3DMWfeT0cF2RhG9-SE2kctjmSP-FhHT0MfAYm9alvhvA80JKQaMBXv4capM_o6aT9OJ1LsSJ1AiqMYH7TAezTeJEMsxwCVfKjrBVM86tshTr09AJosOyNk_Dvs-1T8qTgwRq8O_boC0lvmyUsrjG7q3HG5MriFpw5GRgkVno0JFfhS6w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 43427841
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0301 3 KB
1 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0301 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0301 0
0 48ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2MqdUVZbALY6WRaY9rYdzojn4RHaj8R7FpPJUYZY0GRAFR06tcA7Ri3rmozvne1xmNCYp
Requested by: Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0301 24 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0301 203 KB
64 KB 54ms
50ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:24:43 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B2AC 0
53 B 172ms
82ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGKq2lPgBMAE&v=APEucNWDfCTzanhs5FFCCr3VEBx6zg76MPXIK2cD3Kw3HSIMEOGN_44FLQ-wN_rKHoM09lTUSA-bNF5Pz-P5AdjfflvfwH0zaQ

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 4AE3 23 KB
9 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 15:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:58:47 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 4AE3 7 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:44:44 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 4AE3 0
0 99ms
84ms Fetch
image/gif 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstvkscRuoR0vmqwCH6UDUvceE3xUPOtEzI6xSjFSeL2xKwxTQyiXAWuTpbcYyDL7333Fw7OrHVgOAf7kC2BXzGkwexw2K79oKOrAf5sY8Z7O0QU4vq-4ZzlOkSSACaXp-5CCF_w69WD7eSGpnqOSDoYpObk3TnQ2lz3JB-G5hq5M2F20sQjtRnNJxnWqnr5NsvtC8ZwiJxdbvHYf3dDF-I0SFSA1DbzIm7UmE8zdguVAblHI8WCU-gPdcqVLjCityJsuCB9sRJsl3AUzKDMPBvbkA-2q3N-vRCJpzGqXQLG6xCRupGSaTio3otpAVW6EPLqYtcEBZyx2Mbyb1K3dPo_n86z_1b3dcCWbXhX46-V6D7eyJ0kqzD2c2vPtoDBQI-rDTachTisvHUl-8YOUzWlFP-A94VASr9I4bxbqhp6e0gBTV62lrVdiRJrRPLCRI_RQ5tQryAz4w7DkHcTg3S4lix1JFEk4eKshRWX-46H-81wfmtUDNgkYqKuIYZt_YGcPm0hgub-lmRgsRuOUHC78XfnsX3skIPs1tUvmqvjGEraNPNGyhyRlJgivK71MAbUYTLFF-JuaumB5haQB6IbiqTugux8O8su6XN27-g_vxsWmg1SAJ1aUFlz3sbqOYj1BV7yGnBtxFb3xmEINjURbrHtEXJmFxrqkCx0F1uiExyNlFEAvsbOKUiJzrnQDlaO8lv9Vp7elsfKCnx5Zd0Sm3HiZEDsaoBqkGT-PkhxFCfN86P03vULdHptFX_Vs5vOJJeeqFptF9ZQy0jBp1kjWqhQxEh92faJ70ME-bgAfWFua4b2uBjhhEcZkuqdJAgmv1Qka50GK1y_pJJlmHL6xumY03_odIUHuz6CcHToXnZEQyFPG5-0eV090VDutP4iBNkzZvg8GKAtDAVxOklvOZifJKTvBipZqKM7WKmzRnaMblbbrnENSV2s1xEH9C8jJ6mWuoi6nKUnhuEwIT6x_0SFYGpviwC_h6_gLf1DmcDlFqJ5AWjC2bjk-YPYX1Xbc6oyRT7-p_hSsA5MwTVptrJIcIWhKFh-4ONwrkmWYGQAMi5iP3Y9DxBN8khrVxyvK7TXMfsaNlTQKXadzK3Ka2tg6-cJQTl6_ZfCo2r6nV9hYlUs9ErgqQYxTlbSZrhFr9qWO3FbnHfys9Rtyzrp-nqpjaWBNiDCJzT4-Mqe4d8ZTZiqBBZ1UnaU6Mo7LmnIbjAnr-wTmaK8Hz3euh5TyllFTFL4M0HA72fLwlsQh8s2VwdUDuU20n-8tdYIbaapZaBTYIVuD-mPI_xosHJkrYW2ebXmBC77mxNUhYq11P_ciixeD5Xsxhk09old-ChPRiyNVpP93CthUw&sai=AMfl-YSqiHqlEdKaHvjvxs1U3LVBqFOD0kn3PHic12ERDN9NRI2Abj1dc_7jQ0uOhYSdirPPOL8HXu9eKTgqIHR8arp2rQJyD20fTw4hfRqVJboTzJy0EBy1jt92aJ-8gJIKm5EShiDHeRnONy_jTr1jgTzzsiIVUfXfe7I9JVuv3sApkdObKPe7tF_VKwyTPY8x0Lo4vHHFtZJGzgHsYsykMBzeX6EcUBu6Qk4eqoLaKrKfYz0I9O7LjS4IrU0Ui1C3zmTmFmVV5AbJudSmDLUqabJmH7uyX1xOUZmP6AYRF6pXwFJkjE-kbJ5Cmg-gtJMRYHhp4Nwx9toGlGpFDzLFduwy9qcyO_J7XfxxWSdbiCgNrghF6cJah3evxzxZ2HRf5L5kdts8EmyU1pxGapa3LotLVS61sOjjtumTWXpwkyu5&sig=Cg0ArKJSzC9ZU1L9GpciEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9taWNoZWxpbi5kZQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231109.40001&arae=0&ftch=1&adurl=

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 17:24:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4AE3 41 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 14:44:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4AE3 3 KB
1 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4AE3 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AE3 42 B
63 B 74ms
74ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AxF5QSImJW88nc3Dy0uSMlJw3ED9KWBADQtlyiyx40ikc0UZrfGixa0pPoVCeCdO7WsrBI0Kaon8GM6XSSwEes6y8w6go6HN_-E2pRskVWg-8aFcE

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4AE3 0
0 48ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTeasGK9hlmkkeQMRJR-rpC9iKSuxBtFIFRsoEcB4USgDW4aOdLyvslCI6_JjYlhgQ0HYxF
Requested by: Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4AE3 203 KB
64 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:24:44 GMT

GET
H2 200 11744463717553723472
s0.2mdn.net/simgad/ Frame 4AE3 151 KB
151 KB 136ms
41ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11744463717553723472

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1de3502763fad582a565844752122fbf3f51c305f957a6637dd3e4317541e383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:53:14 GMT
x-content-type-options: nosniff
age: 156690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154158
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 15:22:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Nov 2024 21:53:14 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 328F 0
341 B 141ms
81ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARidjb_nATAB&v=APEucNV5LOXpB6d-nyf3zxn9-cY7NH6wS0tpoAlLAjRha251wBEK8HASwZ9ngWQlpwEhRWyVNZ5-U1Qf8De5li76mMGIpcevwg

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame CD45 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 15:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:58:47 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame CD45 7 KB
3 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:44:44 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame CD45 0
0 83ms
83ms Fetch
image/gif 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss4t6PZxoEArqv6moTRTiuZBjByhF4xhRTBeL7Hx2voi5zD0ypN9VJ2cdY-eE8ThqLPYa-xvIA_5kEsQkmzk3nz93jaYdAedgFKHH2zLAcz7ChgHwZHpeSNT_syMFDFR-JL7mrS-P0Lj4z92JeLS51TYz79gLTB27_QU90IofsWwSevFU12jW0J9Zr-qsZbGP72zy_aFk1_YuxZwpyihZBLSL7zSCEMu6uskfZPrqdsEBKCABEhAfZt7kCA810IaciMpXZUvCWDASXvtlmd8u41MLDIZ9eVRhS5sshE9tasKcK-CdWIrxpXtcUu4vv2LpKOAop5r6XEqosUBUDMZbg1NV4E__6VzQyewWUanxtRdI6bL86XR_2DGf739c2ieGVoGFtWrJB0QL0eoTRcM1q_-yhSCoC6BuUyVX7XvCUuNnqxaPeUswJsce4YkwwzGminzAw6NDMeaetiFU01ImLqIhs3WO9wU2o28YaWN2WyagrHJNx0BKk-bkKjMIgJzo634b-mv0jwD5E5gmZDMDE9PI5Gt8qanZduK4t5L1aifjpi1GXwV7Q_KvSQQOqhgheF3LHHjWz7kRC1D6w-1Sfk1pBzyCZYGRfNjkv6QP_bxsDxJstL_vRjFmyOZX5celrz9sZdSeEmvyS43RviDTcEEk4jTxCF76LNhAI9dlFim_OuIosPKpBBLbndXv6gOe8WG_yUBVEQR0NpDllXFB4Qu7lAg5F9AQrla6qf20Aj83EAdFDOjdDMYFs_kN1n8mhCWXLcrLrFINlu7pDd0N56rYbc_KCt4dKP3QuFPmksTaonlu9wWK3sK_JZkitNYMwumyKkpPqqSjDgT9VwLaVvN5R52IcCbbLy-tQzQ5ZzUQi6Q3SK0pGbgmJRIO0hdwTT5P2hwRYaJTwxR9e7AJc80Wb2V-bv-7PuvsxY3fQlbPTHeeys4FAadbcVBzKntbAdfOpgNcUKqcB7LKIZxQ9tq4zsYLT-aliiYrXCI8EKxs1nnTBPjiqeFJ2qtoHPvf-ztlMNaLCJvlnZKcnWUtM21k94zsDsit31jwzew_k3cCStw-x4Rv_8KtdZn2FEdNCBCH4M705Uy_eqO4gtWfWnd41GHolpth1277q2UpLSWWVYzzyeJod23FcGcIyOR8RSmcJUwdtRGNJx6t80qdgKUKR55ZC6zQnFpA1g9UqtcOFwj3PsOT7KHd3pmpsfEagMDd8zQdYVZl7l5zBqtYw-4xJpUyVw5aVlqwOggxJEb-pdUIJXYgquxRVo00YbCK6p83QldEZk1ko9nK_joaE_4rtlJHAc47y397cfvx8vs0b51s0D5nB1n7pQBUbnW7gnkAtydoTeDOxsD9rOyc0cw1KuL6UDRvh1ASZp&sai=AMfl-YTfbeoWMvTaROYKdVW-cVPjbAcR1X-rFtWrJ-jPFIY92LlBgTtGDAG10g--dZ5KhzPtAC36lCoRxW2F8H6xa9gRferIeHKoPZr5L6T2-waDKjkA0hcD9dKpnjldVsHBtgWwhApH807DX3jRZcaguBi_gk7zN4qrsL0GDs_svaSzQUcl3gAWQrCnqVOuwZHhxQr_a2KVXr9g3UcduqfIJdPZ5RZAtNXV3u6XygkGJAyIs2wnbrei7dv100iDUT4aZ-aq2OqL47mnIy_pD2JZBJCxFKr7fyjyE6GBaSDfXys0J5bCl_QGmoOrl9RY4UcL73FEcnE7TeSPp6kheGC2NniApI0OVgwJER_MeTc25aYrjIZwxEGk1Qj58xhb03n_zgypaK8obDfwAdA2K6CFsbaTLx91rqKWk4ODcHlZNoQG6BBSa0PBaw&sig=Cg0ArKJSzIs_QGDDmuxTEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231109.72325&arae=0&ftch=1&adurl=

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 17:24:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame CD45 41 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 96000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 14:44:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CD45 3 KB
1 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CD45 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD45 42 B
63 B 74ms
73ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CVYyDxuCJuidNeMEPzVb08a7pT_mvOmp8xEanHeJ2oiM5FCf749f5L0FJYZcEgR_tsl_lTwgo-xkspVnILX0890cZ0EAh_CR1nRFmUI_AjbRloSv0

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CD45 0
0 48ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCJ0VU03J9q5F2yWLjqSszGnZvuiReSTrduGx2oLPwjruELFITfZm-p_Omv46kpOxZXEfY
Requested by: Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD45 203 KB
64 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:24:44 GMT

GET
H2 200 1080061691612198154
s0.2mdn.net/simgad/ Frame CD45 79 KB
80 KB 227ms
160ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1080061691612198154

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38176b78ec1ed55cf99a9edfd756a3cd3734877ad8f8418d596c8c38d11a52b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 09:44:33 GMT
x-content-type-options: nosniff
age: 546011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81287
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 09:36:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Nov 2024 09:44:33 GMT

GET
H2 200 batch Show response
services.insurads.com/dfp/mapping/ Frame A36B 3 KB
647 B 118ms
118ms Script
application/javascript 52.205.52.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/dfp/mapping/batch?appId=1984&requests=[{%22eaUp%22:%22/73314699/OLX/Listing%22,%22eoId%22:263436899,%22advId%22:39983459,%22ct%22:%22%7B%27pos%27%3A%5B%27web_native4%27%5D%7D%22,%22w%22:728,%22h%22:90,%22eId%22:%22main_olx_listing_5%22},{%22eaUp%22:%22/73314699/OLX/Listing%22,%22eoId%22:263436899,%22advId%22:39983459,%22ct%22:%22%7B%27pos%27%3A%5B%27web_native2%27%5D%7D%22,%22w%22:728,%22h%22:90,%22eId%22:%22main_olx_listing_4%22},{%22eaUp%22:%22/73314699/OLX/Listing%22,%22eoId%22:263436899,%22advId%22:39983459,%22ct%22:%22%7B%27pos%27%3A%5B%27web_native%27%5D%7D%22,%22w%22:728,%22h%22:90,%22eId%22:%22main_olx_listing_3%22},{%22eaUp%22:%22/73314699/OLX/Listing%22,%22eoId%22:263436899,%22advId%22:39983459,%22ct%22:%22%7B%27pos%27%3A%5B%27web_right_2%27%5D%7D%22,%22w%22:300,%22h%22:600,%22eId%22:%22main_olx_listing_2%22},{%22eaUp%22:%22/73314699/OLX/Listing%22,%22eoId%22:263436899,%22advId%22:39983459,%22ct%22:%22%7B%27pos%27%3A%5B%27web_right%27%5D%7D%22,%22w%22:300,%22h%22:600,%22eId%22:%22main_olx_listing_1%22},{%22eaUp%22:%22/73314699/OLX/Listing%22,%22eoId%22:263436899,%22advId%22:39983459,%22ct%22:%22%7B%27pos%27%3A%5B%27web_bottom%27%5D%7D%22,%22w%22:728,%22h%22:90,%22eId%22:%22main_olx_listing_0%22}]&h=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&ts=1700241883908
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.21b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.52.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-52-6.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5f5327d8ab751ea7f7cdab8c3b3993725aef9cf68d0a7288f5599e8a070cccc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8944 0
53 B 118ms
82ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi1_OzzATAB&v=APEucNUDBFDKKsSrFja36Y3Gz1Qn00s28mVWDEJyrvTR6b3qDp9Eu6wsjcnWyaWAwH6U3A_B5eoDiKJ8Sz_SqZhAj_1JHc6T1A

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 4810 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 15:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:58:47 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 4810 7 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:44:44 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 4810 0
0 86ms
84ms Fetch
image/gif 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv6qp9W8zk7Yp2IPON8MojduHmbO_4Sx27omF5aUttyrI5h-k11fNpYPJ_yMfTyx4R7BQm1xRNQFG9EOvpkmzp_w71Lxv2uIi-C6UFfnEWQqCuorXuqFP-7WEty8AT2HUM-zZXBRh7ZUxU0mOtfhQx7hd2UFpYw4nNfc32FCNmixfDe-pE0hybremHzjsaVsLKtb27onpDualUkk-DO0u4YlSOLG1qNCfXYN72hzNIM0Nc6gUimHq5Iik5XhSsJVVa-QWblV7p6tfXc1gP7hXk3sRfYMcUjadOa1inAZujJlRFwXVe6AyJk25ow8Nkmfpf91NAvGmSik6EURCh9NAZIklp1631s3NnsqYB0WxbDdQ5gF4xTyNQl66WxbKd_4_F1HBCk1i_IfdaZ70JsmpHTAr3Od7fpUzWSjWsJ5qMIOCYUs47yTg25n5GxZptVTdoHXY9XhX-Qyw8S79Pb_ocPWp_a5GU4ej8DbFvt9v33urpDoAyQ8XeDUXuWm784tozQXwUwtZ7Vvl_Fj5L1gxqI-nCZZe-3NadRkL-4iOEuv5_XE23GpNI1jNQ1zGjWjtCjPXmQ2vjqa_QWQWcaD7wxamNZL69JrlvVZl27H0EqlJ67FT5CEtCsDn-pE3msKDpyJ59y5rQ7Kamr59UNxBdWJoq5HMoG_ictvcK9vPqGi3feVNBDRrNRDGkOslnTYcQH_sP1e5BP3ZSbLY3k47J7yBMIVvoM6hMPne7k5_sm_hPu8bEbaq5-abZQud_-tkHWlZbtGBV_LGwP7ZDlErrX33X5X6qwTjWGcvh3NuK9UBzKaC2GaV2-rgp5sBiA7Nm7sbmsTikHHOpvDLN25ITz69Z7NieNalmIvhf49M5JQjXvo5vdfcvitZwgaxg9RAdQrSSjWtUsaVDUUnfi79DX_Zlq_qRut-FrRfYUgQWPnnFv5gTGVqnm_qKb4pIM9KYgr2nnk52KuNlc0IdM8zIehf6Pc48aEtXnI4ycr2oGXLyD_sCfkC_cl77IrhZeWJR0S-jROvxang5Iz0D9vK2L_cL2pVese81a0uke8ckNC2QkVWc7NVc6_wOtA-rorhLiLea_RB_wAk-DSlb15gpAJ3ILfw2lWi2LHL7TCmBPc8llyx-qXAmSO3KHRR_0SjltSxivDK-BlfIVH13UES3uTzXAEDGt8nul8yWDI7zqJaV1CnHTYdbccSnL7c2X-LrNdExFulDGZUskxNJ5oR15SqZbaqIaMTM-dX_DPVWsej8-tSH5LSVoNdwamFiTBjaDdfxHexnGKwd38JCJAv67HaSxBYhq4LOFQp_A6MEL4pfyXhX7eU6aJbh3Ls-xQ1xxL3EA6zsz_5BvhmurmlI0yhIGAOg&sai=AMfl-YTm3MxnhalGKK27U0hMVw8V6Yp9bji1M2h_zCEw__nVsgMKR5pKt44smaAAuvGRxs2t_sm4753q_zUiBvywUeA12NUWDOnNM3erPtvC8X8uuFxHmnDBhfpRJ5rptUK8cUU12m9WEG9eiJZ37nTBcIN2ZzuNekTtu4cL4j76eknXJP5XYVaPl87zECXdzphj0gQnt9eUE0GJdWKdB-TK3xEHMOGM6CwFpmXAeI4dMz1LQWGYN5c1hxxGc1N4vjs3mmG3sTdPIZL9xbWv3SszvtBAoLb082lJ_weyFbDx0iSZAJRhCHZT8yzQXhDxTrMFQu0XWdqowQB_gcX0XoGn2d27-tUSp6RahL1XwXBPQAPUwWeaveUzxqMyNZgeOmBtgI2YhUiVmakzW-oIIURs2w_rkHx2iIAfDfRDAnH8oNlrKX2uSFqh_Q&sig=Cg0ArKJSzB0WQU1MDuO1EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231109.17046&arae=0&ftch=1&adurl=

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 17:24:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4810 41 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 96000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 14:44:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4810 3 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4810 20 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4810 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C0vakcMcxY9FVDCpwivxBl-BPtXSAW00W8nICZf4nmJBhlHS0jeGM-yOkrVWIh9YMVi5KjbbT5GoF7HDV81udXjY_0P8MQZXzCTl1WG2kl7j7uEPQ

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4810 0
0 50ms
49ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9p2LjA1UN4dGNhaRqOfajMhGgGcRRKsdNcv6MiLySwfQbzJiXz1pxLcZlYKoGDJywdaoj
Requested by: Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4810 203 KB
64 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:24:44 GMT

GET
H2 200 14508136104423564205
s0.2mdn.net/simgad/ Frame 4810 29 KB
29 KB 212ms
168ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14508136104423564205

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20be8e4850de006102041bfee572e6430d7b1a7aa79a78b7e98e78d576b720c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:13:31 GMT
x-content-type-options: nosniff
age: 47473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29569
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 09:30:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 04:13:31 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5CF0 145 KB
49 KB 209ms
195ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeh2wAFSbUGUI16AAekVThAygdSopAqXfbzgw&u=%7Clo5T2BSvE6QtXIa72yi1xc9q%2BgbrfHiKJjwyY8mecRM%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yLMIlVEtJyUVvlIvkzjr4Hi9mKGctDqo4_EosBq_f39mF_W8feyQ9ow_UY7Z28SiGb39yVARuNmcqfreTO7Ihcs5GGE4fMmVQ41Tw_BJ3MllpehR9ZJyteNoKwgGwKGEFyzKPifyFJ6yoY6eyYEjmrvzIJNh060IDBKn3APJ2p-Oga8Hf73LE_JKHX8F3BgdtYws_wWAthlkaMr_drzIHfCL7F2AId6MK1OrNvc3xDJsU796qeGspLRFUJQYRLdLFUclgCFoq_1tTRLiiJ1nSN4KQvXmPAqywRHYfDHaprtgHkfiCciELRYany9n8ABu0hjmgtphR3IovARCj046qHmFNRCBYhEuAQUbCv0BNAJ3c2g62IJ606Lp_JM8pC9quiEinFxxQMgG8cOI6P1JS4Ljiq5UwB6tlj-_Q4wkzLCYfB8X_ZQkP8TO_R2RGS18riwW70RKwv5ijd3jUTkRiHInu5UdYSvhcs3QmyEuYAEaFMc96p7yCtG6vYCSa86zg8fMSc5gK_dVELV0AN_N-uOxJugH8za50-a8xwEOrETRBsnLrOYrrkHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYxra26FXZbWTFfqawuIP1ciegAnJntKxXNWdkfdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTMyNDk0NjI2NjcwNTcxNDPIAQmpAgpl964YNbI-4AIAqAMByAMCqgTqAU_QvHvpIBg5uPEkVn_sJahO4FS1sK2YT-IoJw0MRUN_dOyx03owFmBrqXHdIoqBzdwhhZa-c5Ge6IJjwtlTC9q3_OsKZlEhsZsSeUv4AsrUMUCLm89IJWcZ_3E97ppwTNOfJnXK7SUuuidU4SpQi8WarhZtbIydcd2Lb_1i7VMT_mnIXY9jXq1UZ3Nloi7qs_iUMmDlduQ3eQkyBFJ1KOtB7BDc_lK-I0xcykeBlzRo14kaZI6jWeUIIBjVbs7FQjHitlLacK66GvLLgjW9RdHS-sxgeap3aJHoPFhvrOdfdoHboEqidmJPMOAEAYAGp8msjb6KmOg9oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHiDRMIvNzvy8bLggMVeo1QBh1VpAeQ0BUBgBcB%26num%3D1%26sig%3DAOD64_1x96GiuRxHuLKkfyXjyjmpAC0jVA%26client%3Dca-pub-3249462667057143%26adurl%3D

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

edb1995c0aab02572514d3f6071d425de0d26148f07b33d4f448b2eb4e91b80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:43 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=5sO5yRitQDhTSwUEppyRqYseyUo4akA6Csi0ECUVPzOqJnqne7K113e-dAJSAX9oq70Q-QQEyYoNW1K0usvlxkFLmv1XzJ8iHyFK344XG4-v2a8AJ5Ek4Msw5JydSNdlBVJXX_VlocGsxMDNAVjGrIcT1EHobEH2pQ2KUN1FYeSWZu5NGUlmYadCk9P_BetrkBS4XzcXaHeR_TWA0OBsfashfIQUeIM04pfQhlRzED_ItVk90I1Mvrs-wkV52T-Br7MLuw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 51386196
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FA0A 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FA0A 20 KB
8 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FA0A 0
0 48ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNzWJepwOpdx4RB97bCCuGQyOzdFwFqbxjHlHyT6ibui5JEo-dugP5arHv-nvGYaEph5sJ
Requested by: Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FA0A 24 KB
6 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA0A 203 KB
64 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:24:44 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame B2B9 145 KB
49 KB 174ms
166ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeh2wAFSbYGUI16AAekVaMzOjDGQ3_riBTTrA&u=%7Clo5T2BSvE6R3zhBB0jSJb6%2BryJ90XmqRE5PTLp1QsrY%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yLMIlVEtJyUVvlIvkzjr4Hi9mKGctDqo4_exTefkQKAimDR_81lgFL9mTcyuhm2VWdIrKFLuK8fuKZZGh0bqTATgm0lPNSua9F7-V18eRJ_h_JirFrgOYZZixdEqYKtnld61oq3B6LIHaEBw2eQ5EmCviU2oAR_-YHOSWxgNZWlaQPTM7dNwQPqt2k7WtMWlYKzHlD6mWMdseXElmTt8NqQVneGqKofnjMa-qrBhs-D9yXLjFEfwN-TK8qcjHlt3L52_pVDUp9odSSLiWp-ul2iVYvpyb4ZZet9oBy0845LXX67G6ZCi0wjz51HARwEojDT-5oRTPECbR6qE7QptMIbAm5gFoXjWJzEUPKlYk2I875uEzA1z9l7SseriUG4O-BYuGsPc4iOzd98B3ph05X8-PYtNzibgojcFM-tBIWYVg7ULELTeMvqCGrDT1kzXmoxt6-RuSJPjDWBNCTbR8wNPIhSf--Tu3IQNLokPvc9qlrWUkOcVomnD8Yif_8SJ3JDPnVaRZbqgQfOJzxTt3IaH75_NHuu9WpAPXDeIN7riI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsmc726FXZbaTFfqawuIP1ciegAnJntKxXNWdkfdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTMyNDk0NjI2NjcwNTcxNDPIAQmpAgpl964YNbI-4AIAqAMByAMCqgTqAU_Qod1bGxp7hhWAN4fxQPTNOyZVPS-EGn6-Urq6Xe_UfJg8jZQsrHMr8oUfG3ZChe6s4s9pCTYdDeo_fzswGV9U88kJaEWA7AityATxQcV8f19Yp5y0Nsr9nTqxnlCDzNHH1hrU6_FyLg6xq51_KQyX1YmYJsJm9X3xPhiOvf8vI3kVm7cn6EkGkwECajgvTIE4P6toQCbnrUw_HR8u411xvjYQ0LkprXtm86dl4sNUIBqyhUwcLxRH51LpRa_ldxaZ9AQ48DnFezvGL9End_h5AIgqDBIEX-iRUlz_ka4Da8Xi_vWx5mDpXeAEAYAGp8msjb6KmOg9oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHiDRMIx9zvy8bLggMVeo1QBh1VpAeQ0BUBgBcB%26num%3D1%26sig%3DAOD64_2sNtUH02RMejB_-lWkdj0PJRzFFA%26client%3Dca-pub-3249462667057143%26adurl%3D

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0c64f77c80dd33f3ed73799afc42d6f266e275a101bfcc29f77478806e967e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:24:43 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=jiqpMRitQDhTSwUERfkmsPecTjBGpkxLtLqwcQMwmoqtQh-pi3j2jZ8XBl55WGRwWoXov7Z5AR2uRir5Rr29WwqolxA_4IPq871m-fp2QxH_sG1019knRvY7E3vQJvUqGDuAXyzjoUXHzvaPIda6XBoVtRGenuy0gNMC56N1I9XjJDL2TN5BGiSyMVY_dw2W_6AYdGs8BOTCcYx8QJyUoneXb5My5qZoSAno4CnqgLI3FPQn4XQwJIH01HVbwCJVlzGmuQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 50655322
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B7B4 3 KB
1 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B7B4 20 KB
8 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B7B4 0
0 51ms
49ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5WWUF7jENH-Tm_VKwgEXcutONFnhnNJoBNKR_eayLuBTVphBTDfylbJcCphMj4F6UZQCF
Requested by: Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B7B4 24 KB
6 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7B4 203 KB
64 KB 115ms
113ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:24:44 GMT

GET
DATA 200
OK truncated
/ Frame 0301 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c9c82e509796d04adb6e63948e4aa231a1805a3f33622d09e3bc906ee13041e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4AE3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64bb6866966d953f7cb21ac71e171ed354d8ef4d61b06ac65f7dd403de64a136

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1829 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 95999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:44:45 GMT
expires: Fri, 15 Nov 2024 14:44:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CD45 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2de68db2b08a024a06e012a33f3bbee725e57451bceeceda931c2d2602e12b56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 20CC 38 KB
13 KB 42ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 95999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:44:45 GMT
expires: Fri, 15 Nov 2024 14:44:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4810 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c17d3c7db14a3ea8c74f57a0ada5122a29b52674bac0690ed8560a4738ee4218

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4524 38 KB
13 KB 49ms
48ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 95999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:44:45 GMT
expires: Fri, 15 Nov 2024 14:44:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0301 0
0 84ms
83ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEi_y26FXZbGTFfqawuIP1ciegAnJntKxXNWdkfdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTMyNDk0NjI2NjcwNTcxNDPIAQmpAgpl964YNbI-4AIAqAMByAMCqgTnAU_QXd6LfULhLSznWETZgtICjZvcoqRYu3cqrVre7Bqwroi3Fnkc-HwpdVRM2L72JJapmRXwQJaLBYA6V0Ju9O_CEDJigqOfRhVTWfa_eyM6fXBnLuLQtFaPgaOQ0DX0eoMS8KmAQtWy7h5A7qlLDvcPbapJcIm-Z768Qh4E-3VtBbbtkd_GUeWC8zx_EwO8-tSy68YbzeQIzaFjdX8ygnQ30OlXDh8NDonft11ZO3F_8kRsSQ4fP37m6A59GpO7GPKUjNtKWB1ThP7Z4qNx5UItphMk4-WL6b66ILMWFF4icVP465h3MeAEAYAGp8msjb6KmOg9oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6gAoD-gsCCAGADAHiDRMIuNzvy8bLggMVeo1QBh1VpAeQ0BUBgBcBshccChoSFHB1Yi0zMjQ5NDYyNjY3MDU3MTQzGMvNFg&sigh=4A7xe4quiDk&uach_m=[UACH]&cid=CAQSPADICaaNgy-kNcj1ea5VtHtEzmCjOLgk6nDaf_4pAoiuhes-klacb5vWtFYS-EyFPb13JVfN97gWwqmh_RgB&cbvp=2&vis=1
Requested by: Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 0301 0
126 B 177ms
42ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k8W0FMg12AVanYNiAgIAAAATIZIvdWVUt8el5sLuN61sENqhV2WhKzvhTAIeSMOwAAASAAAKCkFRVURBUUVCQVE&wp=ZVeh2wAFSbEGUI16AAekVSF0kDhF1pdS-u8Hgw&cbvp=2

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 153649
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9BE4 2 KB
1 KB 49ms
48ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeh2wAFSbEGUI16AAekVSF0kDhF1pdS-u8Hgw&u=%7Clo5T2BSvE6SwFpya4b5LViqJrWg7qCEiZmc51YnjxuA%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yLMIlVEtJyUVvlIvkzjr4Hi9mKGctDqo4_EosBq_f39mE0jxpnuyPxwePsAcuuyCoUvdsXZnxxkTr95P_rWlLf4nbqBF8Ac9BFllNGNJeM4fDwhJrFIAzn6aqdGFP_9uy7c1JGGtM2WwaMGiRkuNGZVUYazR3VFVNzV0u9_TA6O0DDJcNyf3z6hxUtK8FUIu4a_08W0ZlbHP7ce4EN28b950ee5DffWT-TSL2sfWyGbieZX4niB3mapuvTSIrSCBrErLQ7bl4ot9Wiwag_yLKUqC76F4dHjXnE-7UcAq7b3-ARuopuzxN-IljiAdC0uvYzWlh-v5ugvKhfRp9n_3rfL4X0LTTiA0aGajaX-cdhloFledWUZm-LqI_HJ1_6Ky_xeuq2UefETT53pxcvX-RtVXsoMbp7n9PHREvcokmDuaFls-Y_QWSq7D2yo5kPEtWQAVhUz4oGtB210_-zN_P-8GprIlrPPmBwgyfcdWRGOIZ_38j9wRvsroZ4VEZE1uejSo3qFs-eovbs-5hyvLGiAF8Wim20KWn5Ta3XFRPmB54Bt45gC-MdqynkUO2Da5K5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZYMV26FXZbGTFfqawuIP1ciegAnJntKxXNWdkfdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTMyNDk0NjI2NjcwNTcxNDPIAQmpAgpl964YNbI-4AIAqAMByAMCqgTqAU_QXd6LfULhLSznWETZgtICjZvcoqRYu3cqrVre7Bqwroi3Fnkc-HwpdVRM2L72JJapmRXwQJaLBYA6V0Ju9O_CEDJigqOfRhVTWfa_eyM6fXBnLuLQtFaPgaOQ0DX0eoMS8KmAQtWy7h5A7qlLDvcPbapJcIm-Z768Qh4E-3VtBbbtkd_GUeWC8zx_EwO8-tSy68YbzeQIzaFjdX8ygnQ30OlXDh8NDonft11ZO3F_8kRsSQ4fP37m6A59GpO7GPLWjvrY2I6DuVgJxXn9xauJqDQuVe-l8TwO6I6w5uE8XUtgIQxX2Jgw4-AEAYAGp8msjb6KmOg9oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHiDRMIuNzvy8bLggMVeo1QBh1VpAeQ0BUBgBcB%26num%3D1%26sig%3DAOD64_1B2g2ZFVwr5iIrpSYfO6bWurhLjg%26client%3Dca-pub-3249462667057143%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9BE4 2 KB
1 KB 50ms
49ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9BE4 308 B
636 B 46ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9BE4 293 B
621 B 46ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 9BE4 43 B
347 B 175ms
43ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=MgpiJec54dbbrDqCRzwnXt3cwKjU76xC0ZhFaEhLAlr9MM82iQLdc3t5wh61x_YRA0_sjklkv6T8sJ7_KObwvN7XON1fcNP7-QbVIBHaxLWU2dzJPA1S-02AFNze0cMG10c5MFEu_r0rq-Aa8BIYPgPb1lgRyJF642sqPztCCHvg140Rc4FL57ZVQ2E4lCxtCgsM6Baip_S2-H0wsdp5PdlI8a2nhMyDv2HeHLz8YZTWLpnMVhbytJtfWy5Nt4KJ1VSm5x4Sh9a95bQS0Ii3JhIzlEPu4KGFaBZ-mG0aAuR6rpqAYVK5DhDhF4_jRse5raC6QLvqHkoxc5EHJXuq0rg-yWKhj7GLjsrT5-Y8yInLsW5UUrmIPEyF5T1dxtNlELeAkkc59Nc0gRq-DaFODVsjEVU5bSp_gC1wb1tlDTG0Lr9_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2807213
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 4AE3 0
0 77ms
77ms Fetch
image/gif 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstvkscRuoR0vmqwCH6UDUvceE3xUPOtEzI6xSjFSeL2xKwxTQyiXAWuTpbcYyDL7333Fw7OrHVgOAf7kC2BXzGkwexw2K79oKOrAf5sY8Z7O0QU4vq-4ZzlOkSSACaXp-5CCF_w69WD7eSGpnqOSDoYpObk3TnQ2lz3JB-G5hq5M2F20sQjtRnNJxnWqnr5NsvtC8ZwiJxdbvHYf3dDF-I0SFSA1DbzIm7UmE8zdguVAblHI8WCU-gPdcqVLjCityJsuCB9sRJsl3AUzKDMPBvbkA-2q3N-vRCJpzGqXQLG6xCRupGSaTio3otpAVW6EPLqYtcEBZyx2Mbyb1K3dPo_n86z_1b3dcCWbXhX46-V6D7eyJ0kqzD2c2vPtoDBQI-rDTachTisvHUl-8YOUzWlFP-A94VASr9I4bxbqhp6e0gBTV62lrVdiRJrRPLCRI_RQ5tQryAz4w7DkHcTg3S4lix1JFEk4eKshRWX-46H-81wfmtUDNgkYqKuIYZt_YGcPm0hgub-lmRgsRuOUHC78XfnsX3skIPs1tUvmqvjGEraNPNGyhyRlJgivK71MAbUYTLFF-JuaumB5haQB6IbiqTugux8O8su6XN27-g_vxsWmg1SAJ1aUFlz3sbqOYj1BV7yGnBtxFb3xmEINjURbrHtEXJmFxrqkCx0F1uiExyNlFEAvsbOKUiJzrnQDlaO8lv9Vp7elsfKCnx5Zd0Sm3HiZEDsaoBqkGT-PkhxFCfN86P03vULdHptFX_Vs5vOJJeeqFptF9ZQy0jBp1kjWqhQxEh92faJ70ME-bgAfWFua4b2uBjhhEcZkuqdJAgmv1Qka50GK1y_pJJlmHL6xumY03_odIUHuz6CcHToXnZEQyFPG5-0eV090VDutP4iBNkzZvg8GKAtDAVxOklvOZifJKTvBipZqKM7WKmzRnaMblbbrnENSV2s1xEH9C8jJ6mWuoi6nKUnhuEwIT6x_0SFYGpviwC_h6_gLf1DmcDlFqJ5AWjC2bjk-YPYX1Xbc6oyRT7-p_hSsA5MwTVptrJIcIWhKFh-4ONwrkmWYGQAMi5iP3Y9DxBN8khrVxyvK7TXMfsaNlTQKXadzK3Ka2tg6-cJQTl6_ZfCo2r6nV9hYlUs9ErgqQYxTlbSZrhFr9qWO3FbnHfys9Rtyzrp-nqpjaWBNiDCJzT4-Mqe4d8ZTZiqBBZ1UnaU6Mo7LmnIbjAnr-wTmaK8Hz3euh5TyllFTFL4M0HA72fLwlsQh8s2VwdUDuU20n-8tdYIbaapZaBTYIVuD-mPI_xosHJkrYW2ebXmBC77mxNUhYq11P_ciixeD5Xsxhk09old-ChPRiyNVpP93CthUw&sai=AMfl-YSqiHqlEdKaHvjvxs1U3LVBqFOD0kn3PHic12ERDN9NRI2Abj1dc_7jQ0uOhYSdirPPOL8HXu9eKTgqIHR8arp2rQJyD20fTw4hfRqVJboTzJy0EBy1jt92aJ-8gJIKm5EShiDHeRnONy_jTr1jgTzzsiIVUfXfe7I9JVuv3sApkdObKPe7tF_VKwyTPY8x0Lo4vHHFtZJGzgHsYsykMBzeX6EcUBu6Qk4eqoLaKrKfYz0I9O7LjS4IrU0Ui1C3zmTmFmVV5AbJudSmDLUqabJmH7uyX1xOUZmP6AYRF6pXwFJkjE-kbJ5Cmg-gtJMRYHhp4Nwx9toGlGpFDzLFduwy9qcyO_J7XfxxWSdbiCgNrghF6cJah3evxzxZ2HRf5L5kdts8EmyU1pxGapa3LotLVS61sOjjtumTWXpwkyu5&sig=Cg0ArKJSzC9ZU1L9GpciEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9taWNoZWxpbi5kZQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=434&vt=11&dtpt=432&dett=2&cstd=0&cisv=r20231109.40001&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B2B9 2 KB
1 KB 46ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeh2wAFSbYGUI16AAekVaMzOjDGQ3_riBTTrA&u=%7Clo5T2BSvE6R3zhBB0jSJb6%2BryJ90XmqRE5PTLp1QsrY%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yLMIlVEtJyUVvlIvkzjr4Hi9mKGctDqo4_exTefkQKAimDR_81lgFL9mTcyuhm2VWdIrKFLuK8fuKZZGh0bqTATgm0lPNSua9F7-V18eRJ_h_JirFrgOYZZixdEqYKtnld61oq3B6LIHaEBw2eQ5EmCviU2oAR_-YHOSWxgNZWlaQPTM7dNwQPqt2k7WtMWlYKzHlD6mWMdseXElmTt8NqQVneGqKofnjMa-qrBhs-D9yXLjFEfwN-TK8qcjHlt3L52_pVDUp9odSSLiWp-ul2iVYvpyb4ZZet9oBy0845LXX67G6ZCi0wjz51HARwEojDT-5oRTPECbR6qE7QptMIbAm5gFoXjWJzEUPKlYk2I875uEzA1z9l7SseriUG4O-BYuGsPc4iOzd98B3ph05X8-PYtNzibgojcFM-tBIWYVg7ULELTeMvqCGrDT1kzXmoxt6-RuSJPjDWBNCTbR8wNPIhSf--Tu3IQNLokPvc9qlrWUkOcVomnD8Yif_8SJ3JDPnVaRZbqgQfOJzxTt3IaH75_NHuu9WpAPXDeIN7riI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsmc726FXZbaTFfqawuIP1ciegAnJntKxXNWdkfdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTMyNDk0NjI2NjcwNTcxNDPIAQmpAgpl964YNbI-4AIAqAMByAMCqgTqAU_Qod1bGxp7hhWAN4fxQPTNOyZVPS-EGn6-Urq6Xe_UfJg8jZQsrHMr8oUfG3ZChe6s4s9pCTYdDeo_fzswGV9U88kJaEWA7AityATxQcV8f19Yp5y0Nsr9nTqxnlCDzNHH1hrU6_FyLg6xq51_KQyX1YmYJsJm9X3xPhiOvf8vI3kVm7cn6EkGkwECajgvTIE4P6toQCbnrUw_HR8u411xvjYQ0LkprXtm86dl4sNUIBqyhUwcLxRH51LpRa_ldxaZ9AQ48DnFezvGL9End_h5AIgqDBIEX-iRUlz_ka4Da8Xi_vWx5mDpXeAEAYAGp8msjb6KmOg9oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHiDRMIx9zvy8bLggMVeo1QBh1VpAeQ0BUBgBcB%26num%3D1%26sig%3DAOD64_2sNtUH02RMejB_-lWkdj0PJRzFFA%26client%3Dca-pub-3249462667057143%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame B2B9 2 KB
1 KB 47ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B2B9 308 B
636 B 49ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame B2B9 293 B
621 B 48ms
48ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame B2B9 43 B
348 B 107ms
42ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=olnpl-c54dbbrDqCRzwnXt3cwKjE1EsDyDc8q5QDB3wUi7P1NQmIy6nh0LLTbYUa6C6cV4ywC3Al4qzEhamnlINbpTz8Bqs9dNk6B2Y4ZeDf6H5pk2OLiQzT3xzrrC-1DYDIAGC34BPIxFAvNJd6NsDu6EJm7frep5Uo9BcSDwCcS3qBAVhSRRfpIn_hr6tbApmKVAU8oLQkdWNjAF1dMX7uglTlz1oQ2AYfW8Dhcxupbz_oIi_s4VCDwbgLB9iktRlF6GAWKQIVqcB3qwM0viT6OKtiK6JTIPQRpLCy25YOMftsjwBa-OQwDGUe04RLOniRtEzpoMErMc11dWejF3JVJmN3sPfCkkFUUhHmymlsIt-75KKo8Pk1Wx0a8go4TNEVqd-B3UW_60tuNb94BPe-UTtTDPVnuSCEbw5AErCaml4h

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2322335
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 4810 0
0 80ms
79ms Fetch
image/gif 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv6qp9W8zk7Yp2IPON8MojduHmbO_4Sx27omF5aUttyrI5h-k11fNpYPJ_yMfTyx4R7BQm1xRNQFG9EOvpkmzp_w71Lxv2uIi-C6UFfnEWQqCuorXuqFP-7WEty8AT2HUM-zZXBRh7ZUxU0mOtfhQx7hd2UFpYw4nNfc32FCNmixfDe-pE0hybremHzjsaVsLKtb27onpDualUkk-DO0u4YlSOLG1qNCfXYN72hzNIM0Nc6gUimHq5Iik5XhSsJVVa-QWblV7p6tfXc1gP7hXk3sRfYMcUjadOa1inAZujJlRFwXVe6AyJk25ow8Nkmfpf91NAvGmSik6EURCh9NAZIklp1631s3NnsqYB0WxbDdQ5gF4xTyNQl66WxbKd_4_F1HBCk1i_IfdaZ70JsmpHTAr3Od7fpUzWSjWsJ5qMIOCYUs47yTg25n5GxZptVTdoHXY9XhX-Qyw8S79Pb_ocPWp_a5GU4ej8DbFvt9v33urpDoAyQ8XeDUXuWm784tozQXwUwtZ7Vvl_Fj5L1gxqI-nCZZe-3NadRkL-4iOEuv5_XE23GpNI1jNQ1zGjWjtCjPXmQ2vjqa_QWQWcaD7wxamNZL69JrlvVZl27H0EqlJ67FT5CEtCsDn-pE3msKDpyJ59y5rQ7Kamr59UNxBdWJoq5HMoG_ictvcK9vPqGi3feVNBDRrNRDGkOslnTYcQH_sP1e5BP3ZSbLY3k47J7yBMIVvoM6hMPne7k5_sm_hPu8bEbaq5-abZQud_-tkHWlZbtGBV_LGwP7ZDlErrX33X5X6qwTjWGcvh3NuK9UBzKaC2GaV2-rgp5sBiA7Nm7sbmsTikHHOpvDLN25ITz69Z7NieNalmIvhf49M5JQjXvo5vdfcvitZwgaxg9RAdQrSSjWtUsaVDUUnfi79DX_Zlq_qRut-FrRfYUgQWPnnFv5gTGVqnm_qKb4pIM9KYgr2nnk52KuNlc0IdM8zIehf6Pc48aEtXnI4ycr2oGXLyD_sCfkC_cl77IrhZeWJR0S-jROvxang5Iz0D9vK2L_cL2pVese81a0uke8ckNC2QkVWc7NVc6_wOtA-rorhLiLea_RB_wAk-DSlb15gpAJ3ILfw2lWi2LHL7TCmBPc8llyx-qXAmSO3KHRR_0SjltSxivDK-BlfIVH13UES3uTzXAEDGt8nul8yWDI7zqJaV1CnHTYdbccSnL7c2X-LrNdExFulDGZUskxNJ5oR15SqZbaqIaMTM-dX_DPVWsej8-tSH5LSVoNdwamFiTBjaDdfxHexnGKwd38JCJAv67HaSxBYhq4LOFQp_A6MEL4pfyXhX7eU6aJbh3Ls-xQ1xxL3EA6zsz_5BvhmurmlI0yhIGAOg&sai=AMfl-YTm3MxnhalGKK27U0hMVw8V6Yp9bji1M2h_zCEw__nVsgMKR5pKt44smaAAuvGRxs2t_sm4753q_zUiBvywUeA12NUWDOnNM3erPtvC8X8uuFxHmnDBhfpRJ5rptUK8cUU12m9WEG9eiJZ37nTBcIN2ZzuNekTtu4cL4j76eknXJP5XYVaPl87zECXdzphj0gQnt9eUE0GJdWKdB-TK3xEHMOGM6CwFpmXAeI4dMz1LQWGYN5c1hxxGc1N4vjs3mmG3sTdPIZL9xbWv3SszvtBAoLb082lJ_weyFbDx0iSZAJRhCHZT8yzQXhDxTrMFQu0XWdqowQB_gcX0XoGn2d27-tUSp6RahL1XwXBPQAPUwWeaveUzxqMyNZgeOmBtgI2YhUiVmakzW-oIIURs2w_rkHx2iIAfDfRDAnH8oNlrKX2uSFqh_Q&sig=Cg0ArKJSzB0WQU1MDuO1EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=387&vt=11&dtpt=385&dett=2&cstd=0&cisv=r20231109.17046&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5CF0 2 KB
1 KB 49ms
48ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeh2wAFSbUGUI16AAekVThAygdSopAqXfbzgw&u=%7Clo5T2BSvE6QtXIa72yi1xc9q%2BgbrfHiKJjwyY8mecRM%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yLMIlVEtJyUVvlIvkzjr4Hi9mKGctDqo4_EosBq_f39mF_W8feyQ9ow_UY7Z28SiGb39yVARuNmcqfreTO7Ihcs5GGE4fMmVQ41Tw_BJ3MllpehR9ZJyteNoKwgGwKGEFyzKPifyFJ6yoY6eyYEjmrvzIJNh060IDBKn3APJ2p-Oga8Hf73LE_JKHX8F3BgdtYws_wWAthlkaMr_drzIHfCL7F2AId6MK1OrNvc3xDJsU796qeGspLRFUJQYRLdLFUclgCFoq_1tTRLiiJ1nSN4KQvXmPAqywRHYfDHaprtgHkfiCciELRYany9n8ABu0hjmgtphR3IovARCj046qHmFNRCBYhEuAQUbCv0BNAJ3c2g62IJ606Lp_JM8pC9quiEinFxxQMgG8cOI6P1JS4Ljiq5UwB6tlj-_Q4wkzLCYfB8X_ZQkP8TO_R2RGS18riwW70RKwv5ijd3jUTkRiHInu5UdYSvhcs3QmyEuYAEaFMc96p7yCtG6vYCSa86zg8fMSc5gK_dVELV0AN_N-uOxJugH8za50-a8xwEOrETRBsnLrOYrrkHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYxra26FXZbWTFfqawuIP1ciegAnJntKxXNWdkfdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTMyNDk0NjI2NjcwNTcxNDPIAQmpAgpl964YNbI-4AIAqAMByAMCqgTqAU_QvHvpIBg5uPEkVn_sJahO4FS1sK2YT-IoJw0MRUN_dOyx03owFmBrqXHdIoqBzdwhhZa-c5Ge6IJjwtlTC9q3_OsKZlEhsZsSeUv4AsrUMUCLm89IJWcZ_3E97ppwTNOfJnXK7SUuuidU4SpQi8WarhZtbIydcd2Lb_1i7VMT_mnIXY9jXq1UZ3Nloi7qs_iUMmDlduQ3eQkyBFJ1KOtB7BDc_lK-I0xcykeBlzRo14kaZI6jWeUIIBjVbs7FQjHitlLacK66GvLLgjW9RdHS-sxgeap3aJHoPFhvrOdfdoHboEqidmJPMOAEAYAGp8msjb6KmOg9oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHiDRMIvNzvy8bLggMVeo1QBh1VpAeQ0BUBgBcB%26num%3D1%26sig%3DAOD64_1x96GiuRxHuLKkfyXjyjmpAC0jVA%26client%3Dca-pub-3249462667057143%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5CF0 2 KB
1 KB 49ms
49ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5CF0 308 B
636 B 49ms
48ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5CF0 293 B
621 B 47ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5CF0 43 B
347 B 105ms
43ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=bJy3Zuc54dbbrDqCRzwnXt3cwKhddeifA_7hW7FnXzv_c0D9n02RcYY20foY0RBs538ecEihyMM70XiSP4FYqv9RnMN3DBcawn-faRHYFFKcoHS-v8OxOjOKQhl7HyCxEBCpSSohRxop3F06BTNX9ima5EHiq3ze4rFOwdez8VsuIW4XxTFfm1EgLSjfh7m-Vbj8TgE8uTxC1PeufhF1QF3fD1CdG_YLm4CHjhI4_WY2z9-L-gNzZIy5_sxTdcD_YqNJJqNnMaD2lrUQa__3liBRQelX3As2xIvMgWzjfxt76rMxX6MguVT2df8xzAKqKbzbcZD_BtXoDfI-OH4D05d9X8iK7ofgTJwoxgRqwPeIdvo4DjNrykR1BZHqE3mehBGK_vvKhT3Ya3hv_xf3ReCMWPSBSm500hnKHupGdi-7bB7P

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2830988
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame CD45 0
0 78ms
77ms Fetch
image/gif 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss4t6PZxoEArqv6moTRTiuZBjByhF4xhRTBeL7Hx2voi5zD0ypN9VJ2cdY-eE8ThqLPYa-xvIA_5kEsQkmzk3nz93jaYdAedgFKHH2zLAcz7ChgHwZHpeSNT_syMFDFR-JL7mrS-P0Lj4z92JeLS51TYz79gLTB27_QU90IofsWwSevFU12jW0J9Zr-qsZbGP72zy_aFk1_YuxZwpyihZBLSL7zSCEMu6uskfZPrqdsEBKCABEhAfZt7kCA810IaciMpXZUvCWDASXvtlmd8u41MLDIZ9eVRhS5sshE9tasKcK-CdWIrxpXtcUu4vv2LpKOAop5r6XEqosUBUDMZbg1NV4E__6VzQyewWUanxtRdI6bL86XR_2DGf739c2ieGVoGFtWrJB0QL0eoTRcM1q_-yhSCoC6BuUyVX7XvCUuNnqxaPeUswJsce4YkwwzGminzAw6NDMeaetiFU01ImLqIhs3WO9wU2o28YaWN2WyagrHJNx0BKk-bkKjMIgJzo634b-mv0jwD5E5gmZDMDE9PI5Gt8qanZduK4t5L1aifjpi1GXwV7Q_KvSQQOqhgheF3LHHjWz7kRC1D6w-1Sfk1pBzyCZYGRfNjkv6QP_bxsDxJstL_vRjFmyOZX5celrz9sZdSeEmvyS43RviDTcEEk4jTxCF76LNhAI9dlFim_OuIosPKpBBLbndXv6gOe8WG_yUBVEQR0NpDllXFB4Qu7lAg5F9AQrla6qf20Aj83EAdFDOjdDMYFs_kN1n8mhCWXLcrLrFINlu7pDd0N56rYbc_KCt4dKP3QuFPmksTaonlu9wWK3sK_JZkitNYMwumyKkpPqqSjDgT9VwLaVvN5R52IcCbbLy-tQzQ5ZzUQi6Q3SK0pGbgmJRIO0hdwTT5P2hwRYaJTwxR9e7AJc80Wb2V-bv-7PuvsxY3fQlbPTHeeys4FAadbcVBzKntbAdfOpgNcUKqcB7LKIZxQ9tq4zsYLT-aliiYrXCI8EKxs1nnTBPjiqeFJ2qtoHPvf-ztlMNaLCJvlnZKcnWUtM21k94zsDsit31jwzew_k3cCStw-x4Rv_8KtdZn2FEdNCBCH4M705Uy_eqO4gtWfWnd41GHolpth1277q2UpLSWWVYzzyeJod23FcGcIyOR8RSmcJUwdtRGNJx6t80qdgKUKR55ZC6zQnFpA1g9UqtcOFwj3PsOT7KHd3pmpsfEagMDd8zQdYVZl7l5zBqtYw-4xJpUyVw5aVlqwOggxJEb-pdUIJXYgquxRVo00YbCK6p83QldEZk1ko9nK_joaE_4rtlJHAc47y397cfvx8vs0b51s0D5nB1n7pQBUbnW7gnkAtydoTeDOxsD9rOyc0cw1KuL6UDRvh1ASZp&sai=AMfl-YTfbeoWMvTaROYKdVW-cVPjbAcR1X-rFtWrJ-jPFIY92LlBgTtGDAG10g--dZ5KhzPtAC36lCoRxW2F8H6xa9gRferIeHKoPZr5L6T2-waDKjkA0hcD9dKpnjldVsHBtgWwhApH807DX3jRZcaguBi_gk7zN4qrsL0GDs_svaSzQUcl3gAWQrCnqVOuwZHhxQr_a2KVXr9g3UcduqfIJdPZ5RZAtNXV3u6XygkGJAyIs2wnbrei7dv100iDUT4aZ-aq2OqL47mnIy_pD2JZBJCxFKr7fyjyE6GBaSDfXys0J5bCl_QGmoOrl9RY4UcL73FEcnE7TeSPp6kheGC2NniApI0OVgwJER_MeTc25aYrjIZwxEGk1Qj58xhb03n_zgypaK8obDfwAdA2K6CFsbaTLx91rqKWk4ODcHlZNoQG6BBSa0PBaw&sig=Cg0ArKJSzIs_QGDDmuxTEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=427&vt=11&dtpt=425&dett=2&cstd=0&cisv=r20231109.72325&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.olx.com.br
URL: https://www.olx.com.br/estado-mg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9BE4 12 KB
5 KB 48ms
47ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 814375
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bg6nGNk6iHEiqxkpRcMhzgIVQ3Emgdnl8KksevN7ASHa4S2Ey6Xb6FgSr5bnVtT%2B1I1VOVURZI3StW56azUmty4cjaeB8ychcQrNQZbhWIrX%2BcDLMe8GIkPINzvdRn0KZ7ldHp6Sdt7pncduKZFrWbhg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8279ab41ffa330e4-FRA
expires: Wed, 06 Nov 2024 17:24:44 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9BE4 12 KB
6 KB 51ms
51ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 133ms
41ms Preflight 18.198.226.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.226.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-226-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.olx.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 17 Nov 2023 17:24:44 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 41ms
41ms Fetch 18.198.226.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.226.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-226-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 17:24:44 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
DATA 200
OK truncated
/ Frame FA0A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cdfff51ceb7e53c3bfcc3225edea77518f6ceb8716580aff749def70a424945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B7B4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 741101793c57d9fd1b3ccc6b129c2e8e720af54eb0c43578c9923401fc63b209

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B2B9 12 KB
5 KB 46ms
46ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 814375
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPBTtE1Q8lnTk5rUg1E2Z97p6tdJ%2Bw%2Bmyet8miTxu3poD0fGlK8%2FZ2I0k5%2BeWaX%2FyEWaypDKqMzUqXK7NC0Bmgu7EN2hvATfP229Pxenc4jR1ZYghsHilsNi%2FfVBmekZmk2thRysbr45GS%2B1Z7xb5ztv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8279ab42d8df30e4-FRA
expires: Wed, 06 Nov 2024 17:24:44 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame B2B9 12 KB
6 KB 50ms
50ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5CF0 12 KB
5 KB 46ms
46ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 814375
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9y5by9YTqwa1BJbEhOJdJtKayuO0O5CZ60mzuGGA1QSpco9JEVgGep72Cobl5OucRx%2FaqXKNq9tyUDC%2BgpPj547TPhE4OtnzDeXnqNtsDRYkftRrpW8X1%2F1K39xa0SDQN77EikH3SqpyKmiGAL7pSkUT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8279ab42f8f130e4-FRA
expires: Wed, 06 Nov 2024 17:24:44 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5CF0 12 KB
6 KB 56ms
56ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9BE4 9 KB
9 KB 206ms
84ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=68364&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F63103%2F190903%2F7960ede906974abdb452fce9811075a9_logo2.png&v=3&w=256&rid=4&s=diuZgx6GwhdZVUot8UwY6o7L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f5699041af1a4041bc8d1ceb22c9a4ea22f3c9c62564b5bacf856c9dab04f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8797
expires: Sun, 03 Nov 2024 04:39:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9BE4 38 KB
38 KB 257ms
136ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68364&q=80&r=2&u=https%3A%2F%2Fassets.airtrfx.com%2Fcdn-cgi%2Fimage%2Fwidth%3D1200%2Cquality%3D40%2Cfit%3Dcrop%2Cformat%3Dauto%2Fhttps%3A%2F%2Fimg.flytap.com%2Fcities%2Fsao-paulo.jpg&v=3&w=400&rid=4&s=wXM9LO9nJez2ogDn8xNWMH1I&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

da8ec70f60c93b68f6c2bae651315a99f6cde74c1b08c9389542dca3780bb5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 38850
expires: Sat, 18 Nov 2023 09:03:51 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9BE4 0
128 B 149ms
45ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ZuMXohitQDhTSwUEb_E1fRlDApOrAR1dLebT3bQu32URXCqtCmGgyog8mQ-d0QyGsoLnrQUC8_PzvyNbUmxvNo3DMWfeT0cF2RhG9-SE2kctjmSP-FhHT0MfAYm9alvhvA80JKQaMBXv4capM_o6aT9OJ1LsSJ1AiqMYH7TAezTeJEMsxwCVfKjrBVM86tshTr09AJosOyNk_Dvs-1T8qTgwRq8O_boC0lvmyUsrjG7q3HG5MriFpw5GRgkVno0JFfhS6w&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9BE4 2 KB
1 KB 46ms
45ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9BE4 2 KB
1 KB 47ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B2B9 9 KB
9 KB 212ms
136ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f5699041af1a4041bc8d1ceb22c9a4ea22f3c9c62564b5bacf856c9dab04f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8797
expires: Sun, 03 Nov 2024 04:39:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B2B9 38 KB
38 KB 244ms
168ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

da8ec70f60c93b68f6c2bae651315a99f6cde74c1b08c9389542dca3780bb5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 38850
expires: Sat, 18 Nov 2023 09:03:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B2B9 39 KB
39 KB 269ms
195ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68364&q=80&r=2&u=https%3A%2F%2Fassets.airtrfx.com%2Fcdn-cgi%2Fimage%2Fwidth%3D1200%2Cquality%3D40%2Cfit%3Dcrop%2Cformat%3Dauto%2Fhttps%3A%2F%2Fimg.flytap.com%2Fcities%2Flisbon.jpg&v=3&w=400&rid=4&s=gkmUPZNNLRtpv5dH2tcyWZA3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2f43e3d69cfe7a194e7639bba082d3a56cdd62601c1102259fd6a9ad1a950fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 39892
expires: Sat, 18 Nov 2023 14:45:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B2B9 42 KB
42 KB 159ms
85ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68364&q=80&r=2&u=https%3A%2F%2Fassets.airtrfx.com%2Fcdn-cgi%2Fimage%2Fwidth%3D1200%2Cquality%3D40%2Cfit%3Dcrop%2Cformat%3Dauto%2Fhttps%3A%2F%2Fimg.flytap.com%2Fcities%2Frecife.jpg&v=3&w=400&rid=4&s=sh_bx-XcrCOMLjxa84NKM9Vo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

34d7b42c7df7f35df3a6db61d28724f0abd59030befe49e0ec52146c94940dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 43018
expires: Sat, 18 Nov 2023 14:36:48 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame B2B9 0
127 B 101ms
46ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=jiqpMRitQDhTSwUERfkmsPecTjBGpkxLtLqwcQMwmoqtQh-pi3j2jZ8XBl55WGRwWoXov7Z5AR2uRir5Rr29WwqolxA_4IPq871m-fp2QxH_sG1019knRvY7E3vQJvUqGDuAXyzjoUXHzvaPIda6XBoVtRGenuy0gNMC56N1I9XjJDL2TN5BGiSyMVY_dw2W_6AYdGs8BOTCcYx8QJyUoneXb5My5qZoSAno4CnqgLI3FPQn4XQwJIH01HVbwCJVlzGmuQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 17:24:43 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B2B9 2 KB
1 KB 53ms
52ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B2B9 2 KB
1 KB 48ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5CF0 9 KB
9 KB 240ms
187ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f5699041af1a4041bc8d1ceb22c9a4ea22f3c9c62564b5bacf856c9dab04f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8797
expires: Sun, 03 Nov 2024 04:39:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5CF0 38 KB
38 KB 242ms
189ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

da8ec70f60c93b68f6c2bae651315a99f6cde74c1b08c9389542dca3780bb5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 38850
expires: Sat, 18 Nov 2023 09:03:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5CF0 42 KB
42 KB 270ms
217ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68364&q=80&r=2&u=https%3A%2F%2Fassets.airtrfx.com%2Fcdn-cgi%2Fimage%2Fwidth%3D1200%2Cquality%3D40%2Cfit%3Dcrop%2Cformat%3Dauto%2Fhttps%3A%2F%2Fimg.flytap.com%2Fcities%2Frecife.jpg&v=3&w=400&rid=4&s=sh_bx-XcrCOMLjxa84NKM9Vo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

34d7b42c7df7f35df3a6db61d28724f0abd59030befe49e0ec52146c94940dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 43018
expires: Sat, 18 Nov 2023 14:36:48 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5CF0 0
127 B 79ms
46ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=5sO5yRitQDhTSwUEppyRqYseyUo4akA6Csi0ECUVPzOqJnqne7K113e-dAJSAX9oq70Q-QQEyYoNW1K0usvlxkFLmv1XzJ8iHyFK344XG4-v2a8AJ5Ek4Msw5JydSNdlBVJXX_VlocGsxMDNAVjGrIcT1EHobEH2pQ2KUN1FYeSWZu5NGUlmYadCk9P_BetrkBS4XzcXaHeR_TWA0OBsfashfIQUeIM04pfQhlRzED_ItVk90I1Mvrs-wkV52T-Br7MLuw&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5CF0 2 KB
1 KB 47ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5CF0 2 KB
1 KB 45ms
45ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F9A9 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_32waQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 1829 39 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 09:24:52 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 20CC 39 KB
15 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 09:24:52 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 4524 39 KB
15 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 09:24:52 GMT

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 9BE4 2 KB
803 B 52ms
50ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 lato-400.css
static.criteo.net/design/googlefont/lato/ Frame 9BE4 682 B
665 B 48ms
45ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 lato-700.css
static.criteo.net/design/googlefont/lato/ Frame 9BE4 682 B
665 B 46ms
45ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef6-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame B2B9 2 KB
803 B 56ms
44ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 lato-400.css
static.criteo.net/design/googlefont/lato/ Frame B2B9 682 B
665 B 58ms
47ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 lato-700.css
static.criteo.net/design/googlefont/lato/ Frame B2B9 682 B
665 B 61ms
50ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef6-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 5CF0 2 KB
803 B 60ms
51ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 lato-400.css
static.criteo.net/design/googlefont/lato/ Frame 5CF0 682 B
665 B 60ms
52ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 lato-700.css
static.criteo.net/design/googlefont/lato/ Frame 5CF0 682 B
665 B 58ms
51ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef6-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9BE4 9 KB
9 KB 97ms
95ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f5699041af1a4041bc8d1ceb22c9a4ea22f3c9c62564b5bacf856c9dab04f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8797
expires: Sun, 03 Nov 2024 04:39:04 GMT

GET
H2 200 lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 9BE4 23 KB
23 KB 285ms
187ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5c1c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:45 GMT

GET
H2 200 lato-700-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 9BE4 23 KB
23 KB 235ms
138ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:45 GMT

GET
H2 200 montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 9BE4 12 KB
13 KB 206ms
111ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-31a4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B2B9 9 KB
9 KB 44ms
43ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f5699041af1a4041bc8d1ceb22c9a4ea22f3c9c62564b5bacf856c9dab04f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8797
expires: Sun, 03 Nov 2024 04:39:04 GMT

GET
H2 200 lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame B2B9 23 KB
23 KB 233ms
196ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5c1c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:45 GMT

GET
H2 200 lato-700-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame B2B9 23 KB
23 KB 246ms
209ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B2B9 42 KB
42 KB 45ms
44ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68364&q=80&r=2&u=https%3A%2F%2Fassets.airtrfx.com%2Fcdn-cgi%2Fimage%2Fwidth%3D1200%2Cquality%3D40%2Cfit%3Dcrop%2Cformat%3Dauto%2Fhttps%3A%2F%2Fimg.flytap.com%2Fcities%2Frecife.jpg&v=3&w=400&rid=4&s=sh_bx-XcrCOMLjxa84NKM9Vo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

34d7b42c7df7f35df3a6db61d28724f0abd59030befe49e0ec52146c94940dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 43018
expires: Sat, 18 Nov 2023 14:36:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9BE4 38 KB
38 KB 51ms
50ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

da8ec70f60c93b68f6c2bae651315a99f6cde74c1b08c9389542dca3780bb5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 38850
expires: Sat, 18 Nov 2023 09:03:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5CF0 9 KB
9 KB 46ms
45ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f5699041af1a4041bc8d1ceb22c9a4ea22f3c9c62564b5bacf856c9dab04f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8797
expires: Sun, 03 Nov 2024 04:39:04 GMT

GET
H2 200 lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 5CF0 23 KB
23 KB 185ms
175ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5c1c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:45 GMT

GET
H2 200 lato-700-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 5CF0 23 KB
23 KB 98ms
89ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:45 GMT

GET
H2 200 montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame B2B9 12 KB
13 KB 166ms
160ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-31a4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:45 GMT

GET
H2 200 montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 5CF0 12 KB
13 KB 215ms
215ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-31a4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 17:24:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5CF0 38 KB
38 KB 44ms
43ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

da8ec70f60c93b68f6c2bae651315a99f6cde74c1b08c9389542dca3780bb5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 38850
expires: Sat, 18 Nov 2023 09:03:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B2B9 39 KB
39 KB 49ms
48ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68364&q=80&r=2&u=https%3A%2F%2Fassets.airtrfx.com%2Fcdn-cgi%2Fimage%2Fwidth%3D1200%2Cquality%3D40%2Cfit%3Dcrop%2Cformat%3Dauto%2Fhttps%3A%2F%2Fimg.flytap.com%2Fcities%2Flisbon.jpg&v=3&w=400&rid=4&s=gkmUPZNNLRtpv5dH2tcyWZA3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2f43e3d69cfe7a194e7639bba082d3a56cdd62601c1102259fd6a9ad1a950fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 39892
expires: Sat, 18 Nov 2023 14:45:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B2B9 38 KB
38 KB 45ms
44ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

da8ec70f60c93b68f6c2bae651315a99f6cde74c1b08c9389542dca3780bb5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 38850
expires: Sat, 18 Nov 2023 09:03:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5CF0 42 KB
42 KB 48ms
47ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=68364&q=80&r=2&u=https%3A%2F%2Fassets.airtrfx.com%2Fcdn-cgi%2Fimage%2Fwidth%3D1200%2Cquality%3D40%2Cfit%3Dcrop%2Cformat%3Dauto%2Fhttps%3A%2F%2Fimg.flytap.com%2Fcities%2Frecife.jpg&v=3&w=400&rid=4&s=sh_bx-XcrCOMLjxa84NKM9Vo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

34d7b42c7df7f35df3a6db61d28724f0abd59030befe49e0ec52146c94940dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 43018
expires: Sat, 18 Nov 2023 14:36:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 20CC 0
21 B 77ms
76ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTxjC26FXZbOTFfqawuIP1ciegAkAAAAAOAHgBAI&bg=!ODulO3TNAAZxrfrxUa07ADQBe5WfOJUADuBNVqBMoV5isL6VQiVa1r1d5GXVoHteEgxPbCI6ncQAsMeOaJsXJ69DN8QsAgAAAS9SAAAABGgBB5kDF7n458SZYDtaHCdq7uI5kq-jYACW2Z7rc5NYa5CFApNwwvOtjo9XLUgq0pEiIHcyA1t5NH2fHKFjEEYYQQfpdHLB4IofyG3wwhbdj2_Ftfa2Aj3eK6hG6XgNWfZPerabnhGx5rdD0ruUVXITH2fdyhn9s38HewnHWl26wjxaiPXXhBa7CYCmqFtoFqjuPrYWZniGD6aog6BYB7dGq3cV6oEJWvoTBgEx_D5Ud72Y_zyPLGVBg6FqI_9R52XX5uMnEclvvpaaI9glCBhCFdUt_ZWl5tKvNUNxPXfapOyXrhHjMad8JHsI5RvaBO2_Lx9IDs-NvAX5ojq7VlZDaPuNeondc6JikUMNRLJEUrGSSdtiWihmC1D5_g62zDBwHapz6EJjCP58DAdxRCAMLwu8H-nL58FV10cw5v1nre79OQIHUfUIFJxlpfZ7N6Q4DMtCKU2iR-JwBo6WobdL8JkBvzY6nMs8Ejk3KIGTweg-cZ_LWj2oblVSI4qVGWT32gdv76Cj4tH_9urruJGUfnJU_TsDGOwxfU1QvsLd6FL3afGIaLQP1T6VquakYCD-Q2Uxgcfz-ZeQIRlvTOOjd6EJxviG-PZBu3kks64HO27s8-aA8Nu2OHgEiAMPYiqwvwHxQRqcTHoEnNChpFuRJ4QBjazLtQXjciW2PGFwpONxNwHWrvgAqW_ZLW8ueyF1GJ8lz9nzuiVSbr_fyD1u8apLOTXYFhIBXZFD26nuWBpEtU0yjEBwDM09x-QgncrOCw0lFYLDbNTi8Q0X3px_A8GCduz-1FAPfDOjTNauBpLBIrchAMBBxhI2Xp78NlgspweFlSqcDQvMJNLPkUPSWvT5B6bhn2QBoaeDmyHUG_s_kAZ7dk2gd7J4eqTsNDNiWB9m-sQg3IJUdQN3EM-nhIXjc-fPoiIPodJVIrFfxe0V9ww7ZuPd4xVMDkQHei-SbsKB0f4smrbtsmOv3tsvQf3IPBplUpSsp8tmektgfqqHt1f9HN7fR97sIzAmjl2b7QiaqPj8C2cKL9HqmYrP4dBoFahaGl-9iuE5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B7B4 0
0 81ms
81ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cep-c26FXZbaTFfqawuIP1ciegAnJntKxXNWdkfdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTMyNDk0NjI2NjcwNTcxNDPIAQmpAgpl964YNbI-4AIAqAMByAMCqgTnAU_Qod1bGxp7hhWAN4fxQPTNOyZVPS-EGn6-Urq6Xe_UfJg8jZQsrHMr8oUfG3ZChe6s4s9pCTYdDeo_fzswGV9U88kJaEWA7AityATxQcV8f19Yp5y0Nsr9nTqxnlCDzNHH1hrU6_FyLg6xq51_KQyX1YmYJsJm9X3xPhiOvf8vI3kVm7cn6EkGkwECajgvTIE4P6toQCbnrUw_HR8u411xvjYQ0LkprXtm86dl4sNUIBqyhUwcLxRH51LpRa_ldxbb9iWqcKoVRp0WCAurVxHdDq8guhgqR2olmmFZYxEdR916NGGRD-AEAYAGp8msjb6KmOg9oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6gAoD-gsCCAGADAHiDRMIx9zvy8bLggMVeo1QBh1VpAeQ0BUBgBcBshccChoSFHB1Yi0zMjQ5NDYyNjY3MDU3MTQzGMvNFg&sigh=SGEAvuR_wJM&uach_m=[UACH]&cid=CAQSPADICaaNgy-kNcj1ea5VtHtEzmCjOLgk6nDaf_4pAoiuhes-klacb5vWtFYS-EyFPb13JVfN97gWwqmh_RgB&cbvp=2&vis=1
Requested by: Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame B7B4 0
126 B 180ms
60ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k8W0FMg12AVanYNiAgIAAAATIZIvdWVUt8el5sLuN61sENuhV2WjIhZTm90OQ4EHAAASAAAKCkFRVUJEd0VCRHc&wp=ZVeh2wAFSbYGUI16AAekVaMzOjDGQ3_riBTTrA&cbvp=2

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:45 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 153757
server: Kestrel
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4524 0
21 B 76ms
76ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJ7Ek26FXZbSTFfqawuIP1ciegAkAAAAAOAHgBAI&bg=!bm2lbSLNAAZxrfrxUa07ADQBe5WfOKNthPebURfW4bKHPMzvZQtZR8cdnPGEErmYH8jP-T_My3MazNBFxUo5NXq2miSIAgAAASRSAAAABGgBB5kDF6-KZLQySd6qfXaPufGmstzpLC0aTZa2yU3W8VRwMPn2PfyG-5FdIpmcMnrIeBSJVClwq5HW4-KlMfJVtOpmFuwKWtWPtS_a_S2a0Re8NUQfoxD2AX1633u2dbZzCkDGsumius4bxpWbjX4J9ykBYmu93-CL6ThpRSg4y3j4Ey4252fYNgaCvepammluZhx7CcqBi7vuitNnxJHDn4Hv9R4NLQGxJGmVw1thLGj8cCRWgYoCeWSyvAlMkqKwLi0pZRYVdpjszsx4NB5YiCNG8MhMeO0kt8PcMHWfoIfbOP-4aRkLnmYLtB4RDzzoho6YK4OE_4acsiYC9oVVu6aQQv5Cf2csm7sk5EoLRaGT1dtzoE46iQ5AhWarKPBwtnzjD15eoQy6YTTGjrhS6gW4LPt9UcCE6vRqcUSGc8wdNjaeJOPehRyhqbdwz7LlbTelcZ2mf-A_CjElXcNmknNdTpAs_uImh4ex8DODEDln7yD9JsGC_qadVZuhhqaLlC1CIROSOVJboG0gFtegIo_ynHR5EDzN4cMJA5gTQZqzzulLnbFeuDhOQFiwdlAVNWStCE5o0HqAJP4p9po_UueE5N7mfyKZg6-sxZLlW0HJs2aGXEgfw0xrK873fKHpB31b7d5ohzGp-txweEZPMrGmlZOPvxB4SXdDoTsGfcs9DcLiyxiQvkrYzF9uo8pGqIZ4NBd_R_VuDuuT1CKm7ggiyH4oXPXF77iMPZN5URmly1ZrPAtaSJl42U4RLW5Mdb-GIPt-D2nOyJvP6_-pO6c7TBxlK4iuZAn14fWg41XH_6vZ-G1JT8ZGtZXNwOW3de-w7R0AttZxlkx-jJpgsTShpUcmc3Bl5u442WwNdv-U39TKHlP1GKSWh-rMGkIAxZY0mmcIXnqQ7q0Ys51c8vDk0XiWtgGrx2yMf-yQDL4dUwwsZibDyS3JwQXzf7m2V4Dgj1gsPHZ9C7-9aRttU32x9ZZOkJOPYNNeyyoU9J06rfDTrZlNPE6KNuWZYq7XQzux1pXxVgI9jpvPeKTkMJsH85_gWvro3wLE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FA0A 0
0 80ms
80ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxPWi26FXZbWTFfqawuIP1ciegAnJntKxXNWdkfdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTMyNDk0NjI2NjcwNTcxNDPIAQmpAgpl964YNbI-4AIAqAMByAMCqgTnAU_QvHvpIBg5uPEkVn_sJahO4FS1sK2YT-IoJw0MRUN_dOyx03owFmBrqXHdIoqBzdwhhZa-c5Ge6IJjwtlTC9q3_OsKZlEhsZsSeUv4AsrUMUCLm89IJWcZ_3E97ppwTNOfJnXK7SUuuidU4SpQi8WarhZtbIydcd2Lb_1i7VMT_mnIXY9jXq1UZ3Nloi7qs_iUMmDlduQ3eQkyBFJ1KOtB7BDc_lK-I0xcykeBlzRo14kaZI6jWeUIIBjVbs7FQjGgtHNI8D1qJ1Qbpe8xZTh29Otqz6BZcBNc9GXJXlhBWplDat6Cn-AEAYAGp8msjb6KmOg9oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6gAoD-gsCCAGADAHiDRMIvNzvy8bLggMVeo1QBh1VpAeQ0BUBgBcBshccChoSFHB1Yi0zMjQ5NDYyNjY3MDU3MTQzGMvNFg&sigh=L5WkLiIppoE&uach_m=[UACH]&cid=CAQSPADICaaNgy-kNcj1ea5VtHtEzmCjOLgk6nDaf_4pAoiuhes-klacb5vWtFYS-EyFPb13JVfN97gWwqmh_RgB&cbvp=2&vis=1
Requested by: Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame FA0A 0
125 B 56ms
56ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k8W0FMg12AVanYNiAgIAAAATIZIvdWVUt8el5sLuN61sENuhV2VwvTx0gqHk55cJAAASAAAKCkFRVUJBUUVCQVE&wp=ZVeh2wAFSbUGUI16AAekVThAygdSopAqXfbzgw&cbvp=2

Requested by

Host: 390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 180075
server: Kestrel
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1829 0
21 B 77ms
76ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BVcAA26FXZbKTFfqawuIP1ciegAkAAAAAOAHgBAI&bg=!uLulu_TNAAZxrfrxUa07ADQBe5WfOElY20aT3AHtSgiQ-jSbM38qkdFKutSa9Nln2SxgsqISXu1CAeepRwrYY4boG5oIAgAAAWRSAAAABGgBB5kDCbm8w6cgqaWS4cOUpILoxBi8giarCJCTno3WtMWcaTvGM4Tey-LXYSXu2w6wRsgEtiTXoLn1oSTxYqUIOxB9s1l8YkXcruKXPiDKfFAXxr4QcFpckNiFvnRTxH-K0p520WZ4ntlP8K8JFo3g6Aeku6pRQWVWuP2KNRB1CBCUv9eTc55Q57f8rnb5jm1fm4Y-czxLGgsPzWRVLB1lzR2nGfOkx0R0JJU-u__I1w4U1_QUih5wldfgmGWm1VtPlBEAb03yiRWe-0KKUYVbncVFwCKxVVGBEJzy-X0vDuLQceoD7qpHnZwTGq3pRj26cktahb_29RCpyLZEC4XX3t2R8ZPskJWyuGVDtyoeNZ2vEyTVWZ8eHenH0DPagDkloH5reR_EdIjgTQpibHDX6AELQ2MXAdYYKBvbB-tKfnyr8-yh3KAkGQ_dWFkzpJDBJxfm1doOcmWfwPsDY3ssPCQ6EILJJyRYUvTeZ1t4H-MEOoZ4cEqdqQ59KarjtWk5zIyIoIm9ygNjWfgWXmxqOxXLKHDiZmJ28Qo3oEHoPlFGRGgkmX0EwznVaS5T715WrFgSTLHarDu2mqyeGyfjkOBERzPS5RR2i3-7XVPCkgDU7Rk28KX-Y5uQlRWqmzrnX3ZBJZ38tZ5-QrqShOu-Vt1gssf6xL4KsHrSOQ2R6_xZZnWNozMX-TmuvahAtDuZSbbUF931rLUsiymE2-KuJN46powwO6OnLj6-qtj1rGPtNZLcWDfmoRUfBBkHF_37RLNXlttb69pKifTwLhVrdUriutkmRSs9SlMlCzyIBks0AAcXNJEc_7PwOD0Um6UuFVlu5k6Phk9ryPiBht72gQc_Si0rt1Rb5wGs9bLwfjILmMXpiWDLj-6ep6_pjprDwITmF1W4iiFbqaCIF7AOSga3TWGmFBbwA-IyDenlhJ2TfZLxY9DtMAXsnLwQ0mx-zwwu2la9L9m2G0bIPo_Y2GbfFLzVKhwNxjvxQY1pMQ7MGMeuNHtlRx01PXZLdrOhkmGxuzp0djkU3AlN1g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4AE3 42 B
174 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLrk-j3TXec3QdV94pq75GdB9PS0t5rb0Wsi0CYu6i3EE5m8DX68v6yn1PFpDjPYcwCFFrzevmGpUj96ub1hEdzLa7nQST2yRFsEg7Aw6JrdeLCJZTkW5bqcIt3c5JaeqhHQlKkh8PIEHk&sai=AMfl-YQQ39xvaAWKsSHCVEa9WpK5Zany1o1AMfjZQWt4WZ-do9NEqL97ltpBktVotXHxpkQJtQK6VYt6j_Ws6B6EsaC92b9jUNthvRPKQLc0p89k-p04lMw6i2G4EJr1&sig=Cg0ArKJSzPNC8DF7yEfTEAE&cid=CAQSPADICaaNgy-kNcj1ea5VtHtEzmCjOLgk6nDaf_4pAoiuhes-klacb5vWtFYS-EyFPb13JVfN97gWwqmh_RgB&id=lidar2&mcvt=1000&p=156,1269,756,1569&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3209054416&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700241883833&rpt=395&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311140101&jk=4457378105197553&bg=!WFulWxTNAAZxrfrxUa07ADQBe5WfOIQWOzdRAJLADtqgqAgstp16XhkJOYEg3WpW-viynP-Wfl63Irw8peeHSGuam8TIAgAAAzBSAAAABGgBB5kCwcFq_n8OsUXmZVBewMx8aSpiYgItStMaQaWXAIo1G8hRRezC3oWy-4pyQ0lsiXy35UZwL8mygDgg15uYhYvYhnT9Bint-oTPxVH88PbL52G7gSn3Ires75MevlozIjV-oNrbNwpUxEAW16fgpxqZb-83Kg9zAVbOxpLWByqNOGo3wpDmHkaWUv-80PklIKWYpZ7plndDS_52kQG_eMWvkSd88QcmJMZOx0aDIGLaRTS8JzeXo_ZfjrQmGVgTMIRGbGAeAYk1g5ZtOclhG_1hm7v4fo2GTZeF0UCRA-p8-ML0ZltU_Sq1EIzxroTsZzjcw2OsrkfXdgDProNHzDbhws8rL0RDQ7LVVyNJF0-Jd0d7PlDCSvcDq65BK6CqKxvx7NMfGgvHb6RgpYjjCOZ8Rr_jXepDXGQWPb8hlq8wntw9wfNVGsYIPNqovTj_pIF5d8xjlpkjpgyFFYqdylasbwhcXYWYzxN7jPK9mvIlSr-_dTjxinYqDEdhkIzsNlMSCUuuJrIeK74nzT1wzZ66UtAJo93gehOJUWwzaSSA_WMfcQ77o2UVTYw9UUXPUGsz7MbL3RnSMrl7IHCVz_kv6uPOTgCylKR5M2xep_Wsscd-MOee_4ACGMvOGwpl6-vBH4wdhPWBju94ZeDo7fR1fqCs4nOtyAWTFLn8iZBIZrSvHZxoamvU3ghkKX_ZHQm5t4N1_d1FOGKHkWiIg-Se2LQoszDvyfLa9Z1hFaauUJpl6qthTC-jyoxyuAXgIBGPl1Q0QIOVFhDITkGUq96R240m8NtPrm_FIN4H1b-IjGzEe7gYOsVjn2l5Hu8lD5Kp1hunMXk1krmjaYmZ_ES0-8pZNFfRfl3pJDJS3No8pH_EjoQGWWnPxFkUoEfaREkQtlV6ONBKBMmoAAySEJM2ZKil1vQd0XoM4t4_DP_FyYvy0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-50C013M2CC&gtm=45je3b81v872586341z8892095748&_p=1700241879986&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1986320353.1700241880&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1700241880&sct=1&seg=1&dl=https%3A%2F%2Fwww.olx.com.br%2Festado-mg&dt=An%C3%BAncios%20em%20Minas%20Gerais&en=page_view&ep.content_group=listing&epn.total_ads=1053084&_et=378&tfd=7991
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50C013M2CC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.olx.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.olx.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 139ms
45ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.olx.com.br%2F&domain=www.olx.com.br&bundle=1IIWJV92UXFyeTdvTEhEcTVKOEhZc3phSkJSUGI0clpQVXI3NFhUJTJCakx6ZFRBeHklMkJ5bmk1OFNlbGdtVnMlMkZDRnloc3dXQ1J0QlQxTm8zZlM2ajVvMnl4cm5PTXNOUDE1SWNwOWxBVXVNZXpBN2JVWGxIWmNCeERSY3YzbWVqc1hHRFhEeUxpSjZyRyUyRkZROUdvVDNlRTBsR3lFQSUzRCUzRA&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.olx.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.olx.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 17 Nov 2023 17:24:47 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 248054
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
372 B 50ms
48ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.olx.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.olx.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 229381
expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A6C7 281 B
555 B 179ms
41ms Document
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14702.js?DM_env=web
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Nov 2023 17:24:48 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 820C 52 KB
17 KB 262ms
50ms Document
text/html 2.19.244.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14702.js?DM_env=web
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.244.218 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-244-218.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.olx.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 17 Nov 2023 17:24:48 GMT
ETag: "623de86a-cf34"
Expires: Sat, 18 Nov 2023 17:24:50 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
X-Akamai-EW-Subworker: 8096267

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A6C7 46 KB
13 KB 81ms
42ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 17:24:48 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Nov 2023 11:35:45 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=65402
Connection: keep-alive
Content-Length: 13230
Expires: Sat, 18 Nov 2023 11:34:50 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 820C 0
594 B 204ms
131ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:48 GMT
an-x-request-uuid: fe1f7393-d21a-4885-a550-9d194506a9fa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.109; 80.255.7.109; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame A6C7 7 B
380 B 212ms
41ms XHR
application/json 69.173.144.165

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 820C 0
594 B 45ms
45ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:24:49 GMT
an-x-request-uuid: 3e224711-dbd7-4bc5-a660-0812fac3dad2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.109; 80.255.7.109; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

288 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.olx.com.br/	1970-01-21 01:53:21	Name: r_id Value: be7c8f5b-682a-4d51-b29f-9d4f31ac1492
.olx.com.br/	1970-01-20 16:17:23	Name: TestAB_Groups Value: sanityweb50_control.ds-web-vitals_enabled.ngage-chat-on-gallery_enabled.txp-fakedoor-buy-button_optreq.payg-discount-re-julius_ml-ranges.fee-boost-goods-parcela_enabled.ppc-myplan-redirect-lp_enabled.goods-history-sales_enabled.ppf-free-insertion-re_enabled.ds-header-navbar_enabled.free-edtion-goods-parcela_enabled.delivery-quote-weight-11060_control.delivery-quote-weight-3040_control.txp-expanded-delivery-method_control.billing-history_enabled.pay-now-always_enabled.apmkel-filters-fair_switch.txp-retry-by-id-pay_enabled.adv-remocao-topo_enabled.ppf-myplan-new-marketplace-pos_enabled.payg-discount-julius_ml-c-mab.imo-xp-linkshelf-autocomplete_enabled.ngage-chat-miniprofile_enabled.ppf-boost-motos_control.ngage-adview-miniprofile_enabled.delivery-methods-modal_enabled.bumpds-bjperformancetrackb_control.rec-adv-package_on.apmkel-list-item-fair-badge_orange.autospp-notshow-modal-hv-myads_control.ppf-edition-re_enabled.chatmod-logged-user-showphonebody_enabled.autos-aqui-mileage_control.adsxp-adviewlinks-bjQTZ-3020_enabled.contentmod-gallery-tip_control.imo-xp-adview-modules_priceInfoAtTop.acc-split-login-v2_control.imo-xp-privatead_enabled.listing-grid_control.ngage-listing-badges_control.pos-cars-fee-boost_control
.olx.com.br/	1970-01-20 16:17:23	Name: __cf_bm Value: NY7_cQvQqDG2n_ltpYu63iDncmSiMDPwxeBv1Rt0f0A-1700241878-0-ASw4TE+mpKxBnv+Gpg/DBjjG0Qr9M3HFRyPCRt0gBnSwv1tq36Rau9bHGKf1nMcs1FFsT6TX6vrVYDcEaF1/6Ek=
.olx.com.br/	1970-01-21 01:53:21	Name: nl_id Value: 99c2d949-76c5-4ea8-9d4c-42d0b9a2702c
.olx.com.br/	1969-12-31 23:59:59	Name: _cfuvid Value: ZCSqCQrzkRIC2fDiFPOB.KDfHc8t6noc2T6U8IpEqwY-1700241880409-0-604800000
.olx.com.br/	1970-01-21 01:53:21	Name: l_id Value: 0477a79d-2d79-4985-bc54-2a9635049ff4
.olx.com.br/	1970-01-20 16:17:23	Name: s_id Value: e58bc49c-086b-4c11-840e-96d1fc327d2f2023-11-17T17:24:40.328Z
.olx.com.br/	1970-01-20 16:17:21	Name: lotame_domain_check Value: olx.com.br
.olx.com.br/	1970-01-20 18:26:57	Name: _gcl_au Value: 1.1.714919832.1700241881
.navdmp.com/	1970-01-21 01:03:18	Name: ac3 Value: 1
.olx.com.br/	1970-01-21 01:53:21	Name: _ga_50C013M2CC Value: GS1.1.1700241880.1.1.1700241880.60.0.0
www.olx.com.br/	1970-01-21 01:03:01	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%224b6t2lVNy3h5KnX4ZJ5g%22%7D
.useinsider.com/	1970-01-20 16:17:23	Name: __cf_bm Value: KQQ3ivwNXDNvXkTI7YpsQv9aE_UMIrKRTHR3_0enHUQ-1700241881-0-Aeu8umEteLe/blI+q2wsZLsr7wiVMU/qYn/J0hjL1dvjlKDtqXCcsuxH3Ag5bUfwlnB8PKQRKlXtPqmHwyPPlao=
.olx.com.br/	1970-01-21 01:53:21	Name: _ga Value: GA1.3.1986320353.1700241880
.olx.com.br/	1970-01-20 16:18:48	Name: _gid Value: GA1.3.1739484175.1700241881
.olx.com.br/	1970-01-20 16:17:21	Name: _gat_UA-70177409-2 Value: 1
.insurads.com/	1970-01-21 01:04:24	Name: ___iat_gid Value: 6899F05E2FB2D822
.criteo.com/	1970-01-21 01:38:57	Name: uid Value: 78711974-7e24-41db-9bc6-2c4f31afdc8e
.olx.com.br/	1970-01-20 16:17:23	Name: ___iat_ses Value: 6899F05E2FB2D822
.olx.com.br/	1970-01-20 20:36:33	Name: ___iat_vis Value: 6899F05E2FB2D822.75740ad30ede67d312e8bb4d7fdcd431.1700241881110.76b8632ce2d469b285f776f5dccc72a0.JBUEIZEBOM.11111111.1.0
.openx.net/	1970-01-21 01:02:57	Name: i Value: b18f747a-fe03-4029-ac43-4f83a664a48b\|1700241881
www.olx.com.br/	1970-01-21 01:02:57	Name: __spdt Value: 3f11144c977c4ff1a9a179cb97e2ef09
.navdmp.com/	1970-01-21 01:53:21	Name: nid Value: 13a7cc8c4d02216b2e43af4c4610\|1\|347
.tiktok.com/	1970-01-21 01:38:57	Name: _ttp Value: 2YJRpv1vjfdh8AZRJbWbNBAKN1W
.olx.com.br/	1970-01-21 01:02:57	Name: lo_uid Value: 1700241881404-piuc5bgzzzd
.criteo.com/	1970-01-21 01:38:57	Name: receive-cookie-deprecation Value: 1
.olx.com.br/	1970-01-21 01:02:57	Name: nvg83482 Value: 13a7cc8c4d62e9b554fec5d9cf10\|0_322
.olx.com.br/	1970-01-21 01:38:57	Name: _tt_enable_cookie Value: 1
.olx.com.br/	1970-01-21 01:38:57	Name: _ttp Value: IFnStBHrnc9aq1Z2wIEZOIZCjbb
.doubleclick.net/	1970-01-21 01:38:57	Name: IDE Value: AHWqTUkL5gulb6S5qHxmIdqvfwKy85qVCG6gSnvAHKtRUEtuV1sllYlMKInlXfcF-Y0
.yahoo.com/	1970-01-21 01:03:19	Name: A3 Value: d=AQABBNmhV2UCEA5aVBLHz_OJh3bU4rUNCNcFEgEBAQHzWGVhZeAQyiMA_eMAAA&S=AQAAAuWlm3S-I0PShBOkwJzBJPk
.olx.com.br/	1970-01-21 01:46:45	Name: cto_bundle Value: 1IIWJV92UXFyeTdvTEhEcTVKOEhZc3phSkJSUGI0clpQVXI3NFhUJTJCakx6ZFRBeHklMkJ5bmk1OFNlbGdtVnMlMkZDRnloc3dXQ1J0QlQxTm8zZlM2ajVvMnl4cm5PTXNOUDE1SWNwOWxBVXVNZXpBN2JVWGxIWmNCeERSY3YzbWVqc1hHRFhEeUxpSjZyRyUyRkZROUdvVDNlRTBsR3lFQSUzRCUzRA
.creativecdn.com/	1970-01-21 01:02:57	Name: u Value: aDL0OWapbb7LZvj0kYwp
.creativecdn.com/	1970-01-21 01:02:57	Name: g Value: aDL0OWapbb7LZvj0kYwp_1700241881845
.creativecdn.com/	1970-01-21 01:02:57	Name: c Value: aDL0OWapbb7LZvj0kYwp_wBiML0Lv0cEh18cEd5DU_1700241881845
.creativecdn.com/	1970-01-21 01:02:57	Name: ts Value: 1700241881
.olx.com.br/	1970-01-20 18:26:57	Name: _fbp Value: fb.2.1700241881976.2058423828
.creativecdn.com/	1970-01-21 01:02:57	Name: ar_debug Value: 1
.adnxs.com/	1970-01-20 18:26:57	Name: uuid2 Value: 5417491379344112778
.adnxs.com/	1970-01-20 18:26:57	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2GUbMMG2[!@wnfH1YbZRGH!W=37we%LsSm>syf2%`YT2`VDNht74ocvjdnk1EHs//:0R[8/M34wa.vA8d_lLeTiIbpRzqF1`b^'e-8?MV
.olx.com.br/	1970-01-20 17:00:33	Name: pbjs_sharedId Value: 444bbd01-dd58-4239-b1cf-ab5adcfb2703
.olx.com.br/	1970-01-20 17:00:33	Name: pbjs_sharedId_cst Value: zix7LPQsHA%3D%3D
www.olx.com.br/	1970-01-20 17:00:33	Name: _pbjs_userid_consent_data Value: 3524755945110770
.olx.com.br/	1970-01-20 17:00:33	Name: _pubcid Value: 94dc20c1-d683-4c2d-83e7-435b5bf4ce50
.script.ac/	1970-01-20 16:17:23	Name: __cf_bm Value: JWlKmQyws8f6SSQQis1WJg1384xC9G1dZbNr2EeULeU-1700241882-0-AfWWED1Tq6UhUcRq/zqcWE/DH7PzxP8W/1/GZRy8PQBcddJHfElp1+sdU85FaC5Rc4/3WWY2BaGC7sl9k10nCaU=
.rubiconproject.com/	1970-01-21 01:02:57	Name: khaos Value: LP2W48YC-2-CZ4K
.rubiconproject.com/	1970-01-21 01:02:57	Name: audit Value: 1\|naVuGyos1qpd0QY055gD/wNb0fGVcfL/XWaA1sYWTLHiXIXbtn90w3mqXb8uVU0P1m7Bo6epcl9GBLsuh3fnviYbB5SW5XQ3Z7LGN3aoYVYijy0RC4Zd8Ri5j99IjSR+
.olx.com.br/	1970-01-21 01:38:57	Name: __gads Value: ID=9c4b5d61ef7d11a6:T=1700241883:RT=1700241883:S=ALNI_MZ9WzyDISBcsxq1vh-I120vR7kdXg
.olx.com.br/	1970-01-21 01:38:57	Name: __gpi Value: UID=00000cdc4753ccd2:T=1700241883:RT=1700241883:S=ALNI_MaeNcQ6sbApt8VSsI4WDkYJiOApuw
www.olx.com.br/	1970-01-20 16:17:22	Name: _dd_s Value: rum=0&expire=1700242780395

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://recommendation.olx.com.br/api/rec/?lurker_id=&region_id=&object_name=listing&custom_tag=listing_web&state_id=2&test_id=hold&platform=web Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://recommendation.olx.com.br/api/rec/?lurker_id=0477a79d-2d79-4985-bc54-2a9635049ff4&region_id=&object_name=listing&custom_tag=listing_web&state_id=2&test_id=hold&platform=web Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://apigw.olx.com.br/v3/me Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13034979.fls.doubleclick.net
390c7a88fcfc36c0e9807f9f31c5e737.safeframe.googlesyndication.com
a.teads.tv
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
analytics.liftoff.io
analytics.pangle-ads.com
analytics.tiktok.com
apigw.olx.com.br
bcp.crwdcntrl.net
c.amazon-adsystem.com
cadmus.script.ac
cat.nl3.eu.criteo.com
cdn-ima.33across.com
cdn-public.liftoffintl.io
cdn.insurads.com
cdn.jsdelivr.net
cdn.mouseflow.com
cdn.navdmp.com
cdn.track.olx.com.br
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
config.aps.amazon-adsystem.com
connect.facebook.net
csm.eu.criteo.net
dsapega.olx.com.br
dynamic.criteo.com
eus.rubiconproject.com
evnt.byspotify.com
fastlane.rubiconproject.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hit.api.useinsider.com
i.clean.gg
ib.adnxs.com
imageproxy.eu.criteo.net
img.olx.com.br
invstatic101.creativecdn.com
locationv2.api.useinsider.com
lurker.olx.com.br
mg.olx.com.br
micro.rubiconproject.com
mp.4dex.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
olxbrclassificados.api.useinsider.com
pagead2.googlesyndication.com
pixel.byspotify.com
pixel.mathtag.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prg.smartadserver.com
pub.olx.com.br
recommendation.olx.com.br
region1.analytics.google.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s.seedtag.com
s.yimg.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
segment.api.useinsider.com
services.insurads.com
sp.analytics.yahoo.com
static.criteo.net
static.olx.com.br
stats.g.doubleclick.net
sync2.navdmp.com
tag.navdmp.com
tags.creativecdn.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
typhoon.useinsider.com
ups.analytics.yahoo.com
us.creativecdn.com
usr.navdmp.com
ut.pubmatic.com
websdk.appsflyer.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.olx.com.br
104.18.12.210
104.18.13.210
104.18.35.167
108.138.9.235
13.32.29.175
142.250.186.166
178.250.1.6
18.198.226.18
18.239.69.125
18.65.39.69
18.65.39.70
185.184.10.30
185.64.189.226
185.89.210.212
2.19.105.180
2.19.126.74
2.19.244.218
2001:4860:4802:34::36
212.82.100.181
216.58.212.162
23.32.184.198
23.35.229.251
23.53.43.97
23.56.202.187
2400:52e0:1e00::1080:1
2600:1f18:6494:7800:c8c:9279:d9ef:e8fe
2600:9000:211e:b800:16:8db5:30c0:93a1
2600:9000:223c:bc00:1d:c6aa:c6c0:93a1
2600:9000:244f:ec00:14:f2ba:2b80:93a1
2600:9000:2490:f800:a:8162:78c0:93a1
2602:803:c003:200::43
2606:4700:20::681a:8a9
2606:4700:4400::ac40:994e
2606:4700:7::a29f:853d
2606:4700:7::a29f:863d
2606:4700::6810:5614
2606:4700::6810:bf3
2606:4700::6811:180e
2606:4700::6812:1791
2606:4700::6812:1b32
2a00:1288:80:807::2
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2006
2a00:1450:4001:829::200e
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:400c:c02::9c
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:3::e
2a02:2638:d::c
2a02:26f0:780::210:a440
2a02:6ea0:c700::10
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f176:84:face:b00c:0:25de
3.209.92.249
3.71.149.231
34.102.146.192
34.111.186.1
34.117.162.98
34.120.107.143
34.149.50.64
34.200.105.41
34.95.69.49
34.96.70.87
34.98.64.218
5.196.111.64
52.205.52.6
52.215.24.0
52.222.208.154
65.9.66.122
65.9.66.47
69.173.144.137
69.173.144.165
95.101.149.35
99.86.4.39
0162218d88a3da843fb29d0dc9ddad8b99be48bffe8b3470c6fb014abaedd557
03775ae2e0910182149cc19e25ad1ed6c0101e32c80425b00527e56c022e2c0d
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
084e035db971b80d8d599116fda9bae31b9f37d16a3192996383b697c2adae21
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ba02bb2f068a5fc02144e564a107bf68f88b1d8aaa29f05ca9d903b9de98dc7
0c64f77c80dd33f3ed73799afc42d6f266e275a101bfcc29f77478806e967e34
0c9c82e509796d04adb6e63948e4aa231a1805a3f33622d09e3bc906ee13041e
0cdf1e4b27f7420b0ad37ad1d6bac03f7470438bc8f49de10bcf1440dc4fd37b
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f41c9b5a15257ff40b9a4dcd7824f3d679461813e9a369e8af58ce874c3da77
0f55067bacb0c69f8c30ec2a6c913cb0e813a90a466a930617568218d98bf1a8
10b5069518d85215f9c1da15722744e18b916b927be323a233d21b89ecc0f966
134eac047038b831d518110e9d38775fafd3d8aaf986528c1bf9e2825d6ab40a
13c0c8db1f42b94b1e5f90ccf0510b034bd9c8c415f821760f46bedc5e945702
15b48d471195d61517f77c8b25a80da14c9cfb4186a5f1db341faac21f1ebeae
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
19c259f7c3d679a72e54a760f0d11498312363fb20a74247ea610f0684ebe00e
1aa481fcf0ef1f8e041a650289f55d90fa7aae9865283c7ce0a565e502cc2fcc
1de3502763fad582a565844752122fbf3f51c305f957a6637dd3e4317541e383
20be8e4850de006102041bfee572e6430d7b1a7aa79a78b7e98e78d576b720c4
20c0114a672ac0b5b31a1c0100543a2306bf389816ab20774b66e8f7b30fb60c
2135337bc4ff0a5a28fdf13464b716dd334daa431a7813d01f4fa203297c0327
24b5a1d5f962cc3e261516b26fc64c6195c126b90d0450f2fb160dabf7c48a04
24b8a509dda8d90465da9795813e1be77058c88de3f2e6a59686825a02bbc8c1
282e82056ff52434deafef55bbe056693c269ed0e9527cacb40cc4cd0b5dc8e0
2894dd119677ebcc2205fbfc8c90548d2b14f5580a74fac48486c393ac35da64
28f89ad200f51a7703bb594a5cfe8c211c5c4a1efed621019bda507c9941457c
2b6ce77c08edeec4977f6a2aecd2ec96ffab1795aaa806564df27af38aebb632
2bb7f063a5afba0172b0d2eef6fb64cdae6bfc2034494bf440019e247f562ac0
2de68db2b08a024a06e012a33f3bbee725e57451bceeceda931c2d2602e12b56
2f43e3d69cfe7a194e7639bba082d3a56cdd62601c1102259fd6a9ad1a950fe6
2f91fbbf9b6512e3d02e2284188d0e09d3cbb1a519374758a590783dde271370
303e3802c160b17e0d3c4ca6e3de5d9c42189db2298fb7ecba3aee9c084400a1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34d7b42c7df7f35df3a6db61d28724f0abd59030befe49e0ec52146c94940dc8
38176b78ec1ed55cf99a9edfd756a3cd3734877ad8f8418d596c8c38d11a52b2
390cb2690e5f1abfb0ab7abb1d5cff4c1887e6b03c82b28d2ce30fd55c953844
3a17f5b59cdad45ec376cfc6056b685dff3409a7aae130d92e6419e9fc2b4b97
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de19c83ad6dc2f992392e4bd61189ea0a34388200efee551f75fc079aa8f5f6
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e8c7ce80364c0fa515e26dd21e641c44b08f7bceb833da76b8ffd150ee0a635
3f0a30d0bb63e016d95d91e87e3b80a8ecce5ec56b16c2cb48b28e6e87f26d2b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
408ee36974b3e3a96e66c27f06e1168525cfa88f4893f360fc4c8c2a6ac8af3b
4168ba17a882bfe4e59cbfca2608e8d74d8be6593547e597d4eb7e2a0c35aa8f
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f4b31a821678f32971d8a288ce31667b410eb1b1f0158c794043ddea753d62
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4acf27f22f34bb32264b38f2bc226b856919f8c837bbc0a1ff5043294c10341d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4c983b36767dac79e37dc3f29c03610e090e2ea315469add28ec7389bf96f744
4df58cee20a9a69513c308801405c294e57e222ddfef71dedaf9a99da600ee43
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50dad5c959e8638b572b58fedeb9dcf2f461cf1848d40c5b0d175aa6a7311cda
5275d2584d8af32ceb5b4c4f2be8a375edf79fd19f22844c3d3dbfd9dd3744a8
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b1b36276fb785950bd896ca687ab65587a3412c36723c603153c20d3a1a20b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5942e371f51bd4a914c9fbd516988a50da14c9a490399be4fae51810c15454f7
5ba368d78f16e3ba8960a58f0a46dbd281bfa403bbfa617681ada7408c58178d
5d407ee27ce80a1d5cf193323fab00bc12dce0773d6fd5e3989c06d8726e2ebe
5e45bb4934f81ca6d18d7beb4cca90cc586a943059d0a37870e41baa1d4447d8
5ebf899b71151cd85495a6e42e7392a06ca26b75e50bc7c79b3e3e573c17e6e6
5f5327d8ab751ea7f7cdab8c3b3993725aef9cf68d0a7288f5599e8a070cccc1
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
6115b469f14c5dfa197d2be8b75f38d8f388920cb144378d85d87089365e3c23
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
62c7dabe20ee09d4bd72b6f916bda13b8dcfe0a0dd1fa9686797e30468e96b3f
640ce37aa187514eea05474d866de5d976327784c001d4e07ca96ea74f4fb864
642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620
646d66d9967be6d6a7a6da463cb778d2c5122d92a9ac26b265a762fd5023f70b
64bb6866966d953f7cb21ac71e171ed354d8ef4d61b06ac65f7dd403de64a136
661805e33631aff69eb55fc98335de2181f565b69b40f0e0c52be5792e6d27a9
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
71287d958bd57502cc10da99734d1cb551eb056b51899d34d9710493a23196ee
716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
741101793c57d9fd1b3ccc6b129c2e8e720af54eb0c43578c9923401fc63b209
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7abe7516493f0373870d99512676d4f21f498682263038d9961e3ccc79335e45
7cdfff51ceb7e53c3bfcc3225edea77518f6ceb8716580aff749def70a424945
7ef06ac12f16660abe007fbc69e5b825d38fea9e6c49ec061df1449a9fa8be57
7f5699041af1a4041bc8d1ceb22c9a4ea22f3c9c62564b5bacf856c9dab04f82
7fd9a8a8925e61a98a80214ba14b5daccc0c5b0759cb090674d6a9cbd0622b1f
7feb96df9b77fcc4ec752cd81d31d4c1eb9fe81d7177ddf8cc4409efca65548b
81be954315cac889885c5d3206190e5b4608214a7a9cfb7c4b6ab77c7dcc64a7
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84c73324842a7de1e47b8d41cc1edc9d8a7afb1f2ba05a412f22a338a7bec456
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88ecf19de4301a87f150682faff638a5f48fb8c4ef280fcfbe62aa2fa9a47fa9
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c3d3f8f234c097ceffd6fa4f04eb721a627e0149d07e68125f318b1be1bb841
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
90bc1b3105b4e8b9173267a7d8cc207e8660b6046bdbe1c9f70435e042f7c4a6
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97dc67431dbd3360ea838fecad611a30f540f8389bbd15b89a1e14ba8dbb54aa
9ad5cf8c3b001a0e633f91c4d19bdf6e8ba1e30df229dbbf0ec8848e498cd5e5
9b1e8c5e21adb456083ce280f3874f1eca6c45deb9524ecd38175798005d33f0
9b4278f0f256fbe989c5fcdd2216d59183294474b5da1ee5d9fd4e308ae9fccb
9e89c6927038c2c14f784a17d20fb9defcae2faca47de1dd19db461671f2093f
9f1b207c17f6f654614d22fe5f5e079e223422005e24b81c882e2de0cf7e3c80
9f3a3cc09d0ae7f2d54573d41a354e44e65c984f81c0df951f7f4f0f10be9d1f
9f4d95b6c1554b2f0beb7ad9e89a86dd9b82582336fb42097765717dd100c3bc
9fab2fec46a56919e883b417c5da64223de5e5ab476d3019850d3a54a570ba5d
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a787de9412f9fbd82b31a6e246d06680d9fe3e2f64d76f42f068ac545cc68d63
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
abdf77b2bbf03eea9dd60de3a1c22365231e4f292759d5a2dc766d9076658d12
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2be998af7bc5c3d0c2404d79aac315f7827ad228c20a2e282e5088b5d05d09a
b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f
b921d4afae4fc93b3350c54e884b66b5c7094e5d321daa0b76b2412606784580
b9c247a12eef68baaa1da9fe38621bed237384853475c85ab046772e1d841b3e
bb3f989735a31d1228cee7f91675b7c5c4a1e8b51a89b03d3ee24d05bcac5156
bbc24942842dbd52528400dbc37496b8773885220cfdb36cdf6f66801e649819
bbf7d81a6bdc6c8e73b84a1d39645907286a66ac8c343737142eae5a0ba9bf23
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c151b52d412461fc03fb9901c6b5c2e1f457e1ee33286e18a2b0d0438d411193
c17d3c7db14a3ea8c74f57a0ada5122a29b52674bac0690ed8560a4738ee4218
c2b126f8cf108b0b24da09947ec0f6ae3d55df120a87e1dd9ab6527fee53fe55
c33f40ab939ca2d48b1aae408ad1a69c0d758f0d8cccf8fab6d78ec5a8524f54
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbbb73a9a5340753ac4f61b88004dcd30bb83d4cac63135b127fb38651a530f2
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
d0543aab461bd9f1255167187a0590ba4499e96ca08f1a9359179c69b004c427
d19204c50a2911f2e51b35dc91ad022b91d932576e3883779ec9b0ba0f26b0fd
d517e17fce4f66ffd99c26253ff105853e8cf825f9e25b72e18244cc303ca815
d6fb71436f49efc8c5c483c9c9164dd3831de0e8451f0f7b7030d5c34a88bf07
d7b7325f788bdf584dadf59ffdeff7f575c3f914f4c2236dc043c4222ef3c217
d8074f23cbd27aa6c2f231b8bdad34bbd8d49c7e47ffa0d7cd07a2c4d1d3c798
da8ec70f60c93b68f6c2bae651315a99f6cde74c1b08c9389542dca3780bb5b1
dde20b8631da4cdc7514c48b062ec195a580bde1c260bf113cc7922a1fc762fa
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9bd97e327ee17311bd56f2f4c760c2a9800632c55cc3ab5721a3ec91c6c55a
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4475eebe7a6c4db702858320687b472a94f31308abb289c2df866eaf15c09c3
e450109b1306817cb914db65e6781e931fa5f820efd06c14faaa37a77e53d4ba
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e622464ec261f7fa7ece329e25abb843f026cfcf9c9d3c2503ca9bb981e7facd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8c640f80f6c78de08ed1be56a0ee569cacc3f685ac55447c232432be686f38a
e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edb1995c0aab02572514d3f6071d425de0d26148f07b33d4f448b2eb4e91b80e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef408bc86cee4ee96710380f0ab741072bb0a1ed68960e58875dc4d0ca1a36c9
effdbeb581b06bd65a3c5b7525cf964212cb2d45160207a4581996f387de1d15
f45546844d1d0962a476ec995925e4f8de0a5441c2ead745c439667715ef47f0
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5c05b916cb1b2614d8d84f975995734f09f79ea0e9743d1399df159458f4d4b
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f8d0a8fc53a7a934014287ec8775245c473a9794fe517219f9cfa16458372468
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315

www.olx.com.br Open in urlscan Pro 104.18.12.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

339 Requests

98 %HTTPS

49 %IPv6

45 Domains

97 Subdomains

85 IPs

10 Countries

5024 kBTransfer

15177 kBSize

50 Cookies

27 Outgoing links

Page URL History

Redirected requests

339 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.olx.com.br Open in urlscan Pro
104.18.12.210 Public Scan

Screenshot
Live screenshot

Full Image

339
Requests

98 %
HTTPS

49 %
IPv6

45
Domains

97
Subdomains

85
IPs

10
Countries

5024 kB
Transfer

15177 kB
Size

50
Cookies

339 HTTP transactions
6 data transactions