facebook.lojaseofertas.com Open in urlscan Pro
2606:4700:3034::ac43:c0e9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://faebook.com.br/
Effective URL:
https://facebook.lojaseofertas.com/
Submission Tags: @phishunt_io
Submission: On January 20 via api (January 20th 2024, 5:31:35 am UTC) from DE — Scanned from DE

Summary HTTP 208 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 39 IPs in 9 countries across 33 domains to perform 208 HTTP transactions. The main IP is 2606:4700:3034::ac43:c0e9, located in United States and belongs to CLOUDFLARENET, US. The main domain is facebook.lojaseofertas.com.
TLS certificate: Issued by E1 on December 28th 2023. Valid for: 3 months.

This is the only time facebook.lojaseofertas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::ac43:d9b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3034::ac43:c0e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
7 32	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
5 5	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:fa46:4bf7:11fd:dd50	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14cb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	52.59.145.139 52.59.145.139	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1 2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
12	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
3	64.233.167.156 64.233.167.156	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:c911:5d1a:a3d7:1490	16509 (AMAZON-02) (AMAZON-02)
3 3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:11::6	15169 (GOOGLE) (GOOGLE)
4 4	52.57.164.72 52.57.164.72	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:15::6	15169 (GOOGLE) (GOOGLE)
208	39

1 2606:4700:3036::ac43:d9b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

faebook.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3034::ac43:c0e9 (United States)

ASN13335 (CLOUDFLARENET, US)

facebook.lojaseofertas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 142.250.184.226 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.204.74.118 (Groningen, Netherlands) 5 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:fa46:4bf7:11fd:dd50 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.28 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.212 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14cb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.145.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-145-139.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.233.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:c911:5d1a:a3d7:1490 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:11::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lznez.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.164.72 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-164-72.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:15::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lzner.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	539 KB
53	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 bid.g.doubleclick.net — Cisco Umbrella Rank: 917	251 KB
21	gstatic.com fonts.gstatic.com csi.gstatic.com	148 KB
14	google.com cse.google.com — Cisco Umbrella Rank: 3031 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 469	173 KB
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485	409 KB
12	2mdn.net 3 redirects s0.2mdn.net — Cisco Umbrella Rank: 336 gcdn.2mdn.net — Cisco Umbrella Rank: 1402 r1---sn-4g5lznez.c.2mdn.net r1---sn-4g5lzner.c.2mdn.net — Cisco Umbrella Rank: 863252	2 MB
11	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386 csm.eu.criteo.net — Cisco Umbrella Rank: 8850	115 KB
7	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8778 dis.criteo.com — Cisco Umbrella Rank: 608 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15704 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462	44 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	4 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	6 KB
5	simpli.fi 5 redirects um.simpli.fi — Cisco Umbrella Rank: 856	3 KB
5	lojaseofertas.com facebook.lojaseofertas.com	386 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 875	3 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 583	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	195 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	49 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1376	452 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5298	652 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	291 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	673 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 716	845 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	1 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2226	297 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1872	174 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 707	389 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	104 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1669	63 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	715 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5893	556 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 53518	610 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	261 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	80 KB
1	faebook.com.br 1 redirects faebook.com.br	471 B
208	33

	Domain	Requested by
33	pagead2.googlesyndication.com	facebook.lojaseofertas.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
32	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
25	tpc.googlesyndication.com	facebook.lojaseofertas.com googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	csi.gstatic.com	imasdk.googleapis.com
11	www.google.com	cse.google.com facebook.lojaseofertas.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	imasdk.googleapis.com	googleads.g.doubleclick.net imasdk.googleapis.com
9	fonts.gstatic.com	fonts.googleapis.com
7	static.criteo.net	ads.eu.criteo.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	um.simpli.fi	5 redirects
5	facebook.lojaseofertas.com	facebook.lojaseofertas.com
4	pm.w55c.net	4 redirects
4	r1---sn-4g5lznez.c.2mdn.net
4	dis.criteo.com	googleads.g.doubleclick.net
4	ad.doubleclick.net	facebook.lojaseofertas.com
4	fonts.googleapis.com	facebook.lojaseofertas.com googleads.g.doubleclick.net
3	gcdn.2mdn.net	3 redirects
3	bid.g.doubleclick.net	imasdk.googleapis.com
3	c1.adform.net	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
3	s0.2mdn.net	facebook.lojaseofertas.com s0.2mdn.net googleads.g.doubleclick.net
3	cdn.jsdelivr.net	facebook.lojaseofertas.com
2	r1---sn-4g5lzner.c.2mdn.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	imageproxy.eu.criteo.net	ads.eu.criteo.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	d5p.de17a.com	2 redirects
2	x.bidswitch.net	googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	sync-tm.everesttech.net	2 redirects
2	cse.google.com	facebook.lojaseofertas.com www.google.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	code.createjs.com	s0.2mdn.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	clients1.google.com	facebook.lojaseofertas.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	facebook.lojaseofertas.com
1	faebook.com.br	1 redirects
208	50

This site contains links to these domains. Also see Links.

Domain
lojaseofertas.com

Subject Issuer	Validity	Valid
lojaseofertas.com E1	`2023-12-28` - `2024-03-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-03-03`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-02` - `2024-03-12`	2 months	crt.sh

This page contains 27 frames:

Primary Page: https://facebook.lojaseofertas.com/
Frame ID: 1D95D490B26E8630E8ECB0405564665C
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: EA79782F94FDE44A2CA649ED40F8D28D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&adk=1812271804&adf=3025194257&lmt=1705728690&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690353&bpp=3&bdt=158&idt=188&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4601774456062&frm=20&pv=2&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=200
Frame ID: E62F09B1ADBF8C123BBF3B8D8C4F61F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=948510642&adf=865389875&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728690&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=445&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=4
Frame ID: F426CA7795C36B124DB38AE9400A40A5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6
Frame ID: 80803EAACC6724DFF66CD9597B5782D7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_sSxDOkOwBGIm7iNQBMAE&v=APEucNWSTqvS2Mc4HnEBDRAgHER1QseG48OG-s3HL9R24NdFvmQK7tSJ_jnMhY2dWZY3KvyR_ocAD1l9VbBVkk3JCUoaaUNCZyVjelpDWt2eq_1nAYFgG3x0Se__1HJI4sjCP3Mk_Qr3Ev5AdYgZAY_MI1NkALa1qV1Z885b7B_dfV_UK_XEpn8
Frame ID: 3DDDBB58CAB3A87E49772E54BA3F5F97
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A273DD360EECA8C0BF945F6B7A69435B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C5D396156C1F742E75228E7438389BF6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4
Frame ID: 13E70290697C14362B6E3A71C1DEE9BD
Requests: 21 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6383460344232043442/300x250/300x250_DE_DP_DV360_RON_CB_WELCOME.html?ev=01_250
Frame ID: 7A0A77E9F9AE9A084255DB5457590C62
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZatasgANbYYEvwVqAAl50vxFOtKJIFPVt_OkGg&u=%7CJjQDA0CbIslmSeZatNIyAwdYUsh3ldtY6%2Fpysy0cZqQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86w322skEirNj1SCFPZuroNCGsamaBfrPDpvH-pcH878eaXmjDU1MNoYzGcLOeRiL7WDadkUMYeQecwwEk-g2GSbUSasdjarXNUY9OskZJhxg6T5SJnNxu7yAsWrPRpIjB2PGnhpjRQTMwHwsJ5xdLvoX0Rqxqkb7y-DBdR-vGk2C0h_fOilliyot54jLM-hOE5w0EYkOmW3cuTl2ZgDLbkqBy3ifBlwiB4tAuPf_iuu_hsTeMye0DLFfIyU9raufW1JTkBPtNDRBRpJ_9kvC8ImtvehhQISoaps1necvqWrDkzd2LEi7j7rn10yH9rSIoKFkD6uq-bY_vgrUWI-NcUz4YlkQzO8REFlRoEuRASGydgpWJthCxTHSEAq2d3yKWmMGmGJiImlmol2Cf_9KUOUK8ms-XkQpgj3IWe8XDxC2Ru79-fDBQr2z15Yz80s14MFbGcLd7vvMmFEG3nDTbtnZaZdALj4pW7iHEsyMr4G_h5gZvBrHIKEXgdNp3bCpsjoT9E64OUj1jcqPazRsCrUUHjg6d7hyLesZYlI766mLjrvKyBbz6N3KDYerQnwSnGzalSy_Ssaakd_bfkUqjf_rQaVjizHLmg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0CoZslqrZYbbNeqK_NUP0vOlmAzJntKxXI3w4taTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQKdimvoZUiyPqgDAcgDAqoE0QFP0HzsxbFdtqYPhsAfVpV_6t2L83pbQbmooqsGpIkV608kBKSOZRNxjQVUgvEJHqNLBFzkzpizCWSDR8TTgCUgu4-XW96i-C5lVy4kOXClY3xpC-ToTAlANcy6uk5gFcxXgiI1KOWgC-DGSxIf1l8sGW92xJ5e7DXTH8HvgpK6LNmWiaHrMcQfgcpt95p3WYnzci5XHRpQ5yDnIICGht25PE3HzA4XyjZzwWTy-3vDQQKHGtpM0ZojeFZU4oADzFTg_2ccJOL6NhHpCtFhrlV6yYAGw8XVm9bAl4_aAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlid4M_FnuuDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0C8IGcFDCKJcL5NYPDFn9wtYCdfg%26client%3Dca-pub-8847092362748368%26adurl%3D
Frame ID: ECBB2058AD7020624BCBC49ED763DF81
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 95A656B53DF49A9C0F1EC2DCA2955294
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BEE32F922AF50691E657C328781DD7C4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4
Frame ID: 56A2C00CBDBC8BE2E2C896D964FAF3E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7
Frame ID: 3782BDEB380808E472F7BEB0D3B6DAF5
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: B3B599C5408A0B676A43BDF27ED1AEEB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05243AC9BF02C7EF0463B4ECB351A760
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A168782AA866396CBF9FE845C0900F9A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGJ_HhoQCMAE&v=APEucNWsPlC6SMKSwKssws5K0xT8S-968ipFBQkrPxaEMjfxROl1h0Tgio_-zfZn8K3fJP4IhycwmjynymesTSSbL5nr2TezLWsCLpbOd9FVb4nQhdrdgxcb4J0MWTj9aiVKvJnZ_W_1o4mEo7CEWdUm6gk6oas9UK6zJw6lZMsLtiK0yj86EFM
Frame ID: EFB1467B698D282871357BC2D67DC69D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Frame ID: 0898B74794CD55A8B44141F5AE07B4F8
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 31AB834FC0FB034C7D1D42BC8A5020E2
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CE11F3EDDBC9EED7FAEA0B07E845CDF8
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2
Frame ID: BA3B78AE253CCC97E4FF36199BA1DD17
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8F79D5A7833240194578F83F7331CCC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 123075D68B259EC892A7ED203FFC6C7A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7038208E77681BB566FDC3561ED7CBB2
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: B7FD84B61E54D5DA4D954D9301EFDF63
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facebookpesquisar

Page URL History Show full URLs

https://faebook.com.br/ HTTP 302
https://facebook.lojaseofertas.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

208
Requests

86 %
HTTPS

63 %
IPv6

33
Domains

50
Subdomains

39
IPs

9
Countries

4222 kB
Transfer

9163 kB
Size

28
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://lojaseofertas.com/
Title: Início

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://faebook.com.br/ HTTP 302
https://facebook.lojaseofertas.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIapSAEm307q_Kt_kCx4RZQ&google_cver=1&google_push=AXcoOmRJyylmW_fWyBF-BS6ibbBpbvCvowD10D1-6K9ND3nln_gRbDMdnQNTjcqCBejHmyI-62I_xQfNHqqX8GGF03XFdjmhmtiu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJyylmW_fWyBF-BS6ibbBpbvCvowD10D1-6K9ND3nln_gRbDMdnQNTjcqCBejHmyI-62I_xQfNHqqX8GGF03XFdjmhmtiu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIapSAEm307q_Kt_kCx4RZQ&google_cver=1&google_push=AXcoOmRJyylmW_fWyBF-BS6ibbBpbvCvowD10D1-6K9ND3nln_gRbDMdnQNTjcqCBejHmyI-62I_xQfNHqqX8GGF03XFdjmhmtiu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJyylmW_fWyBF-BS6ibbBpbvCvowD10D1-6K9ND3nln_gRbDMdnQNTjcqCBejHmyI-62I_xQfNHqqX8GGF03XFdjmhmtiu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 38

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMSnMLtxQLs-_GimLCWEP_E&google_cver=1&google_push=AXcoOmTy4a1av-LBpBQILYN5r2HpqpExDoCzIgQ8qbscAPpKBnV-7LwRRpSlxGpMcQUVwxaFwpj9JLX8cQ5_zkCzLFIrcC1cXD0v HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMSnMLtxQLs-_GimLCWEP_E&google_push=AXcoOmTy4a1av-LBpBQILYN5r2HpqpExDoCzIgQ8qbscAPpKBnV-7LwRRpSlxGpMcQUVwxaFwpj9JLX8cQ5_zkCzLFIrcC1cXD0v

Request Chain 39

https://um.simpli.fi/gp_match?google_gid=CAESEC23-2zw8fYjGhtaFe7E76w&google_cver=1&google_push=AXcoOmRYANLCwH0zVZITumY4w9rMA0OUyC5Vw4AdMaUO7Q3iIErR6_P0dtdGye6fk-LyzuZ4g0bN0-yHFhLvjQp1PVXW3x6DLlJwUg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmRYANLCwH0zVZITumY4w9rMA0OUyC5Vw4AdMaUO7Q3iIErR6_P0dtdGye6fk-LyzuZ4g0bN0-yHFhLvjQp1PVXW3x6DLlJwUg

Request Chain 40

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEH4bAcT5BHaAFHZ1Y1A1_xU&google_cver=1&google_push=AXcoOmR99mpLyj3fmiUeBA2yuWuUgYW21jGG3W0-3hyDhPgMhMYXWoOlEvIz5QJQQevk0vVHZ7GvglK7PzXEV_1L3wDys_YoIcm2mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR99mpLyj3fmiUeBA2yuWuUgYW21jGG3W0-3hyDhPgMhMYXWoOlEvIz5QJQQevk0vVHZ7GvglK7PzXEV_1L3wDys_YoIcm2mQ&google_hm=GSiKVim2QAOmsiQTOVgB2hM

Request Chain 41

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDENwo3S9UgxSUnAuPmZegU&google_cver=1&google_push=AXcoOmQaJ8PLGtj88QEJQupuxnPevFG6GPlAejVYCyoDtVDPKNQHm-KPKzqbmbvwCcwZ-57Zwcly8GerVyBQMMrPuvju1197NKBjdg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Y0PhIQ0tRQ4T99d-EmvY0w&google_push=AXcoOmQaJ8PLGtj88QEJQupuxnPevFG6GPlAejVYCyoDtVDPKNQHm-KPKzqbmbvwCcwZ-57Zwcly8GerVyBQMMrPuvju1197NKBjdg

Request Chain 42

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE_cp75J_KD25Zdh_AIZ0UI&google_cver=1&google_push=AXcoOmRZ8X-kYPj2aDVuLYVvxfWbY-TVuWfZ6Y9vG9Vx-ywHiuytPfyWEoL5J652lfwRP3xShVq8Zi99Uj4djzh1TKiF_2ZYG-v-KA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRZ8X-kYPj2aDVuLYVvxfWbY-TVuWfZ6Y9vG9Vx-ywHiuytPfyWEoL5J652lfwRP3xShVq8Zi99Uj4djzh1TKiF_2ZYG-v-KA&google_hm=eS1XNUguX2t0RTJwRW10eUo4el9Nb3ZLWVNDQS5lYkZqV35B

Request Chain 43

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ7nRS4vqxKPRin4dujGMsE&google_cver=1&google_push=AXcoOmRqheISEpl8cr5aZnbw6MEZCOWMHXLIQwHYSljliGlqj0ATziZzLmrtGVtrGa1lbpwl9eNFGQMl3jpsP5tbTrrU6A1P5kzLNg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ7nRS4vqxKPRin4dujGMsE&google_cver=1&google_push=AXcoOmRqheISEpl8cr5aZnbw6MEZCOWMHXLIQwHYSljliGlqj0ATziZzLmrtGVtrGa1lbpwl9eNFGQMl3jpsP5tbTrrU6A1P5kzLNg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc4MDMwODYyNTczMTgyODAx&google_push=AXcoOmRqheISEpl8cr5aZnbw6MEZCOWMHXLIQwHYSljliGlqj0ATziZzLmrtGVtrGa1lbpwl9eNFGQMl3jpsP5tbTrrU6A1P5kzLNg

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFBs3fWsMtkwXCAm0n_l4XM&google_cver=1

Request Chain 46

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zatas7IV1h3d1mKpTOQsEAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFBs3fWsMtkwXCAm0n_l4XM&google_cver=1

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEABbxdGUOKQlLtg0xJzyiWQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEABbxdGUOKQlLtg0xJzyiWQ%26google_cver%3D1

Request Chain 48

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQyNzc2ODQ2NjQ0MTE2MzI4MA%3D%3D

Request Chain 67

https://d5p.de17a.com/cookies/google?google_gid=CAESELmcVzVr4yBJTOZAdNp8JJ0&google_cver=1&google_push=AXcoOmREzCWPUknMddhDKqiMRJxE_Y8i11tsCbW-98pkNg3mjMlgCC_j4yznaX8AZxtGBWpy-Q0jNN4Cht8b6nE1N7-9tkmXk5wskdM HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESELmcVzVr4yBJTOZAdNp8JJ0&google_cver=1&google_push=AXcoOmREzCWPUknMddhDKqiMRJxE_Y8i11tsCbW-98pkNg3mjMlgCC_j4yznaX8AZxtGBWpy-Q0jNN4Cht8b6nE1N7-9tkmXk5wskdM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmREzCWPUknMddhDKqiMRJxE_Y8i11tsCbW-98pkNg3mjMlgCC_j4yznaX8AZxtGBWpy-Q0jNN4Cht8b6nE1N7-9tkmXk5wskdM

Request Chain 69

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEG_hLK4Sc5GPINM8Cc0FRS4&google_cver=1&google_push=AXcoOmS6r0ClPiSd9oVDK7-C6wAxAsgaPesWIwg-Nk0DVjgvjDo9Qj5i_m6mY18Y8qzHZfetdMcMXS3BZ3qdtdRa5l-qG8WYqwtwC9S2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS6r0ClPiSd9oVDK7-C6wAxAsgaPesWIwg-Nk0DVjgvjDo9Qj5i_m6mY18Y8qzHZfetdMcMXS3BZ3qdtdRa5l-qG8WYqwtwC9S2

Request Chain 70

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHJQdOLuXHlrK8VKBWNOjiU&google_cver=1&google_push=AXcoOmQhuiOs2AJaDbUyKbAoHJVQQuGrYxjb_TEHC9dZwfFjdz5qpBPxlJH65EqI3h7htKY1v_txZqytXzT2rhUYSPOtfzorbCqguuKp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQhuiOs2AJaDbUyKbAoHJVQQuGrYxjb_TEHC9dZwfFjdz5qpBPxlJH65EqI3h7htKY1v_txZqytXzT2rhUYSPOtfzorbCqguuKp HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 101

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMSnMLtxQLs-_GimLCWEP_E&google_cver=1&google_push=AXcoOmTcMEKVLKHqeP1m_BYI6hBrSDwsAmueQ9qY4T958weBqTx__6nAA2GQ3zf8Wdi3hGcQhlyRjiRXqI7vBPnLj6JnX_M-4r8P4UU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmF0YXN3QVByRXVtZVFBTQ==&google_gid=CAESEMSnMLtxQLs-_GimLCWEP_E&google_cver=1&google_push=AXcoOmTcMEKVLKHqeP1m_BYI6hBrSDwsAmueQ9qY4T958weBqTx__6nAA2GQ3zf8Wdi3hGcQhlyRjiRXqI7vBPnLj6JnX_M-4r8P4UU

Request Chain 102

https://um.simpli.fi/gp_match?google_gid=CAESEC23-2zw8fYjGhtaFe7E76w&google_cver=1&google_push=AXcoOmSYQ82OPpitpWBh2nMPRh-zZTm661z88o7zpc2AHhkaee0OfiEGcbXm5q8zOv-gEgpxLzGoY0PUKgQ56RFf13a_Wucr2Z4sLYw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmSYQ82OPpitpWBh2nMPRh-zZTm661z88o7zpc2AHhkaee0OfiEGcbXm5q8zOv-gEgpxLzGoY0PUKgQ56RFf13a_Wucr2Z4sLYw

Request Chain 105

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ7nRS4vqxKPRin4dujGMsE&google_cver=1&google_push=AXcoOmRQMrH1BcxXOuCk8j69YnAVQsJF6yStCuNZ5cGAH-ag15yDiODqyHdx0vURyJS_Suo0EDav2t6UjDuwk2Zr6tgQXh6clpJ2ELE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc4MDMwODYyNTczMTgyODAx&google_push=AXcoOmRQMrH1BcxXOuCk8j69YnAVQsJF6yStCuNZ5cGAH-ag15yDiODqyHdx0vURyJS_Suo0EDav2t6UjDuwk2Zr6tgQXh6clpJ2ELE

Request Chain 114

https://gcdn.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/6D9E7A3CA963B54516CEAAE3E186BBBDB016DBA1.43B427BFA2F7029ECDFC938E06D773F9C25A2195/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/076A2A0730454681CCC5A45D311E3E5D6E4841E7.73380DE84035D58BDE32EDF0D6534B7C1D3BEE17/key/cms1/cms_redirect/yes/mh/SX/mip/2001:1b60:2:240:3247::9/mm/42/mn/sn-4g5lznez/ms/onc/mt/1705727890/mv/u/mvi/1/pl/29/file/file.mp4

Request Chain 139

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmTsDV8Xjx4VIOeKmjvdgLAzrbAFIwAiMLgXEx5fnBtpHEZjo-I-v4eHoDuIf3EBykzYAMr0ZAftwCFCv8YDkg6607I9qiiTHBg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmTsDV8Xjx4VIOeKmjvdgLAzrbAFIwAiMLgXEx5fnBtpHEZjo-I-v4eHoDuIf3EBykzYAMr0ZAftwCFCv8YDkg6607I9qiiTHBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTh4UEhQa1UxUnIzWDY1&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmTsDV8Xjx4VIOeKmjvdgLAzrbAFIwAiMLgXEx5fnBtpHEZjo-I-v4eHoDuIf3EBykzYAMr0ZAftwCFCv8YDkg6607I9qiiTHBg

Request Chain 140

https://um.simpli.fi/gp_match?google_gid=CAESEGiGCRqVDQQp41nJJowwV1M&google_cver=1&google_push=AXcoOmR4-z3E6Pcx3EWPVD3PR6qIHqsQbwh6iU6SVX1tv_onM7xza8QFinUDbZ0INkclk20Ly-QMgRwijXFQHZ5oeNcW5PYQdzOjDmrC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmR4-z3E6Pcx3EWPVD3PR6qIHqsQbwh6iU6SVX1tv_onM7xza8QFinUDbZ0INkclk20Ly-QMgRwijXFQHZ5oeNcW5PYQdzOjDmrC

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI33n4lUvhtShk5AfK4HXBA&google_cver=1

Request Chain 152

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zatas7IV1h3d1mKpTOQsEAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI33n4lUvhtShk5AfK4HXBA&google_cver=1

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAIdjnaH9TLvUlF1VqDneds&google_cver=1

Request Chain 154

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMzNTk2NTMwMTI1MTQwMDA0NQ%3D%3D

Request Chain 166

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmSia2v8lxVunj2ajN8f1oWlj2G6ap9kcHJHUxmZa0tKmJLlYcNePAIPRqXfTszxzu61g96uNUNybL1B39IhuVh859fMtmMZxXXS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTh4UEhQa1UxUnIzWDY1&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmSia2v8lxVunj2ajN8f1oWlj2G6ap9kcHJHUxmZa0tKmJLlYcNePAIPRqXfTszxzu61g96uNUNybL1B39IhuVh859fMtmMZxXXS

Request Chain 167

https://um.simpli.fi/gp_match?google_gid=CAESEGiGCRqVDQQp41nJJowwV1M&google_cver=1&google_push=AXcoOmQYytTdgrhc30oaep2VjdMMIxoEIhbfvEFsJepd4Ash3NeYVlf7BbluAP58sptnoqwmiMWHqfGDBd4P2D_ReMoRHpNe-38rrZwR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmQYytTdgrhc30oaep2VjdMMIxoEIhbfvEFsJepd4Ash3NeYVlf7BbluAP58sptnoqwmiMWHqfGDBd4P2D_ReMoRHpNe-38rrZwR

Request Chain 175

https://gcdn.2mdn.net/videoplayback/id/bd2dd5cf8d0ee1ff/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/0CE165B712A70E834F0C96C6F130C24F472E3745.B2CAAB16300438469C3C76C0EF46C46B1544968A/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lzner.c.2mdn.net/videoplayback/id/bd2dd5cf8d0ee1ff/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/61B8050973D201ACF999C55F75F445BD1020CE71.36101DFB71E70B6CAC2F01741A7B180896D71D32/key/cms1/cms_redirect/yes/mh/NP/mip/2001:1b60:2:240:3247::9/mm/42/mn/sn-4g5lzner/ms/onc/mt/1705727890/mv/u/mvi/1/pl/29/file/file.mp4

Request Chain 197

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmRDNBSiLfheekllLy6Ssw692IoiYux_tw2jioaHss-B5VRD25t2ip2F0lSBYjJirbMXUlz-LPH202EAsWawufqbPmUHPTgXHg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTh4UEhQa1UxUnIzWDY1&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmRDNBSiLfheekllLy6Ssw692IoiYux_tw2jioaHss-B5VRD25t2ip2F0lSBYjJirbMXUlz-LPH202EAsWawufqbPmUHPTgXHg

Request Chain 198

https://um.simpli.fi/gp_match?google_gid=CAESEGiGCRqVDQQp41nJJowwV1M&google_cver=1&google_push=AXcoOmRxp903_VxJkcYeWumNDG24BLklucoCfTrnRGjwyfuv3Agc6IbtsBHooNxa-EtKk-UJsdgGE3mEgftLFjLL-cwAR72xiUwJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmRxp903_VxJkcYeWumNDG24BLklucoCfTrnRGjwyfuv3Agc6IbtsBHooNxa-EtKk-UJsdgGE3mEgftLFjLL-cwAR72xiUwJ

Request Chain 204

https://gcdn.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264693/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/0549694E306EB52FE87B037CD524EA466032EE37.4E8C516D41736FE7508E447118B23CC5FE0ACF30/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/50D4FA9761534398F9799DCA7D4BAB3C9E30689F.79697CE948A2924C3F047DCA268CAAE925FB0359/key/cms1/cms_redirect/yes/mh/SX/mip/2001:1b60:2:240:3247::9/mm/42/mn/sn-4g5lznez/ms/onc/mt/1705727890/mv/u/mvi/1/pl/29/file/file.mp4

208 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
facebook.lojaseofertas.com/
Redirect Chain

https://faebook.com.br/
https://facebook.lojaseofertas.com/

21 KB
7 KB

256ms
200ms

Document
text/html

2606:4700:3034::ac43:c0e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook.lojaseofertas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c0e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: e324770eeeaa4c13e34d76ab58ffea71dfe7e6c47bb763025a23c95b1f60a454

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8484ee7888e11e5e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 05:31:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDEgAGZ4%2FHh%2BpqQfQrHM5jBArnoFNSBzrK5grjiZdRDbMrPgBV71sw1PHKe%2FKD0RI2YmLTmkwIYFzLNJ3gjJX8EsD8C6OnzvYQUYkdcQezFvNe5pypAP0SLPVqZWLG%2F3fC0vyyYptsgrvTIcjrHitQI%2BpSg8g9sYBw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.29

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8484ee76e9aab8f4-AMS
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 05:31:29 GMT
location: https://facebook.lojaseofertas.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eckCcux1Nv%2BQelzZAUfHD%2F4sFdDOlz9656JKDaWDg%2BuE2m97%2FM0%2F5fIZPkqz9PN2ctxke3Dq6feXKtBXdJxs0LPKXBb6KzeNF7BEZ2F8Hzl2wtNYcacczz4FQ84Aiu2JB8FYNU087FOzo9mfOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.29

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 118ms
71ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d74eb509db76ca0a03c05eeba326e08794176d2776fcf2fe93415c5e9f39e279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51125
x-xss-protection: 0
server: cafe
etag: 2658667002591129702
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 20 Jan 2024 05:31:30 GMT

GET
H2 200 estilo-azul.css
facebook.lojaseofertas.com/css/ 202 KB
27 KB 291ms
290ms Stylesheet
text/css 2606:4700:3034::ac43:c0e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook.lojaseofertas.com/css/estilo-azul.css
Requested by: Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c0e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c4f62b8b68eb642cfd17c23cca8f64c72c3a22e21f670a8e31a3ea474f59b95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 Jan 2024 03:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"659cbde8-327d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmCdZi%2FEzd2r3406iA94%2Fo8lM8ZuU2ye0G6khm6TS34MSjDJddf29I4%2F5kzuxarlkqJI0Er0C6Q%2Bqf9qbZhdy4mty%2BkI2R%2Fyb7OjwYGCU%2BmCQ1x4OyoukS3PZ9EAyydpL1lrp0Eh5UA6ind%2FmmSZc01TFw8wpUoWTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 8484ee79c9c31e5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 75ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2221accb209973d909ca64dd061021a44c94e8d3cfcd5e9f1237ab96a677d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 05:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 05:31:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 05:31:30 GMT

GET
H2 200 topo.png
facebook.lojaseofertas.com/images/ 348 KB
349 KB 388ms
387ms Image
image/png 2606:4700:3034::ac43:c0e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facebook.lojaseofertas.com/images/topo.png
Requested by: Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c0e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e9885e861cf51a45c9fd90bfe03ba077a9e9c7c400b8a7ec14de046f35a296d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
cf-cache-status: MISS
last-modified: Tue, 09 Jan 2024 03:30:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "659cbde9-5702c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NM1fEKKazGo6x%2Fo%2FfB90kRboYktnA9CXLlG2JjJTomlVva7qw7e%2Fe3Ki2PTTM5qVNGp1BWhLWGTRvUtW%2BtfyIeX%2FBPFuJn0AjOdYcb7j12zjOHtV0Wb1AqxANPrvLvOO29MxMz78IKAjsj9CyMHGVIW8tuwKxvIpfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8484ee79c9c51e5e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 356396
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.3.1/dist/ 85 KB
31 KB 73ms
33ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4507034
x-jsd-version: 3.3.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230099-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1538f-DcMttKqcXwPzs4xH2IPb1P7ROq4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eokn4jGnUfMT3ibHzPjsNY%2FWZfAj2sLyscxEzcM38VWxRCKzdXg00m0%2BAcTNqTeWsoJ8h6e59tmKbuIgCA40aKCbt58VjyCMFKDn%2Bod0ShDMCH5JEcwEjVpAAmPpnCL76ZJEcM0CYJl9fnb1Q84%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8484ee7a0ebe9b7c-FRA

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 62ms
31ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6324260
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230126-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KutI5MobsRrGlU9xIf6HfYaqx3Mpb%2FLtxeKnnhMoXVTLR2snGPetKyXuooixfBHQo%2F4TJRSbt4Tx0h%2ByDfcEVV6KiIh%2FQwF6pkbFKKAtc2Epf1yKwGJIvlylPTAfGs7M3gckBJNYw5Tcbq8xT7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8484ee7a0ec09b7c-FRA

GET
H2 200 jquery.flexslider.min.js Show response
cdn.jsdelivr.net/npm/flexslider@2.7.1/ 23 KB
8 KB 60ms
30ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flexslider@2.7.1/jquery.flexslider.min.js

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4364963
x-jsd-version: 2.7.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220114-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"5a97-CZSrA1me8DvhFo11qWL07JtctNM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcc4GsapP%2BITyhp38TIrJi76OQU%2FBBBFtKaC3%2B28ytOMZ72O08PI9wwX9n%2F5iSToHYnmoaoTh3%2BDnnN7sV3vc4eIittLLbNKJd4a5jdzzpf5b4oWiw63htgC3XthnmvYJ%2F1WeOSoU%2F7xWojJAoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8484ee7a0ebf9b7c-FRA

GET
H2 200 scripts.min.js Show response
facebook.lojaseofertas.com/js/ 2 KB
1 KB 200ms
199ms Script
application/javascript 2606:4700:3034::ac43:c0e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook.lojaseofertas.com/js/scripts.min.js
Requested by: Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c0e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9737e1f2d8e8394823b95d1c2ed3db1a65efabeb4eaf36b3d35ed053dff921b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 Jan 2024 03:30:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"659cbde9-919"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkLalU2AiJ9x5fqJ37Wi8Usyek8en5fSsEo3qkvMG6YAYrfjllsNon1NlZneHBsANUG8lUvU1kC9Pyu72rLaW5BiSpbPSYy1xvFb6%2BqnHyWZOqg91NARfGh7i8F%2Ff0bHqDkmbCxbMMwf0XSDPXduON%2BunkKB84eJVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 8484ee79d9cf1e5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ads.js Show response
facebook.lojaseofertas.com/js/ 10 KB
2 KB 207ms
207ms Script
application/javascript 2606:4700:3034::ac43:c0e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook.lojaseofertas.com/js/ads.js
Requested by: Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c0e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fd3ec1c9bbd8649a7df803f56aee470fa259abb0a9b70485cd51c9d1bf77a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 Jan 2024 03:30:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"659cbde9-27a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FY2IpVZAJfjsVdQMQcu6UYivnm2vYwecBDczyDeiS0wzJ0PDf%2BophL2cycjSQymte8%2BsoE10sLIbaeE3H5pkiiGFuOK56M7yoPYZt3qKpH1C6Y2b9fWcLAa4hDqzNlTJ5DOTO9voiNTOeOQ7fouLQBSur7HzvD%2FOIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 8484ee79d9d01e5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 75ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NVYCR0PXBD

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88400116c7d366ff7d2e826d4e33d4ce56ceb60efe3e925bbe82b31081a3868b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81425
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 20 Jan 2024 05:31:30 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ 402 KB
137 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8847092362748368&plah=facebook.lojaseofertas.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3c2d0a80f66894b792782edb19f37cafabd4c7c31eabd4dca28200e44e24930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139627
x-xss-protection: 0
server: cafe
etag: 9841616991722507618
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 05:31:30 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame EA79 9 KB
4 KB 66ms
20ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook.lojaseofertas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 00:24:58 GMT
etag: 9219409622527106327
expires: Sat, 03 Feb 2024 00:24:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
4 KB 98ms
50ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

8b87f4587ecce0b96793a2819d2f6dc307a6ec9f389d7ab449abaa746a9c0638

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-6femJa98joEW9Wg6cRmNHQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-6femJa98joEW9Wg6cRmNHQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Sat, 20 Jan 2024 05:31:30 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2420
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Sat, 20 Jan 2024 05:31:30 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 67ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://facebook.lojaseofertas.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:53:12 GMT
x-content-type-options: nosniff
age: 286698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 21:53:12 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 88ms
43ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://facebook.lojaseofertas.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:16:52 GMT
x-content-type-options: nosniff
age: 270878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:16:52 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
13 KB 63ms
19ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,700|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ecd2a103a7260474c3239da5f32a2f7cb999765d9ab12161f3e4abe3906316f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://facebook.lojaseofertas.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:57:30 GMT
x-content-type-options: nosniff
age: 380040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12648
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 19:57:30 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 71ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NVYCR0PXBD&gtm=45je41h0v9123074249&_p=1705728690517&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1631870637.1705728691&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705728690&sct=1&seg=0&dl=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&dt=Facebook&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=881
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NVYCR0PXBD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://facebook.lojaseofertas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E62F 0
188 B 123ms
122ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&adk=1812271804&adf=3025194257&lmt=1705728690&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690353&bpp=3&bdt=158&idt=188&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4601774456062&frm=20&pv=2&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8847092362748368&plah=facebook.lojaseofertas.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook.lojaseofertas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:31:30 GMT
expires: Sat, 20 Jan 2024 05:31:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse_element__pt_pt.js Show response
www.google.com/cse/static/element/8435450f13508ca1/ 318 KB
106 KB 76ms
31ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__pt_pt.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067af948a37ab1a2518f29dcc20b3abb85d8079a601c10636a4be67955bad6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108352
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 20 Jan 2024 05:31:30 GMT

GET
H2 200 default+pt_PT.css
www.google.com/cse/static/element/8435450f13508ca1/ 41 KB
9 KB 72ms
27ms Stylesheet
text/css 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8435450f13508ca1/default+pt_PT.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9068
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 20 Jan 2024 05:31:30 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 64ms
19ms Stylesheet
text/css 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8847092362748368:3178482244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 20 Jan 2024 05:35:48 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F426 39 KB
16 KB 716ms
715ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=948510642&adf=865389875&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728690&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=445&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

788098b04b7a83adb2e403f22a56a43ec808448f01a6908d7929d8fbc0a30a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook.lojaseofertas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16688
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:31:31 GMT
expires: Sat, 20 Jan 2024 05:31:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8080 107 KB
46 KB 364ms
364ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0f317e75572a36f8047ae245ac9fe5521da3ca1fa402e9231375f46544f1ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook.lojaseofertas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46633
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:31:31 GMT
expires: Sat, 20 Jan 2024 05:31:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 137 KB
50 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__pt_pt.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2554b2d61f5b87f9c3b5bcada2a3b571e2e86f1d5c6c6a7238a2ec1e226909e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "13968957066627840670"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Sat, 20 Jan 2024 05:31:30 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/pt_PT/ 2 KB
2 KB 19ms
19ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/pt_PT/branding.png

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dc4ea2cba6b644d985fc8fd84682f65bad3df0768d17566907f0b7775b0ac08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 05:50:42 GMT
x-content-type-options: nosniff
age: 344448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1762
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 21:00:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 15 Jan 2025 05:50:42 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 156ms
18ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8080 42 B
63 B 50ms
50ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1zJXXVFTnVEH11nMxM7NuKpz0BVEReESBS8KPeMID-6GSqyaTEMpdftnvYbjy9lj7gkM-_ox4Nlg1L3qOhg5Gddph-UvGMf0BQpiUnzhgJ1Q2yN4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3DDD 624 B
242 B 56ms
55ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_sSxDOkOwBGIm7iNQBMAE&v=APEucNWSTqvS2Mc4HnEBDRAgHER1QseG48OG-s3HL9R24NdFvmQK7tSJ_jnMhY2dWZY3KvyR_ocAD1l9VbBVkk3JCUoaaUNCZyVjelpDWt2eq_1nAYFgG3x0Se__1HJI4sjCP3Mk_Qr3Ev5AdYgZAY_MI1NkALa1qV1Z885b7B_dfV_UK_XEpn8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:31:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8080 111 KB
39 KB 76ms
18ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Jan 2024 21:44:19 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 8080 8 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:37:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:37:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 8080 23 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:32:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:32:08 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8080 41 KB
14 KB 79ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 8080 3 KB
1 KB 78ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 14:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 14:00:03 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A273 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sat, 20 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 8080 20 KB
9 KB 75ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8080 0
0 28ms
27ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTY5CTM2-XLZGQlhkd-KK_8-CA6inz5zQAQb_9lD3gJtiduHTBIXpd1-jC4RiT7SXRLd2db4dBHsFB1CfmY5RCRDzD4DA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8080 206 KB
66 KB 84ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 05:31:31 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A273
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIapSAEm307q_Kt_kCx4RZQ&google_cver=1&google_push=AXcoOmRJyylmW_fWyBF-BS6ibbBpbvCvowD10D1-6K9ND3nln_gRbDMdnQNTjcqCBejHmyI-62I_xQfNHqqX8GGF03XFdjmhmtiu&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIapSAEm307q_Kt_kCx4RZQ&google_cver=1&google_push=AXcoOmRJyylmW_fWyBF-BS6ibbBpbvCvowD10D1-6K9ND3nln_gRbDMdnQNTjcqCBejHmyI-62I_xQfNHqqX8GGF03XFdjmhmti...

43 B
424 B

181ms
175ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIapSAEm307q_Kt_kCx4RZQ&google_cver=1&google_push=AXcoOmRJyylmW_fWyBF-BS6ibbBpbvCvowD10D1-6K9ND3nln_gRbDMdnQNTjcqCBejHmyI-62I_xQfNHqqX8GGF03XFdjmhmtiu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJyylmW_fWyBF-BS6ibbBpbvCvowD10D1-6K9ND3nln_gRbDMdnQNTjcqCBejHmyI-62I_xQfNHqqX8GGF03XFdjmhmtiu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8484ee81fd0b9b52-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 21
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIapSAEm307q_Kt_kCx4RZQ&google_cver=1&google_push=AXcoOmRJyylmW_fWyBF-BS6ibbBpbvCvowD10D1-6K9ND3nln_gRbDMdnQNTjcqCBejHmyI-62I_xQfNHqqX8GGF03XFdjmhmtiu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJyylmW_fWyBF-BS6ibbBpbvCvowD10D1-6K9ND3nln_gRbDMdnQNTjcqCBejHmyI-62I_xQfNHqqX8GGF03XFdjmhmtiu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8484ee80cc859b52-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A273
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMSnMLtxQLs-_GimLCWEP_E&google_push=AXcoOmTy4a1av-LBpBQILYN5r2HpqpExDoCzIgQ8qbscAPpKBnV-7LwRRp...

170 B
232 B

30ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMSnMLtxQLs-_GimLCWEP_E&google_push=AXcoOmTy4a1av-LBpBQILYN5r2HpqpExDoCzIgQ8qbscAPpKBnV-7LwRRpSlxGpMcQUVwxaFwpj9JLX8cQ5_zkCzLFIrcC1cXD0v

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230036-FRA
pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1705728691.333896,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMSnMLtxQLs-_GimLCWEP_E&google_push=AXcoOmTy4a1av-LBpBQILYN5r2HpqpExDoCzIgQ8qbscAPpKBnV-7LwRRpSlxGpMcQUVwxaFwpj9JLX8cQ5_zkCzLFIrcC1cXD0v
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A273
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEC23-2zw8fYjGhtaFe7E76w&google_cver=1&google_push=AXcoOmRYANLCwH0zVZITumY4w9rMA0OUyC5Vw4AdMaUO7Q3iIErR6_P0dtdGye6fk-LyzuZ4g0bN0-yHFhLvjQp1PVXW3x6DLlJwUg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmRYANLCwH0zVZITumY4w9rMA0OUyC5Vw4AdMaUO7Q3iIErR6_P0dtdGye6fk-LyzuZ4g0bN0-yHFhLvjQp...

170 B
232 B

29ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmRYANLCwH0zVZITumY4w9rMA0OUyC5Vw4AdMaUO7Q3iIErR6_P0dtdGye6fk-LyzuZ4g0bN0-yHFhLvjQp1PVXW3x6DLlJwUg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 20 Jan 2024 05:31:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmRYANLCwH0zVZITumY4w9rMA0OUyC5Vw4AdMaUO7Q3iIErR6_P0dtdGye6fk-LyzuZ4g0bN0-yHFhLvjQp1PVXW3x6DLlJwUg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 19 Jan 2024 05:31:31 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A273
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEH4bAcT5BHaAFHZ1Y1A1_xU&google_cver=1&google_push=AXcoOmR99mpLyj3fmiUeBA2yuWuUgYW21jGG3W0-3hyDhPgMhMYXWoOlEvIz5QJQQevk0vVHZ7GvglK7PzX...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR99mpLyj3fmiUeBA2yuWuUgYW21jGG3W0-3hyDhPgMhMYXWoOlEvIz5QJQQevk0vVHZ7GvglK7PzXEV_1L3wDys_YoIcm2mQ&google_hm=GSiKVim2QAOmsiQTOV...

170 B
232 B

31ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR99mpLyj3fmiUeBA2yuWuUgYW21jGG3W0-3hyDhPgMhMYXWoOlEvIz5QJQQevk0vVHZ7GvglK7PzXEV_1L3wDys_YoIcm2mQ&google_hm=GSiKVim2QAOmsiQTOVgB2hM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR99mpLyj3fmiUeBA2yuWuUgYW21jGG3W0-3hyDhPgMhMYXWoOlEvIz5QJQQevk0vVHZ7GvglK7PzXEV_1L3wDys_YoIcm2mQ&google_hm=GSiKVim2QAOmsiQTOVgB2hM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A273
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDENwo3S9UgxSUnAuPmZegU&google_cver=1&google_push=AXcoOmQaJ8PLGtj88QEJQupuxnPevFG6GPlAejVYCyoDtVDPKNQHm-KPKzqbmbvwCcwZ-57Zwcly8GerVyBQMMrP...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Y0PhIQ0tRQ4T99d-EmvY0w&google_push=AXcoOmQaJ8PLGtj88QEJQupuxnPevFG6GPlAejVYCyoDtVDPKNQHm-KPKzqbmbvwCcwZ-57Zwcly8GerVyBQMMrPuvju1197NKBjdg

170 B
243 B

29ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Y0PhIQ0tRQ4T99d-EmvY0w&google_push=AXcoOmQaJ8PLGtj88QEJQupuxnPevFG6GPlAejVYCyoDtVDPKNQHm-KPKzqbmbvwCcwZ-57Zwcly8GerVyBQMMrPuvju1197NKBjdg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 20 Jan 2024 05:31:31 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Y0PhIQ0tRQ4T99d-EmvY0w&google_push=AXcoOmQaJ8PLGtj88QEJQupuxnPevFG6GPlAejVYCyoDtVDPKNQHm-KPKzqbmbvwCcwZ-57Zwcly8GerVyBQMMrPuvju1197NKBjdg
x-host: tde-deliveryengine-production-5db7bf8975-9xdt4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A273
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE_cp75J_KD25Zdh_AIZ0UI&google_cver=1&google_push=AXcoOmRZ8X-kYPj2aDVuLYVvxfWbY-TVuWfZ6Y9vG9Vx-ywHiuytPfyWEoL5J652lfwRP3xShVq8Zi99Uj4djzh1TKiF_2Z...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRZ8X-kYPj2aDVuLYVvxfWbY-TVuWfZ6Y9vG9Vx-ywHiuytPfyWEoL5J652lfwRP3xShVq8Zi99Uj4djzh1TKiF_2ZYG-v-KA&google_hm=eS1XNUguX2t0RTJwRW10...

170 B
232 B

29ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRZ8X-kYPj2aDVuLYVvxfWbY-TVuWfZ6Y9vG9Vx-ywHiuytPfyWEoL5J652lfwRP3xShVq8Zi99Uj4djzh1TKiF_2ZYG-v-KA&google_hm=eS1XNUguX2t0RTJwRW10eUo4el9Nb3ZLWVNDQS5lYkZqV35B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 20 Jan 2024 05:31:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRZ8X-kYPj2aDVuLYVvxfWbY-TVuWfZ6Y9vG9Vx-ywHiuytPfyWEoL5J652lfwRP3xShVq8Zi99Uj4djzh1TKiF_2ZYG-v-KA&google_hm=eS1XNUguX2t0RTJwRW10eUo4el9Nb3ZLWVNDQS5lYkZqV35B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A273
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ7nRS4vqxKPRin4dujGMsE&google_cver=1&google_push=AXcoOmRqheISEpl8cr5aZnbw6MEZCOWMHXLIQwHYSljliGlqj0ATziZzLmrtGVtrGa1lbpwl9eNFGQMl...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ7nRS4vqxKPRin4dujGMsE&google_cver=1&google_push=AXcoOmRqheISEpl8cr5aZnbw6MEZCOWMHXLIQwHYSljliGlqj0ATziZzLmrtGVtrGa1lbpwl9eN...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc4MDMwODYyNTczMTgyODAx&google_push=AXcoOmRqheISEpl8cr5aZnbw6MEZCOWMHXLIQwHYSljliGlqj0ATziZzLmrtGVtrGa1lbpwl9eNFGQMl...

170 B
232 B

29ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc4MDMwODYyNTczMTgyODAx&google_push=AXcoOmRqheISEpl8cr5aZnbw6MEZCOWMHXLIQwHYSljliGlqj0ATziZzLmrtGVtrGa1lbpwl9eNFGQMl3jpsP5tbTrrU6A1P5kzLNg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc4MDMwODYyNTczMTgyODAx&google_push=AXcoOmRqheISEpl8cr5aZnbw6MEZCOWMHXLIQwHYSljliGlqj0ATziZzLmrtGVtrGa1lbpwl9eNFGQMl3jpsP5tbTrrU6A1P5kzLNg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A273 0
139 B 101ms
28ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IMKDw1MfR4TLgGuUJRT_jI6ddBgElC7ooEjHSj1Qcvr6bGOZfrrk51QXhoOy7Tlk2bdx6w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 3DDD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFBs3fWsMtkwXCAm0n_l4XM&google_cver=1

43 B
338 B

46ms
45ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFBs3fWsMtkwXCAm0n_l4XM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_sSxDOkOwBGIm7iNQBMAE&v=APEucNWSTqvS2Mc4HnEBDRAgHER1QseG48OG-s3HL9R24NdFvmQK7tSJ_jnMhY2dWZY3KvyR_ocAD1l9VbBVkk3JCUoaaUNCZyVjelpDWt2eq_1nAYFgG3x0Se__1HJI4sjCP3Mk_Qr3Ev5AdYgZAY_MI1NkALa1qV1Z885b7B_dfV_UK_XEpn8
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUjNWM3mMoPJhOv7MbqzBZPf4ARm1bbhz1n7ECGnll9ixg6aNPoZ4wWbo0%2F%2BJvt8hWN8WgHWV4gTnds8fTHDDCDBPnfsVrbD5Xz%2BFX84EDyurvZYJgcJDWExJN0IuEiZnWTYgln3FJVvVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8484ee814f5b58f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFBs3fWsMtkwXCAm0n_l4XM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3DDD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zatas7IV1h3d1mKpTOQsEAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFBs3fWsMtkwXCAm0n_l4XM&google_cver=1

43 B
769 B

54ms
54ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFBs3fWsMtkwXCAm0n_l4XM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_sSxDOkOwBGIm7iNQBMAE&v=APEucNWSTqvS2Mc4HnEBDRAgHER1QseG48OG-s3HL9R24NdFvmQK7tSJ_jnMhY2dWZY3KvyR_ocAD1l9VbBVkk3JCUoaaUNCZyVjelpDWt2eq_1nAYFgG3x0Se__1HJI4sjCP3Mk_Qr3Ev5AdYgZAY_MI1NkALa1qV1Z885b7B_dfV_UK_XEpn8
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mg67qF3qNPHmQL648xS93hptkY7PmWEnNFgZfJ7ISTQ3e9yzU8z0VHXaTK6ORDfyUZToTvOar1N%2FV1V0gxonl74NhLa2VGQJSyyyymAW60YtLKGxvtOQSlRkLhDOipP%2F%2FTivMzKOaVBeGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8484ee81db74451c-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFBs3fWsMtkwXCAm0n_l4XM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 3DDD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEABbxdGUOKQlLtg0xJzyiWQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEABbxdGUOKQlLtg0xJzyiWQ%26google_cver%3D1

43 B
1 KB

34ms
34ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEABbxdGUOKQlLtg0xJzyiWQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_sSxDOkOwBGIm7iNQBMAE&v=APEucNWSTqvS2Mc4HnEBDRAgHER1QseG48OG-s3HL9R24NdFvmQK7tSJ_jnMhY2dWZY3KvyR_ocAD1l9VbBVkk3JCUoaaUNCZyVjelpDWt2eq_1nAYFgG3x0Se__1HJI4sjCP3Mk_Qr3Ev5AdYgZAY_MI1NkALa1qV1Z885b7B_dfV_UK_XEpn8

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
an-x-request-uuid: 42b65a79-3537-4134-8bca-44ad5a28214a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.19; 217.114.218.19; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
an-x-request-uuid: 9ca1c21d-7e0c-47d8-ad17-9beed6f8cdd0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEABbxdGUOKQlLtg0xJzyiWQ%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.19; 217.114.218.19; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3DDD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQyNzc2ODQ2NjQ0MTE2MzI4MA%3D%3D

170 B
232 B

30ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQyNzc2ODQ2NjQ0MTE2MzI4MA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
an-x-request-uuid: e23b1802-ee8d-4ddc-818f-4bf6d256cab3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQyNzc2ODQ2NjQ0MTE2MzI4MA%3D%3D
x-proxy-origin: 217.114.218.19; 217.114.218.19; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8080 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb0cecbef61077520cca7d1a605276c1320ffe8ae314b5eaed5d339cb3cab88b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C5D3 38 KB
13 KB 19ms
18ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 290243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 13E7 91 KB
29 KB 469ms
468ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb445d5cbf02293de2a77a556c11d3a99df7ee1d54f4564addbbad74af6c9a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook.lojaseofertas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 29468
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:31:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 300x250_DE_DP_DV360_RON_CB_WELCOME.html Show response
s0.2mdn.net/sadbundle/6383460344232043442/300x250/ Frame 7A0A 78 KB
17 KB 58ms
19ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6383460344232043442/300x250/300x250_DE_DP_DV360_RON_CB_WELCOME.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fea219fc2ab637c1327753a83b49690e7573409f552d35f6559123109228170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 35414
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 17314
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 19:41:17 GMT
expires: Sat, 18 Jan 2025 19:41:17 GMT
last-modified: Fri, 19 Jan 2024 08:56:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8080 0
0 123ms
60ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstOlHXWtY1kAqhFy5AMGnd_x5YxJxr3OFFzWVHmm9UwB8-73xNvLgzLjjxa8Qoiu-je0FnhEzoWh90UTJz9AdaSQHp9COReWKFECRJjubClI2PNvifZGr7ooZyxlx_ISRhFZ1YikzJjnLMlkorelmaxNp8Fl888_cKKujDCOP0Yu6DSPczKnz-jABhvYWIw9pAJgW9fPG31G8LldAah-b8Eiog3gusEuiIPdZ-GO-dUrmcKLVs82KGepaYYwhIY58fFx5ucXiLRzydKg4BRu0zvuRrjg6uJsz6mPPdD_zHVyb_xM-kX2wVAQEoVkI7lBKeL9ly74KVdc_m7WfgwZD_87gvxQbhaDDnbJe0BSr1lEx7Bd_889hhDiWCOKyaMpe9NocCvLMAXjpp7Gp-LYkbQF9Hkr0XTaH9kHgGEXqR6mw0k_e_tpy056jF20TEiLCuyamBqdRfs1CNDGzskd4HR6r3sW1i6r6gEPss0wKuhd332d8TBw9vbS3roO-Xgszq4hHjnDtDgyy3DxxskE4S8IvrWb7DlpD--7I_T6lzvbnKsti-5jlNwNzBTUDaQg8qHt2T1NbC3FyCEhXFaYcNiUZea0sGNUpIYGaLTMi39PWHLEbNOzlkUzMCH-3IjDsZMTaBnywFC4cANDvMQk0pE9J1TOZd6xLTaXn1f9_fCdMEJKjNNBmJhvB0DGL6mje_ZpWIVUjzGAfEz7mtd_qAGRpcc8BlOBcUEnXyfVQH4tVXqHJ5WKhc6pTushKRtrSau7Nuiq-HNp5Fvc8yUSgNMGOwvjNzeFJL-joSrNk2XUq1jSG8tJ32Y3m6eDqABZeOmi-xQd0nCqLYJvvErfMj6O_iOnBf8H1-6NJIAaOyLUe_H2P_9aMAgNVBWcHz0yZ622Lvck05CdzXqySF_MY_pwthSYivefNiGAIYm8gWgC_9a_nDP5fIKT03gOR_DSCmm156v5FKLfRTShpp_0YL8MClj4zWjtLV-K2SAJ0xL8YwG0QFZaszrfjLQtS2pNXmbvbwzw9_utKVN8grWU-4fFNSAF5Zpl4EJVdxuD2puQglO_Ck4KTChOFnK-SDCFv1yUOPlU5GUo_ILbC9dTcGNVuhU37sTrvs24iEjAH7J3g2GQ2HcVK4a3_YxjknYr1EF9jOSvarWWaKCFw-fCQsMygOcr5mZSmBhi8FSHVZL11T3xXaKMfojSkAHbPnSkHBc-F0hqkAFUpRFlHlSJjpTGPbocL5TW0PibJnWsTKqe_6exgD6-JfHToZaWyYkPvoFzyvfJATcqxhkFCT2Ola-Rqev6-xNpB847HNjJDjDlRexvv8SnMdgfv9xQjZWQI3gQrJv5cc&sai=AMfl-YSerS2ZVYCkihmnRNnbxNsDBBwRofMtXVeuQhmfhxL-i38Lu49M-IBrIRsWknFgfD7J6-3J0B3ce8x1C8E5lxOfY7B7Pg-g113ONq1nHFmzv7fazwtu5f9J6_JsJDmlNTJ4Wp4HunzuhX-2BWbv4z6omXcOKq_jteEjygN3KajGb3aLNv1IcSUnNJzoez1z_IMqDLAxxnKikCsbJVm9TdOX4zmxvINf74G0nH2VPSaXy9YYAbuwutti6S-A7Up5MKxcPrHWwMBLTPRB4dKlCadL7R6Xefqz3kDWEB4Sa9xsVQD2cM4NX7yIM2TCfljLO3ya2fbp-GSoWakfK09jKUUDV2RiDCgX7ace2edHmi-FU3D64k3bW8ArbZWr0xS9wMsnMyLZ8qwXO0LiG375dMQ9H16cAkcor_NBntr0BWNyYrAKsO5c&sig=Cg0ArKJSzE5nclelBkriEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vcGVuYmFuay5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=118&cbvp=1&cstd=116&cisv=r20240118.03533&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 05:31:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C5D3 50 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 300648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 18:00:43 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 7A0A 236 KB
63 KB 137ms
52ms Script
text/javascript 2a02:26f0:3500:11::215:14cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6383460344232043442/300x250/300x250_DE_DP_DV360_RON_CB_WELCOME.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sat, 20 Jan 2024 05:46:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C5D3 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BkIjXslqrZbrgNZ7I1PIP8vSM2AwAAAAAOAHgBAI&bg=!8_Cl8L_NAAZVxkGXdcY7ADQBe5WfOCdz6Rs_RO4XTEcwP8_nAfVFCS80s7mUlZ0VRQKgIntNw0VOrogj1Lt5etX-zOYGAgAAACxSAAAAAmgBB5kC60gaQ14PkS_P52gZ56GwM24LzYKXM0jWSXU9oJv6_kkaQ0xO9ss3xsqabuFWEEwFymMrZ8ku_WAE1m6_VbsuoYAnY54cL6cB-TMhTNaboflAMFtrz4Ci9TybOUiOi0si1l-0cqP-m-wYxU0QYBdbraxCxKzKc3CXdCzwE_c1nBBcwQ4_Zp6JXJQuGFXBcRklR1mYbNsNZl8rCSq0YB8q5hO0p-ZAK0mJe_Ae2OQujTrYfOaZZrrTCaG2749YUQL8a0ne39J8sleM96LZSJ3FIMawyYP71kyjhyrRCFk86dAz0LRMrhkSxwezKhYcMOd6LeHK3hmtlr-QY0SgBBgqyRROo0QutNY-j5IY0ezKODARIJQ0uk4dzDPumHxSKVNZJvc2pPq9IjXw6iDy99GFpNqH_WV7l_hjAjAAaCp0GeSr1QcTyF3D2-z7DXq2Y5GMQWHPJ9KBb4uViIc4p5r3M4qZADvrFu95ZGllDNcTfhIhAxyvDcqsXDBky_R4Gl6GTdEGOCNcq9eGLdD3MlzBVgOyhJjRB1jqM6bR0lKWyLtOND08i1fkTHQpUMhCzLnalvXuoqTpGlPSh84wY4Yi6v_EipUfDsoXXfZnaTfZxpnWZeApuCPz1EvMYFpCOERGG0XyLIZQghKWYteqfzYDv1ZVehkrZ9JFaHN4VseVeHw-MdyJblUVutPd8QlLL2-TyzMA09rqDFm2gPVSnQDn1d8emsfSy6DGaeO7V1XblXsePUD2kY_bmslSGK1oXnkpCMWPKiaDFRD0EMRks1fChvpZGpyhj8UUxk3e6nwhufiOiQluWNCTmC4imhXAro6XMup3oDr2hFAbYWCb8NttRqTPlfA_CAZueHeiLHmSPzPDeoi78OcVzwHuQA9CIu4XFei0a7_7kccJHN8gGgAHtXBJ94Tl2a7WLu_a1-zQqfg61X0eIl4g6K2wD2C9mOGZuNr9_lYARZyKOK1OS7KUEzhquE_n00LBgkeaYQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3814094608&adf=3401818602&pi=t.ma~as.6970387599&w=336&lmt=1705728690&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=446&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame F426 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 14:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 14:00:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame F426 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F426 0
0 29ms
28ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVddEWMETZ7vHq3An3lxhwR10FxZM3ee8w5NxKp37Yz8lxZ7sb-LDUTmERJJtuKtEXeRqTu1wVlQ1w8bqqbdEhu3QQrw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=948510642&adf=865389875&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728690&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=445&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F426 206 KB
65 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 05:31:31 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame ECBB 118 KB
42 KB 132ms
50ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZatasgANbYYEvwVqAAl50vxFOtKJIFPVt_OkGg&u=%7CJjQDA0CbIslmSeZatNIyAwdYUsh3ldtY6%2Fpysy0cZqQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86w322skEirNj1SCFPZuroNCGsamaBfrPDpvH-pcH878eaXmjDU1MNoYzGcLOeRiL7WDadkUMYeQecwwEk-g2GSbUSasdjarXNUY9OskZJhxg6T5SJnNxu7yAsWrPRpIjB2PGnhpjRQTMwHwsJ5xdLvoX0Rqxqkb7y-DBdR-vGk2C0h_fOilliyot54jLM-hOE5w0EYkOmW3cuTl2ZgDLbkqBy3ifBlwiB4tAuPf_iuu_hsTeMye0DLFfIyU9raufW1JTkBPtNDRBRpJ_9kvC8ImtvehhQISoaps1necvqWrDkzd2LEi7j7rn10yH9rSIoKFkD6uq-bY_vgrUWI-NcUz4YlkQzO8REFlRoEuRASGydgpWJthCxTHSEAq2d3yKWmMGmGJiImlmol2Cf_9KUOUK8ms-XkQpgj3IWe8XDxC2Ru79-fDBQr2z15Yz80s14MFbGcLd7vvMmFEG3nDTbtnZaZdALj4pW7iHEsyMr4G_h5gZvBrHIKEXgdNp3bCpsjoT9E64OUj1jcqPazRsCrUUHjg6d7hyLesZYlI766mLjrvKyBbz6N3KDYerQnwSnGzalSy_Ssaakd_bfkUqjf_rQaVjizHLmg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0CoZslqrZYbbNeqK_NUP0vOlmAzJntKxXI3w4taTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQKdimvoZUiyPqgDAcgDAqoE0QFP0HzsxbFdtqYPhsAfVpV_6t2L83pbQbmooqsGpIkV608kBKSOZRNxjQVUgvEJHqNLBFzkzpizCWSDR8TTgCUgu4-XW96i-C5lVy4kOXClY3xpC-ToTAlANcy6uk5gFcxXgiI1KOWgC-DGSxIf1l8sGW92xJ5e7DXTH8HvgpK6LNmWiaHrMcQfgcpt95p3WYnzci5XHRpQ5yDnIICGht25PE3HzA4XyjZzwWTy-3vDQQKHGtpM0ZojeFZU4oADzFTg_2ccJOL6NhHpCtFhrlV6yYAGw8XVm9bAl4_aAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlid4M_FnuuDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0C8IGcFDCKJcL5NYPDFn9wtYCdfg%26client%3Dca-pub-8847092362748368%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5fe5fa6acfdb9ca111dc0c430e0b4d90c8a22b37f4d87283f3685fd9233f5885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:31:31 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WOhOil-dN_Sz0794nbAI2Y9bhnlt9Ila67l0IYYcxRrTKipGeo2UYgwRdTOY7tAvYM19Sy3DZVgt--1JtUruFsc4G93mkydMzq2Kxjafbq0K_eCXZGOVICUIKRu4KWdkAWAikwbfT1bjHc0gXa9BvSsuhMsfZ7h_4ntaE21i4FE1pvsHDdZd_9DvrQWKeB62KUYobDwwYwTkppK6V83i66bmOooRgozmCVEe0LluSiuGTgd5UxNWWyAH7NcW8bR1zgHHDQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 13781918
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 95A6 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sat, 20 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8080 0
0 55ms
54ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstOlHXWtY1kAqhFy5AMGnd_x5YxJxr3OFFzWVHmm9UwB8-73xNvLgzLjjxa8Qoiu-je0FnhEzoWh90UTJz9AdaSQHp9COReWKFECRJjubClI2PNvifZGr7ooZyxlx_ISRhFZ1YikzJjnLMlkorelmaxNp8Fl888_cKKujDCOP0Yu6DSPczKnz-jABhvYWIw9pAJgW9fPG31G8LldAah-b8Eiog3gusEuiIPdZ-GO-dUrmcKLVs82KGepaYYwhIY58fFx5ucXiLRzydKg4BRu0zvuRrjg6uJsz6mPPdD_zHVyb_xM-kX2wVAQEoVkI7lBKeL9ly74KVdc_m7WfgwZD_87gvxQbhaDDnbJe0BSr1lEx7Bd_889hhDiWCOKyaMpe9NocCvLMAXjpp7Gp-LYkbQF9Hkr0XTaH9kHgGEXqR6mw0k_e_tpy056jF20TEiLCuyamBqdRfs1CNDGzskd4HR6r3sW1i6r6gEPss0wKuhd332d8TBw9vbS3roO-Xgszq4hHjnDtDgyy3DxxskE4S8IvrWb7DlpD--7I_T6lzvbnKsti-5jlNwNzBTUDaQg8qHt2T1NbC3FyCEhXFaYcNiUZea0sGNUpIYGaLTMi39PWHLEbNOzlkUzMCH-3IjDsZMTaBnywFC4cANDvMQk0pE9J1TOZd6xLTaXn1f9_fCdMEJKjNNBmJhvB0DGL6mje_ZpWIVUjzGAfEz7mtd_qAGRpcc8BlOBcUEnXyfVQH4tVXqHJ5WKhc6pTushKRtrSau7Nuiq-HNp5Fvc8yUSgNMGOwvjNzeFJL-joSrNk2XUq1jSG8tJ32Y3m6eDqABZeOmi-xQd0nCqLYJvvErfMj6O_iOnBf8H1-6NJIAaOyLUe_H2P_9aMAgNVBWcHz0yZ622Lvck05CdzXqySF_MY_pwthSYivefNiGAIYm8gWgC_9a_nDP5fIKT03gOR_DSCmm156v5FKLfRTShpp_0YL8MClj4zWjtLV-K2SAJ0xL8YwG0QFZaszrfjLQtS2pNXmbvbwzw9_utKVN8grWU-4fFNSAF5Zpl4EJVdxuD2puQglO_Ck4KTChOFnK-SDCFv1yUOPlU5GUo_ILbC9dTcGNVuhU37sTrvs24iEjAH7J3g2GQ2HcVK4a3_YxjknYr1EF9jOSvarWWaKCFw-fCQsMygOcr5mZSmBhi8FSHVZL11T3xXaKMfojSkAHbPnSkHBc-F0hqkAFUpRFlHlSJjpTGPbocL5TW0PibJnWsTKqe_6exgD6-JfHToZaWyYkPvoFzyvfJATcqxhkFCT2Ola-Rqev6-xNpB847HNjJDjDlRexvv8SnMdgfv9xQjZWQI3gQrJv5cc&sai=AMfl-YSerS2ZVYCkihmnRNnbxNsDBBwRofMtXVeuQhmfhxL-i38Lu49M-IBrIRsWknFgfD7J6-3J0B3ce8x1C8E5lxOfY7B7Pg-g113ONq1nHFmzv7fazwtu5f9J6_JsJDmlNTJ4Wp4HunzuhX-2BWbv4z6omXcOKq_jteEjygN3KajGb3aLNv1IcSUnNJzoez1z_IMqDLAxxnKikCsbJVm9TdOX4zmxvINf74G0nH2VPSaXy9YYAbuwutti6S-A7Up5MKxcPrHWwMBLTPRB4dKlCadL7R6Xefqz3kDWEB4Sa9xsVQD2cM4NX7yIM2TCfljLO3ya2fbp-GSoWakfK09jKUUDV2RiDCgX7ace2edHmi-FU3D64k3bW8ArbZWr0xS9wMsnMyLZ8qwXO0LiG375dMQ9H16cAkcor_NBntr0BWNyYrAKsO5c&sig=Cg0ArKJSzE5nclelBkriEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vcGVuYmFuay5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=370&vt=11&dtpt=252&dett=3&cstd=116&cisv=r20240118.03533&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 95A6 35 B
463 B 70ms
21ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPBFSgaE2izzbMLqPKeEcts&google_cver=1&google_push=AXcoOmS1dIWAPV0ZVjhjEVUpwXBdVp7h_s5hSh81Vio0cyzGiJVktYAgNKFTUMAvMQLfkJpxxh69PqJYtBa5sCIh_Gko9zYSN7fZNMQQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 95A6 0
104 B 241ms
122ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDOSYd54zGcI0RiuwbWQASQ&google_cver=1&google_push=AXcoOmR5NpWl9Le6ePExRhXihJBAWbFNkb8Upu8h_aza16ByNzv0ld0UfmH5hg78aFpKt9aMl-mgKLKCEPRbGoUh0RiTa0_NTiKNY5Sg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=948510642&adf=865389875&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728690&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=445&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 95A6 43 B
146 B 66ms
20ms Image
image/gif 52.59.145.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAubs7BScw5Jo99ugTDKzcU&google_cver=1&google_push=AXcoOmRvycDLXzIC57wTT7rnp6z77-uFw9BK94v-LzYHkBVJFm8Cmifyk7auHPNVUmUtLfc8RMLY-d7zRWmhAshODNv1CvzQn6Gl3UA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=948510642&adf=865389875&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728690&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=445&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.145.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-145-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 95A6
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESELmcVzVr4yBJTOZAdNp8JJ0&google_cver=1&google_push=AXcoOmREzCWPUknMddhDKqiMRJxE_Y8i11tsCbW-98pkNg3mjMlgCC_j4yznaX8AZxtGBWpy-Q0jNN4Cht8b6nE1N7-9tkm...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESELmcVzVr4yBJTOZAdNp8JJ0&google_cver=1&google_push=AXcoOmREzCWPUknMddhDKqiMRJxE_Y8i11tsCbW-98pkNg3mjMlgCC_j4yznaX8AZxtGBWpy-Q0jNN4Cht8b6nE1N7-9t...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmREzCWPUknMddhDKqiMRJxE_Y8i11tsCbW-98pkNg3mjMlgCC_j4yznaX8AZxtGBWpy-Q0jNN4Cht8b6nE1N7-9tkmXk5wskdM

170 B
188 B

58ms
57ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmREzCWPUknMddhDKqiMRJxE_Y8i11tsCbW-98pkNg3mjMlgCC_j4yznaX8AZxtGBWpy-Q0jNN4Cht8b6nE1N7-9tkmXk5wskdM

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmREzCWPUknMddhDKqiMRJxE_Y8i11tsCbW-98pkNg3mjMlgCC_j4yznaX8AZxtGBWpy-Q0jNN4Cht8b6nE1N7-9tkmXk5wskdM
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 95A6 43 B
363 B 81ms
25ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQjhtsUa3P_A1AAs_mMyeRlxF7gLnT7-XTbgX--wz6zSk1s-V8FTbWVRZ1T91GVNR7mIHydoFfbRydmlZeJls4LT1b7WwIEM_4&google_gid=CAESEBfDOHUI1wpHs7hQ3X2VOdM&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:30 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 259357
expires: Sat, 20 Jan 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 95A6
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEG_hLK4Sc5GPINM8Cc0FRS4&google_cver=1&google_push=AXcoOmS6r0ClPiSd9oVDK7-C6wAxAsgaPesWIwg-Nk0DVjgvjDo9Qj5i_m6mY18Y8qzHZfetdMcMXS3BZ3qd...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS6r0ClPiSd9oVDK7-C6wAxAsgaPesWIwg-Nk0DVjgvjDo9Qj5i_m6mY18Y8qzHZfetdMcMXS3BZ3qdtdRa5l-qG8WYqwtwC9S2

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS6r0ClPiSd9oVDK7-C6wAxAsgaPesWIwg-Nk0DVjgvjDo9Qj5i_m6mY18Y8qzHZfetdMcMXS3BZ3qdtdRa5l-qG8WYqwtwC9S2

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS6r0ClPiSd9oVDK7-C6wAxAsgaPesWIwg-Nk0DVjgvjDo9Qj5i_m6mY18Y8qzHZfetdMcMXS3BZ3qdtdRa5l-qG8WYqwtwC9S2
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 95A6
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHJQdOLuXHlr...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQhuiOs2AJaDbUyKbAoHJVQQuGrYxjb_TEHC9dZwfFjdz5qpBPxlJH65EqI3h7htKY1v_txZqytXzT2rhUYSPOtfzorbCqguuKp
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

46ms
46ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=948510642&adf=865389875&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728690&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=445&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=4
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 20 Jan 2024 05:31:31 GMT
pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 95A6 0
12 B 27ms
27ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFMkOpOKzFUVOIKE5BdRV2UURfuxrBec50FtUf69b3Y5sVO0-df3BlhqkkDXDBlK99AzbNdw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame F426 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6cead7689ece39643f370c4b8f069d2a556b2ce5aeda8e970067d4cebcc01f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F426 0
19 B 60ms
59ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5uWLslqrZYbbNeqK_NUP0vOlmAzJntKxXI3w4taTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQKdimvoZUiyPqgDAcgDAqoEzgFP0HzsxbFdtqYPhsAfVpV_6t2L83pbQbmooqsGpIkV608kBKSOZRNxjQVUgvEJHqNLBFzkzpizCWSDR8TTgCUgu4-XW96i-C5lVy4kOXClY3xpC-ToTAlANcy6uk5gFcxXgiI1KOWgC-DGSxIf1l8sGW92xJ5e7DXTH8HvgpK6LNmWiaHrMcQfgcpt95p3WYnzci5XHRpQ5yDnIICGht25PE3HzA4XyjYxw0Vge-gTfKRXPQDA8XOHdnFeVIot1NZUN1q61l3kGglxwEVBR4AGw8XVm9bAl4_aAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlid4M_FnuuDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GAA&sigh=CZllZaImeBs&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_PmiiGRYhdHDMDP0brHd3v6gW3jkXwmTFJvdly_s9T_GuT4XMjnXr3fw0_RGrmpwOCJaFTsfGrxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=948510642&adf=865389875&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728690&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=445&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 05:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame F426 0
126 B 100ms
33ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kKGoGcz6RIIGmAKdg2ICAgAAAMPMr_vJGdbZELJaq2WMAKtJgEYSUzLMAAASAAAKCkFRVUREd0VCRHc&wp=ZatasgANbYYEvwVqAAl50vxFOtKJIFPVt_OkGg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 188532
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame ECBB 2 KB
1 KB 102ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZatasgANbYYEvwVqAAl50vxFOtKJIFPVt_OkGg&u=%7CJjQDA0CbIslmSeZatNIyAwdYUsh3ldtY6%2Fpysy0cZqQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86w322skEirNj1SCFPZuroNCGsamaBfrPDpvH-pcH878eaXmjDU1MNoYzGcLOeRiL7WDadkUMYeQecwwEk-g2GSbUSasdjarXNUY9OskZJhxg6T5SJnNxu7yAsWrPRpIjB2PGnhpjRQTMwHwsJ5xdLvoX0Rqxqkb7y-DBdR-vGk2C0h_fOilliyot54jLM-hOE5w0EYkOmW3cuTl2ZgDLbkqBy3ifBlwiB4tAuPf_iuu_hsTeMye0DLFfIyU9raufW1JTkBPtNDRBRpJ_9kvC8ImtvehhQISoaps1necvqWrDkzd2LEi7j7rn10yH9rSIoKFkD6uq-bY_vgrUWI-NcUz4YlkQzO8REFlRoEuRASGydgpWJthCxTHSEAq2d3yKWmMGmGJiImlmol2Cf_9KUOUK8ms-XkQpgj3IWe8XDxC2Ru79-fDBQr2z15Yz80s14MFbGcLd7vvMmFEG3nDTbtnZaZdALj4pW7iHEsyMr4G_h5gZvBrHIKEXgdNp3bCpsjoT9E64OUj1jcqPazRsCrUUHjg6d7hyLesZYlI766mLjrvKyBbz6N3KDYerQnwSnGzalSy_Ssaakd_bfkUqjf_rQaVjizHLmg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0CoZslqrZYbbNeqK_NUP0vOlmAzJntKxXI3w4taTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi04ODQ3MDkyMzYyNzQ4MzY4yAEJqQKdimvoZUiyPqgDAcgDAqoE0QFP0HzsxbFdtqYPhsAfVpV_6t2L83pbQbmooqsGpIkV608kBKSOZRNxjQVUgvEJHqNLBFzkzpizCWSDR8TTgCUgu4-XW96i-C5lVy4kOXClY3xpC-ToTAlANcy6uk5gFcxXgiI1KOWgC-DGSxIf1l8sGW92xJ5e7DXTH8HvgpK6LNmWiaHrMcQfgcpt95p3WYnzci5XHRpQ5yDnIICGht25PE3HzA4XyjZzwWTy-3vDQQKHGtpM0ZojeFZU4oADzFTg_2ccJOL6NhHpCtFhrlV6yYAGw8XVm9bAl4_aAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlid4M_FnuuDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0C8IGcFDCKJcL5NYPDFn9wtYCdfg%26client%3Dca-pub-8847092362748368%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 05:31:31 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame ECBB 2 KB
1 KB 101ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 05:31:31 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame ECBB 308 B
636 B 99ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 14 Jan 2025 05:31:31 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame ECBB 293 B
622 B 98ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 14 Jan 2025 05:31:31 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame ECBB 43 B
348 B 83ms
27ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=oHeqn4C2kk7Q95mSxiJHnKBonD6fEsDm4mVdiOU7G6laf5B8MadayCBDf-muqFYiysrPDXzxnCMM2ojbH4bCiowop5enYhSAhyUzrTFjvDFAM_1yFu7_1hLoy6MCtLvVt2sDhwrjcjnegNSEBcFnw-ZG_XX3qD4CeKs27XIEtNsOtNlwqkr6d2UJsj4xlYZJlFj9USQKONtHza99MZK1a5-VB1RDTx00fPYFbyDFp5_2b_gjNqSPDjD0mkH-S_jpiNZEVvj26c8FYuR6JtF6wPz4fOz4oQnWmO0I5PSQmKjm9iz4A0W0kMSUezB_EdjDWiVfdtv9bskQ3b_TQMIQiyUP3dKMkCdfQ3vEIjd7H6LyjL_F7Pd55AlJdrBh6uYu_4zAN0eChMojYKtiuZ9JDzUFXcNvcIjWgQ8rXFIh79iKAo4AOVHyu-zg0ExAPUjoNj50Dg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1589079
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame ECBB 12 KB
6 KB 82ms
64ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 05:31:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ECBB 17 KB
18 KB 131ms
65ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=476&m=0&partner=109926&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109926%2F5172558%2Fd602a38af4df4d55a9e4a757fc0d6894_231121_dgj_logo_bild-wortmarke_criteo_growth_levers_1200x1200.png&v=3&w=346&rid=4&s=LAWQmvyrl5Z5N6iBJasfa75k

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4dbeca94bb78a777283cb4a1eeb6838169fb325f9c71f0e36486af10aff58785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 17714
expires: Mon, 06 Jan 2025 21:32:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ECBB 85 KB
85 KB 146ms
81ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=109926&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109926%2F5172558%2F57d7dd574c694f2fb767b79f4cc59ab8_231204_mf_dgj_4_abnehmshakes_v2_criteo_growth_levers_1_1.png&v=3&rid=4&s=nMzRrw6tsgfXXhMa3c7gLNq5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f7cdab7c2dd8f9d6576813bb6816663f7902f4cf1ec1a32959b18286f9f3f5cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 87126
expires: Sun, 12 Jan 2025 09:52:37 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame ECBB 0
128 B 104ms
34ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=WOhOil-dN_Sz0794nbAI2Y9bhnlt9Ila67l0IYYcxRrTKipGeo2UYgwRdTOY7tAvYM19Sy3DZVgt--1JtUruFsc4G93mkydMzq2Kxjafbq0K_eCXZGOVICUIKRu4KWdkAWAikwbfT1bjHc0gXa9BvSsuhMsfZ7h_4ntaE21i4FE1pvsHDdZd_9DvrQWKeB62KUYobDwwYwTkppK6V83i66bmOooRgozmCVEe0LluSiuGTgd5UxNWWyAH7NcW8bR1zgHHDQ&sds=2&rev=90272.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 20 Jan 2024 05:31:30 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame ECBB 2 KB
1 KB 46ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 05:31:31 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame ECBB 2 KB
1 KB 47ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 05:31:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 13E7 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 13E7 8 KB
846 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 05:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 05:00:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 05:31:31 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 13E7 15 KB
3 KB 76ms
18ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138079
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 15:10:12 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 13E7 378 KB
132 KB 77ms
19ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138079
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 15:10:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 13E7 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 13E7 0
0 28ms
28ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxUqk5PsWX9litNQKiM-28Jrxb18FO8S5hZLKaZrMwi26wOgzGhJgaT8w_oKVDBdFN3Dx-rb6Lrt8_3qSwdv-fdf3HeQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 13E7 0
54 B 85ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrlmtm2g&c=4052042774618&slotId=2026021387309&qqid=CM_a7cWe64MDFf8DVQgdcKcCoA&fb=outstream-lima&sei=44752538%2C44809796%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 13E7 15 KB
16 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 14:18:08 GMT
x-content-type-options: nosniff
age: 227603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 14:18:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 13E7 15 KB
15 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:13:53 GMT
x-content-type-options: nosniff
age: 271058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:13:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 13E7 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C40qts1qrZY-1Fv-H1PIP8M6KgArf1NG3deL3zdqdErHR_d8FEAEgkLCHE2CVgoCAsAfIAQWpAp2Ka-hlSLI-qAMByAObBKoE_AFP0HvxdDZUivJyO0HSzq0U5rkfwcTO_1wh7lWjOLoy9yjOuBWe0FQJ7kpJdHya6hlpp86t-nMixT5Nayqmp28a0hhqHcZH6QSHcGiQNvqmEYOJAaas8LXgCrNqCCvhK6LVM2IU700UCGsDSIwzVnChQ4GMKAvK5_6suNoKMwomP8j8HtFFvACdNKwcfJ8y5LiizNeKKx-TVAs6MMXxoxWGcslzzrPyG8VNl9p50aSW_NezVlqpedAfjo2rE7AlqxfJwFxrMIn5_G0NSYgMDDQy6FEL2cuwz4ql2hOtbtN981ZMyBPdW-mbwq_Khj6nn6JfJ57JduO9gtnxct7ABI-RxbPQBOAEA4gFztL8xk2QBgGgBnaAB_y3qowFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9MHtxZ7rgwOACgHICwHgCwGADAGqDQJERbATqvqwFsgTruTm4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1705728691971&ai=C40qts1qrZY-1Fv-H1PIP8M6KgArf1NG3deL3zdqdErHR_d8FEAEgkLCHE2CVgoCAsAfIAQWpAp2Ka-hlSLI-qAMByAObBKoE_AFP0HvxdDZUivJyO0HSzq0U5rkfwcTO_1wh7lWjOLoy9yjOuBWe0FQJ7kpJdHya6hlpp86t-nMixT5Nayqmp28a0hhqHcZH6QSHcGiQNvqmEYOJAaas8LXgCrNqCCvhK6LVM2IU700UCGsDSIwzVnChQ4GMKAvK5_6suNoKMwomP8j8HtFFvACdNKwcfJ8y5LiizNeKKx-TVAs6MMXxoxWGcslzzrPyG8VNl9p50aSW_NezVlqpedAfjo2rE7AlqxfJwFxrMIn5_G0NSYgMDDQy6FEL2cuwz4ql2hOtbtN981ZMyBPdW-mbwq_Khj6nn6JfJ57JduO9gtnxct7ABI-RxbPQBOAEA4gFztL8xk2QBgGgBnaAB_y3qowFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9MHtxZ7rgwOACgHICwHgCwGADAGqDQJERbATqvqwFsgTruTm4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 13E7 0
234 B 71ms
25ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrlmtm2s&c=4052042774618&slotId=2026021387309&qqid=CM_a7cWe64MDFf8DVQgdcKcCoA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.hn&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 13E7 30 KB
17 KB 123ms
54ms XHR
text/xml 64.233.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BdeDj5gt5tyWDhcpAwFJb1LpgauY1i2b4STspPOF_cmZeCDNN2E8-BoEobdVt4UugjHuFn-BVRUlA8vUMhkutPlwJXlA&cry=1&dbm_d=AKAmf-Cbh1OfHpcFsQJMeziLsNhju966HzUudNTVlL1GMHVfIyW68J554pM4TNAS8f3Y82UXcvqb7Wkx6GERR3HZDYklzmnZTqfXdmYgNWGWckCKOoOu0ECDgqd3sERgcCEZjC0Y49UpxStIH9PXt2nk0IONz7cp6bGlCF3pby8gVNkbl38hRdCdU7my8HZ_kbnoy4_e7fbsR-BM2eCrjIsSF7ZgdcIomYJ9f-EZg5z59KDke13-7YMdj5WY48gjZr5eq9o_cTlhbIzxtYFCtz8sAKC2CSvRwSplkHM0zI-KTJZOMOnYoGazWdc4ls_uPDPx1uWHS1WSOCxWSRhWxBqajfAx6c4hDSnSqFQUMht69H1wdaJ9zAIldrALRKYye5rx_gHvWLDRee04h7660uMRTbPIq8u7Q8Aaezs4Wuxv1J66CE9oAFtYH8QH9fC69T0PQZv9u16RFlnpwM5ShgbG7zrz91qv8DFUiSn1wnSyUhlJKQKmzZ9XSPwbWmEOEgHWXIdWw5mYpUdoJZ0JLgiU5e7vL_7Qbcef8V39Ri49_LFUhPiBLnCyChYadR9F7xVAMX3i88iwTwDafCCwliBnaEorWE4QRkZSwwSYo5E4if2CA3kgCh--OJRBFnd25xouIubtp_sQvnH-gJ95ovhhzAQIA2B3opFBIF1pWUjM2WMACWyyRAD19IQJRn1zgLZFwWPyuY0jb9-TM9H3dzX33IsX3bCjOd7pOIO02np8MZJQzsTCmWLqz0aZwGGU1Eh0bYdEZDKvNftrNw-Y1Ahtodmtw41ETtH2dYRSJwaEkabPWT_xVmMNe6ul7fgY-Jsifvv8T3dtsRNkKWneEzdKywnbksi9oWaryreRKiNH_FpE9TveZQV2Aeqpu8StSNgXpVW7d0y9N-i5gqdLzbAc2bg4b8ltzNr1mpsfphZD5bY9upEyHtq-bhUWfnQTcaoWmxCKWtdymxAIxqCaSpf4XLiKjQTVIG3swy0GSRpwMqB_02a3re-UNX1ekBXiBWACHhO9t1MoaOWVGjwHkW5xPR_Vq4lWm9pugV230ly6y8IS6qFwkwZaI7adWBl4Onz9HKb8n9J86u5fa04h7y_-nyXUGS_pIOFFyfZ2EVUkTGywcIgldq9uU078_k0-ZjZdZF6-O5SetrSWcxgg5Iyz6JlBzElfeYJDUUm_VXSJxEHdy1SdL0cCq3O3Sh30pePmnSSVweIK85YtlPGz0aCDsFEWuy0OZq4jnecwR-BM0845Nl-BNRonvbWpMZ4mWrvW4pKfuG4UsERaZiWjTSM_15MVUQUigEGWaQRXpGmDOw1azFBY_opJiYxejBNiMQrkcxvvR3GXxy0C7tqL95GAKRKyZmL8dEARJFETgHpw0rGbVoZOUygoSUGfNojwDVSrR_dNPiNR-7zkA2woTlKVlq4DLrbMI91z-3HIM4DkA7HU-Z_MJGJSEKFaOWtnWZCTvjjXP-sOf0_w4gmUH-5XEGnFExarLN6DMYwvDAtD8a6CF3KwhHEUvRTisi1x20aEgFrAZ_fGod2amkwDtiTVG1AH9M-HEgNGIr-Vfc6rtCf1K8eYkgQ84_HYVptUr2E8BdOrWoLyH1qfMAFftZI6bei0IYlfXheWvYpK3jo-EPPlK6jkriRRwqdZKtGuEAeGGtU62HvHBvliEy0ErFtnYbrFD_p9Xu7YnTp4pC0R-KcazIsgOErpUgx2XWZSx4YaNpjdfwqEU9ka_cxdS30bbMLt2PWZE2o5HAajVu7fZNesLGQsSX1ZKHo1gzqI8BZxIfJv9puHrqIHkwKdYOQkady73CNQgAkCv1t0-VTWhSUmNTpOfeywTiJAje0h8cc6UQgb0pbfuB2xHbCaA65fMRP245GMd6gWHqWiT12UC8hOOb9i-qdeaPc4fGOs3htQWbbc-ptrJBzoCOCG3mNfqwsRDN2jGJJDS-Hndrq42O2aPPRnGmNIGxU4Bfpm1f2zBZVY-vwgSAwtMmR8vWtDL7To5jlZyrL__olARkevgwVpKdcZbVO1hOgogYCIsIWL47MUVidh39nR2l0APmLy29XFvGkxGWVlrr0wASHQLf7DIJ0OpyXmcRAPMfNhwp5RiFDfy4VExbp0TOVO68AkZ5EPVhx0l5KgWwoplAldiRo81aEtATAD2YngYD2rlImhThMb5cY0fcTQxYTr5VU1lVz9JqK414Dc6YGC8ZIQjmyRPZu_ptmbjbazLk0D68yQZXfXaxnh3ya_Cbl0m9PZ1ras6hC1Uyk4M3rDGDpUzVqrmQj9LP0SgGDQgrGAzqBvFVTkZnUMdABN1awDxP8vvERs9UxleYJZd0fA6x8J3DDK6vInQYhpFTjgpcP7hPPOryJnTWe9oXSYvhuVFCT65FOYX-xMl72FIkNynUX1BFXkRpgHjhwFwSLQRTLXXh6RYjIGdWy_NybaLHHvSBGvsGO_dZHjOGg6JW0Yq4q_zXSTXX-Uo7DIIOPfXF9e9MpDGT4Sy97SFf05NLkuqks9lR1ksQDhmVRCBKTHjRR1HluYUk0p-NSGxVVJwtkyvUEzAWR_W9Yzby2PEw92gjhdO9xIG5Dmtz5EVBtrI4I5v3eWHiBl2kdMXf2MZ0fbKOxibXOPkM93nyxt0U6lfEff0eGktdeVEExbIlPMLyfMgQ3E3roZl8-loYDPY0ACaFGjNe1N5JVBSKJc684f7ibkt1iSkm8xlajjHQq8ahLjNf5F3Fs5sDu2ou0aDg46tL1d12aS-FFG1M6Tz6RSfSQOhb8g3JHcvL_7hroAx0afHOPzx8lC9orlPyswX7N8qXlbmkj06QQbfEgWUHa7CJa4eDvgpNRft9f_tuNvBO-Btpi_ggucnNL0wN3a4pLHGXLO3K4ehHjEH4W53L4GQMzjL2tGmF8fqWVlTF02ISbqIaqP0eCDP--NBy3izzdZ-I1YK3eSitDMg30p2LtWUmfLzdhMA1ncWeFkn8uc0KoorzIv7H8ql9RajfdVU51OrzvdwiObJmKEs3CBB6rohu0HB8UdsPENdv_GiPirA-Ez2tq5iPpr_jHQIS7R4wa1PxgID9sNe9YwtrsM3A0GUYskXqLJbM1z_htGqM4UJJxEEigSaLvUaYcnMqLW94U6Dj3BKSL58RWbgELK6NfTN2yWaAa2t3KyNWC_LAw3okDkgyf86kC5TzNZF2dYMTU4QSISZthsfEU7Qvtvp7DtfH4yGXx_YNeRuyY6jSRmEKmVZXHVwPjfGr6c_jn-_Ki9PxE9g3eTs20tx3oUtfqTW4iMS5dMHdTyPKe4S5b-A8gaR1qTbGJqUfnjeQCajT4mBL385kOI5vu-Te-fxNKGo0PEituM24ShcSxIl6XpgdaJVcjaPj6ekiZvrb9MtK_bUAu5xk5FmQZmhHZWlgW-zdf4iA92zBIFpgGuJyNzXD6s47Y4HKy0TMYUrV8gleYhtDdZ9cAmDtzOe1B7wgCyeYBS1w8vQ4Dakw&cid=CAQSPAAvHhf_aopjMFR3OFuyn_Qn-4Kjk3enIm_MDIibDMtcH4PwIspw7bLSG9u6_mXXTTIRdE89KXbBvvSYcxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f156.1e100.net

Software

cafe /

Resource Hash

44d62946386a5e80f46c67bd7bdba8c83b860d0f4f538d70e50f495ea8de35ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17214
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BEE3 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sat, 20 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 13E7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecc86bf1c054e60603fac09e8ebc103435202b9e4c9bd9131fb8714e32dcf13d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame BEE3 35 B
210 B 22ms
21ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDCOxWJlDgHKhcUyleNEb6E&google_cver=1&google_push=AXcoOmS3Cc_KAAgpNDJqN7itIbLL4tHnFlFDeq_O4mX_Ck5BaygPewi8CJliVKchoFNLEDoEDhrRfA1VLiwwg6QwwQW1v_UgQ9_4nA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BEE3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmF0YXN3QVByRXVtZVFBTQ==&google_gid=CAESEMSnMLtxQLs-_GimLCWEP_E&google_cver=1&google_push=AXcoOmTcMEKVLKHqeP1m_BYI6hBrSDwsAm...

170 B
188 B

38ms
38ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmF0YXN3QVByRXVtZVFBTQ==&google_gid=CAESEMSnMLtxQLs-_GimLCWEP_E&google_cver=1&google_push=AXcoOmTcMEKVLKHqeP1m_BYI6hBrSDwsAmueQ9qY4T958weBqTx__6nAA2GQ3zf8Wdi3hGcQhlyRjiRXqI7vBPnLj6JnX_M-4r8P4UU

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230036-FRA
pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1705728692.031843,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmF0YXN3QVByRXVtZVFBTQ==&google_gid=CAESEMSnMLtxQLs-_GimLCWEP_E&google_cver=1&google_push=AXcoOmTcMEKVLKHqeP1m_BYI6hBrSDwsAmueQ9qY4T958weBqTx__6nAA2GQ3zf8Wdi3hGcQhlyRjiRXqI7vBPnLj6JnX_M-4r8P4UU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BEE3
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEC23-2zw8fYjGhtaFe7E76w&google_cver=1&google_push=AXcoOmSYQ82OPpitpWBh2nMPRh-zZTm661z88o7zpc2AHhkaee0OfiEGcbXm5q8zOv-gEgpxLzGoY0PUKgQ56RFf13a_Wucr2Z4sLYw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmSYQ82OPpitpWBh2nMPRh-zZTm661z88o7zpc2AHhkaee0OfiEGcbXm5q8zOv-gEgpxLzGoY0PUKgQ56RF...

170 B
188 B

62ms
62ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmSYQ82OPpitpWBh2nMPRh-zZTm661z88o7zpc2AHhkaee0OfiEGcbXm5q8zOv-gEgpxLzGoY0PUKgQ56RFf13a_Wucr2Z4sLYw

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 20 Jan 2024 05:31:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmSYQ82OPpitpWBh2nMPRh-zZTm661z88o7zpc2AHhkaee0OfiEGcbXm5q8zOv-gEgpxLzGoY0PUKgQ56RFf13a_Wucr2Z4sLYw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 19 Jan 2024 05:31:32 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame BEE3 0
174 B 71ms
27ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEN-nWLy9ZSN3X_whFICCmU0&google_cver=1&google_push=AXcoOmR0h3dNAOoyVvu1WxLpev0UNKz_gKW53SbKd5t7VSUl_MuWwLYpg1zgBWwdKOiX3BoJHZyJoi1Q5xtXwW8-vaujtQ870gUKVWo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync
x.bidswitch.net/ Frame BEE3 43 B
145 B 20ms
20ms Image
image/gif 52.59.145.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELdZ3te6gLzNmDJ2PIW0a1A&google_cver=1&google_push=AXcoOmTGz0VY6ZpxwPIPChqEAbVQCIxzACsXZ1cgxOcrc3pMIEuv3y-gkmH3mxW5DLte4UzyzSL_C6KCoOz-DZ9kn7H6HSMnAOe9RuE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.145.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-145-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BEE3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ7nRS4vqxKPRin4dujGMsE&google_cver=1&google_push=AXcoOmRQMrH1BcxXOuCk8j69YnAVQsJF6yStCuNZ5cGAH-ag15yDiODqyHdx0vURyJS_Suo0EDav2t6U...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc4MDMwODYyNTczMTgyODAx&google_push=AXcoOmRQMrH1BcxXOuCk8j69YnAVQsJF6yStCuNZ5cGAH-ag15yDiODqyHdx0vURyJS_Suo0EDav2t6U...

170 B
188 B

65ms
65ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc4MDMwODYyNTczMTgyODAx&google_push=AXcoOmRQMrH1BcxXOuCk8j69YnAVQsJF6yStCuNZ5cGAH-ag15yDiODqyHdx0vURyJS_Suo0EDav2t6UjDuwk2Zr6tgQXh6clpJ2ELE

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc4MDMwODYyNTczMTgyODAx&google_push=AXcoOmRQMrH1BcxXOuCk8j69YnAVQsJF6yStCuNZ5cGAH-ag15yDiODqyHdx0vURyJS_Suo0EDav2t6UjDuwk2Zr6tgQXh6clpJ2ELE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame BEE3 43 B
297 B 202ms
34ms Image
image/gif 2a05:d01c:1d8:8100:c911:5d1a:a3d7:1490
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEEINlKAL_lvvjdsxTLsncNM&google_cver=1&google_push=AXcoOmSwYpCyL5m3T2OFNdppARZaso9NMGgRvbQ0RZ--eIsJ8tInQlzC3FlMHC14Rf3e48TOwmXgtWp1E_Uy6p86KZlLwNS2hsPbAI8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:c911:5d1a:a3d7:1490 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BEE3 0
12 B 27ms
27ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IjY8YzM7yLOZAcIsgf7Xjo37131JrTcTISEduqP0aSXclCVLTFcSRfabBJgEwfxOczjhJC

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 13E7 0
0 54ms
54ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ4yKs1qrZY-1Fv-H1PIP8M6KgArf1NG3deL3zdqdErHR_d8FEAEgkLCHE2CVgoCAsAfIAQWpAp2Ka-hlSLI-qAMBqgT5AU_Qe_F0NlSK8nI7QdLOrRTmuR_BxM7_XCHuVaM4ujL3KM64FZ7QVAnuSkl0fJrqGWmnzq36cyLFPk1rKqanbxrSGGodxkfpBIdwaJA2-qYRg4kBpqzwteAKs2oIK-ErotUzYhTvTRQIawNIjDNWcKFDgYwoC8rn_qy42gozCiY_yPwe0UW8AJ00rBx8nzLkuKLM14orH5NUCzowxfGjFYZyyXPOs_IbxU2X2nnRpJb817NWWql50B-O1aqBfrYxals5z_M7DGGQnecceuZh7rSGi6Ww7rpsgIzCj3ucho87n2PmC3mid_UYCwCpEr9kBN8sG6SZnfj0uMAEj5HFs9AE4AQDiAXO0vzGTZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH_LeqjAWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChD2nRsY8dPE-gHSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPTB7cWe64MDgAoByAsBsBOq-rAWyBOu5ObjA9ATANgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GADoFwU&sigh=Gv-W3C8kUbI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_aopjMFR3OFuyn_Qn-4Kjk3enIm_MDIibDMtcH4PwIspw7bLSG9u6_mXXTTIRdE89KXbBvvSYcxgB&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1214363925&adf=4093038968&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728691&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728691342&bpp=1&bdt=1148&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 106ms
65ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a48d32f69593281f6bb0dcda7204e155a33813c37f7156ba2ea6069fb08683b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12215
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 56A2 104 KB
43 KB 408ms
408ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c063768095e107a4c53ffdc6ddc6dc73fb3b729327359ae1f5e6f835a5188d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook.lojaseofertas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 44075
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:31:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3782 90 KB
28 KB 467ms
467ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c67eda54105c8a47591a53005af9d16b572f4ddf3915bf5fd23be891795d332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook.lojaseofertas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 28804
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:31:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 13E7 0
54 B 25ms
25ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrlmtm35&c=4052042774618&slotId=2026021387309&qqid=CM_a7cWe64MDFf8DVQgdcKcCoA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 13E7 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 18:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 18:20:56 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 13E7
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

89ms
20ms

Fetch
video/mp4

2a00:1450:4001:11::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/076A2A0730454681CCC5A45D311E3E5D6E4841E7.73380DE84035D58BDE32EDF0D6534B7C1D3BEE17/key/cms1/cms_redirect/yes/mh/SX/mip/2001:1b60:2:240:3247::9/mm/42/mn/sn-4g5lznez/ms/onc/mt/1705727890/mv/u/mvi/1/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:11::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 05:31:32 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2854551
Last-Modified: Fri, 13 Oct 2023 15:49:08 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 20 Jan 2024 05:31:32 GMT

Redirect headers

date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/076A2A0730454681CCC5A45D311E3E5D6E4841E7.73380DE84035D58BDE32EDF0D6534B7C1D3BEE17/key/cms1/cms_redirect/yes/mh/SX/mip/2001:1b60:2:240:3247::9/mm/42/mn/sn-4g5lznez/ms/onc/mt/1705727890/mv/u/mvi/1/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 13E7 453 B
585 B 26ms
26ms Image
image/png 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-8847092362748368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Sat, 20 Jan 2024 06:21:32 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 05:31:32 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame B3B5 23 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 213036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 18:20:56 GMT
expires: Thu, 16 Jan 2025 18:20:56 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame B3B5 39 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 14:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 14:00:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0524 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook.lojaseofertas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 55889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 14:00:03 GMT
expires: Sat, 18 Jan 2025 14:00:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A168 829 B
559 B 31ms
31ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9fe58e66017cc25a666875d8bf8022f2590ef39e5611cbfea15d79ac09cd760

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s_taCjegqNU8RmYnYT_V-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://facebook.lojaseofertas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-s_taCjegqNU8RmYnYT_V-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:31:32 GMT
expires: Sat, 20 Jan 2024 05:31:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A168 0
0 50ms
50ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=3307973028482334&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0524 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 14:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 14:00:04 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B3B5 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Buv-ItFqrZfTbBI34nsEPi6m2uAUAAAAAOAHgBAI&bg=!srGlsf7NAAa8BdJLnAU7ADQBe5WfOKQinuOvqXg2W1QrwkYBxzCq7Dl7epU-DDa6no-iXVFVMtcq9a5BGmi_DhOPlKbOAgAAADZSAAAAAWgBBwoAJHjnd7AmNKl-nxTmKdOlHry3q0YmBiL78qBsEqBakFiYayJwCJkC7jno8dF5PkpWQLyIseus7qmRLGhV4W04We0F9eyls-YX-hiiYGhrsOxto1jOIo6AnUeNNaGxEJHICTwFDGDRVEBySWk3I3aO_3nrHeBHrS1wYvCkX7SKU00R1idzjHg8Ug3AFbwUY68KdSqZsgQglXTHrdhptKgq-Gi1XNzvy2wFpl6r_5y7bJv1XJOcqdjnwvv_RhEOmE3ZVtDHs_ePqVVJaPO5XgHmbanl6rq2D-AqCDzj6eYOWx5nssYosOOoWTvFRRkXChVWJZPFYZtxMvffFTaxeiO0Cnin3BuvUlByE4RRBSYTB4RfR2mWQsQX_o5Fejx_A2GOeKIDFsVoDUs8lsN_jII3M44G4uHKYrMP8CucC7hF_iuFiVH7pniaPzxQJtzJAXQDa28vMvvOalAG80aup8GHRJvolfjnDGv74DbLuoLXtuYDiFzp77jjk8PLmIjIru3aoZcuiq_yLHA0DbTH_dkFkxPmB3k-GLX7o-X_-JdReggFwfWtN70AkrwyHRwvp_Dg63486zMDzoZSJ1k8U9I9OrAPAKAyPbH15Jhh8vbnLQzlPTU5MP-EZegxo7F36Y5HT7GMrR2y8iSRwxyXvLQUq5dRfFKF6Q1nBfZanBCuF5rRh_EQapboFYSCfzuXTPuipadjg_SSyQdIw0gYN6jhw3rd7Ugun1rOFHQ28jbgYNCyMrbLjCxC6nhG4DHcd9CUiovXs4ucb7vgSrTnHKmj5NF4T_HLztvtr_6ml3GMM0tCzW07P5p0Fwt7SAICZrvexYQwrOt3FfFe3z8lpZnw1MlONcoIuaEAr6QTqrlxwcnr5B4TcYyFhNwjlV9ziZHZt-xT48_wH_Aup0AM1zsljLePfjjQZJcggSGAyn-hB7ZmvDSJJdkc5lAH1wKH4fI4Itw2rlQvexbjcbRO-hzkbBg6MN_iTK2T6J8EPpXY70xjpA0_ztLoddq_YhqEDTgOWEO6AYE5Jh4aLRh37hBhhLW5girxQw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0524 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?i_4oJQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 206 file.mp4
r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 13E7 165 KB
0 39ms
19ms Media
video/mp4 2a00:1450:4001:11::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:11::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 20 Jan 2024 05:31:32 GMT
date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2854550/2854551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2854551
last-modified: Fri, 13 Oct 2023 15:49:08 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EFB1 624 B
242 B 56ms
56ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGJ_HhoQCMAE&v=APEucNWsPlC6SMKSwKssws5K0xT8S-968ipFBQkrPxaEMjfxROl1h0Tgio_-zfZn8K3fJP4IhycwmjynymesTSSbL5nr2TezLWsCLpbOd9FVb4nQhdrdgxcb4J0MWTj9aiVKvJnZ_W_1o4mEo7CEWdUm6gk6oas9UK6zJw6lZMsLtiK0yj86EFM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:31:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 0898 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:32:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:32:08 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 0898 8 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:37:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:37:48 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 0898 0
0 59ms
59ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss0pxuf_GtPqGudPfJAbrrkx768qJrsB57ubTlCPnl3Uv_4_TTFJZPqg3Lz9g-wZyTob6gmc8gJAbD-W-9anrRsGSCfExEaH6UZeZHvdqjgZcKdyVvCizKUwCRHVQJgceU09ciOayko8LYVe8Y8Wqa_Q25tCzrzFwBckH-sHd0tPw7geVX2gKpDsP14rTFJIKYlNGmjbJLfoL6RoLLSm2IQzh1M_GNAndwGKQrtdoXNUNnq-zX8zM-eFlsC6FNdrcrB7seofAvKTAeo-_enf8fa_FSLeuLqxlQ-UXqafzyzxWAruSxSVCCSHDuqcSkpRFlJxVzu9b2OiWAug_2kslEul6FdkUqkSU8wKILNlpI0gcuTVBQ254VSYIp58cfp-utmZTCrdUwjvTf9Mi_ysyccoZGdgGzpBLWIdnGHrEJBnnoUnfftfGIGGdBqlZAMrScGrtzWI3kY6YnqKjrdC2kmhMNO-xBUIi1X0DFwpVi09TTCbseTncDxNeNSRdSYcYai4sqMvjo0DtiAQk9-1LOxHhM5ZXq9AFR3fZjJ16IDiPkQNwkkkWiYUJJvONWfx6T42QLAtH-Xo6LD0stc0S5mS2S-poPB9XrQRGBBr3aCO87B8Cpje7hTjt21G7SFXVi4Ss_NZKpJ--_J6znskTSoRzjwO8KPIyBiDI4Uj5LnnJaqFOpPMT0CG9EWqYOdSEseiNeoH_TWOpoOminoontG4mEYl-qDHskJ3e0CpscucUTNz6go91k-8LKmi6oyxS7q4e-xICQH5Wozrx1QPOsHGXCPhor5GiwKAs2L4w1ybPUrBcezkub3gmm6v6V1qZ48xPKoxf9YrPtSveTSi9NlSRlAmqpzQ_vcDUqhG6d0zJ7eJYq3KE9R6s8CY5tuFwNgBrcj47VPC0aG_JuEZF2lRgRqQ2AjBC2Bx8b7bvzR-D6SArugkBhTAHr1pgdTUQwNsmNBQa2l1HFdO0DLS_b1yfiYLu_PMBxEbjCjKu8d1RQLq2B-kU-XZpGdmplqtSuhDE65HvP9S8YRweEhTe1hugzg12pq1YnVmduUvas0WfWLVkTUNBFk4_DJzby7NDw_cT98CX3nrVfEyL8JeaBaZrRASglXSaB9Q3zWcR2cVPFmehKwGWoS-Ht85lUTPLVg2GuARZ-p5MH-L4keJLzCoC-72n-OB91nOTm2Y8U9flkwNNRZPz737ywTfkjTWsDhn1_MI_7YkmrmugBYXwTL47W12k9Gt3j-GuQ8pXEdnzTQv5A6e4SBKga3azEXkHpgNopm_hDy1y-Axh0lX1ZSYkWU7AXUGZ3htPYv8A&sai=AMfl-YSQNTA5586yMCkfS3_F3nKQrtt8N7w1fi_mTjMZU5l5Tp4PKtpEZy3WFxP6oYeXJzazbX0Vz8nOaarh6_jV3uZF3wsMwxFkRkOllz6y6TvFFBkoj05wY_kSpNtdplZM34fsAxeKSruvRHvj1Sc34bYscaPFzekMfVXfj80VSKgcaSLjghqtyrxjOtDqVYA4QWP53WnaU8Wf7K2Qa_GuiZbiPwSdROlZs1c3ArNbYE4nzYPh6LtVfGvAvmWSMquKxfsS4S0PRg2M_bNeru0URrmAYilcc99z0davIEUgFIv7U5gvQr_Pr_W5QBqqTg91l5B5E9-843vicC7F-YB89oC34AOvQvP2tbFNfOzUcO6N1KLy8COozIDfTEwpHo1zjtnv8c_0-7rDKk0BHShRcIG3W0Rogj2wwvMskaikHOVJ&sig=Cg0ArKJSzNw0j2aOJgzoEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9reXRhcnkuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20240118.44814&arae=0&ftch=1&adurl=

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0898 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270199
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 0898 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 14:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 14:00:03 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 31AB 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sat, 20 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 0898 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0898 0
0 28ms
27ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPCzLtkFLPNOL2QJLssvYc95gsgUefh4hRjzlO5mURGeGHJyBYeisAWFXI6aS4_ZgqYx4MPPG_xa-ql-ZG24sjpgzVPw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0898 206 KB
65 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 05:31:32 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0898 42 B
63 B 51ms
50ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dhqzi10UtFKjyAVlbPJgd4_1YLogZ8xnzton_QHVySzgAHEtlfjrU0JNQ7HopCT9LNfp0oAC8TDIJ_T7tqurhkU0juXOwFwMP2uhtzm6HwpfwWVpw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 10137103502003758777
s0.2mdn.net/simgad/ Frame 0898 52 KB
52 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10137103502003758777

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bb516147c809d5b4449cea5cf85c8a1ed94caa1f711765646ba036702ca9cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 19:51:59 GMT
date: Wed, 17 Jan 2024 19:51:59 GMT
x-content-type-options: nosniff
age: 207573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53393
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 13:02:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 0898 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba5fdfe04e83b940b02e631badb80b6e7bba4f7dfefe00b214bbfee554bc97dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31AB
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTh4UEhQa1UxUnIzWDY1&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmTsDV8Xjx4VIOeKmjvdgLAzrbAFIwAiMLgXEx5fnBt...

170 B
188 B

29ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTh4UEhQa1UxUnIzWDY1&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmTsDV8Xjx4VIOeKmjvdgLAzrbAFIwAiMLgXEx5fnBtpHEZjo-I-v4eHoDuIf3EBykzYAMr0ZAftwCFCv8YDkg6607I9qiiTHBg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 20 Jan 2024 05:31:31 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-05a941aeab12055fa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTh4UEhQa1UxUnIzWDY1&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmTsDV8Xjx4VIOeKmjvdgLAzrbAFIwAiMLgXEx5fnBtpHEZjo-I-v4eHoDuIf3EBykzYAMr0ZAftwCFCv8YDkg6607I9qiiTHBg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31AB
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGiGCRqVDQQp41nJJowwV1M&google_cver=1&google_push=AXcoOmR4-z3E6Pcx3EWPVD3PR6qIHqsQbwh6iU6SVX1tv_onM7xza8QFinUDbZ0INkclk20Ly-QMgRwijXFQHZ5oeNcW5PYQdzOjDmrC
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmR4-z3E6Pcx3EWPVD3PR6qIHqsQbwh6iU6SVX1tv_onM7xza8QFinUDbZ0INkclk20Ly-QMgRwijXFQHZ5...

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmR4-z3E6Pcx3EWPVD3PR6qIHqsQbwh6iU6SVX1tv_onM7xza8QFinUDbZ0INkclk20Ly-QMgRwijXFQHZ5oeNcW5PYQdzOjDmrC

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 20 Jan 2024 05:31:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmR4-z3E6Pcx3EWPVD3PR6qIHqsQbwh6iU6SVX1tv_onM7xza8QFinUDbZ0INkclk20Ly-QMgRwijXFQHZ5oeNcW5PYQdzOjDmrC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 19 Jan 2024 05:31:32 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 31AB 43 B
362 B 26ms
25ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSgt91Laguj9hyQm8bcAufBCm9RGXD5z_sO0UIjkHOvUjqSbeg99flqEADNR71QOw7DY_AJUGriGmBLZb6O7O9LzRl4cUpH28aA&google_gid=CAESEBfDOHUI1wpHs7hQ3X2VOdM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 242544
expires: Sat, 20 Jan 2024 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 31AB 0
12 B 27ms
26ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzVpd9W_WfcTPq49_CfVgWgBxi4_CC1Vse6zgEEkZ7Ow

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=785591858&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1846&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CE11 38 KB
13 KB 19ms
19ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 0898 0
0 53ms
53ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss0pxuf_GtPqGudPfJAbrrkx768qJrsB57ubTlCPnl3Uv_4_TTFJZPqg3Lz9g-wZyTob6gmc8gJAbD-W-9anrRsGSCfExEaH6UZeZHvdqjgZcKdyVvCizKUwCRHVQJgceU09ciOayko8LYVe8Y8Wqa_Q25tCzrzFwBckH-sHd0tPw7geVX2gKpDsP14rTFJIKYlNGmjbJLfoL6RoLLSm2IQzh1M_GNAndwGKQrtdoXNUNnq-zX8zM-eFlsC6FNdrcrB7seofAvKTAeo-_enf8fa_FSLeuLqxlQ-UXqafzyzxWAruSxSVCCSHDuqcSkpRFlJxVzu9b2OiWAug_2kslEul6FdkUqkSU8wKILNlpI0gcuTVBQ254VSYIp58cfp-utmZTCrdUwjvTf9Mi_ysyccoZGdgGzpBLWIdnGHrEJBnnoUnfftfGIGGdBqlZAMrScGrtzWI3kY6YnqKjrdC2kmhMNO-xBUIi1X0DFwpVi09TTCbseTncDxNeNSRdSYcYai4sqMvjo0DtiAQk9-1LOxHhM5ZXq9AFR3fZjJ16IDiPkQNwkkkWiYUJJvONWfx6T42QLAtH-Xo6LD0stc0S5mS2S-poPB9XrQRGBBr3aCO87B8Cpje7hTjt21G7SFXVi4Ss_NZKpJ--_J6znskTSoRzjwO8KPIyBiDI4Uj5LnnJaqFOpPMT0CG9EWqYOdSEseiNeoH_TWOpoOminoontG4mEYl-qDHskJ3e0CpscucUTNz6go91k-8LKmi6oyxS7q4e-xICQH5Wozrx1QPOsHGXCPhor5GiwKAs2L4w1ybPUrBcezkub3gmm6v6V1qZ48xPKoxf9YrPtSveTSi9NlSRlAmqpzQ_vcDUqhG6d0zJ7eJYq3KE9R6s8CY5tuFwNgBrcj47VPC0aG_JuEZF2lRgRqQ2AjBC2Bx8b7bvzR-D6SArugkBhTAHr1pgdTUQwNsmNBQa2l1HFdO0DLS_b1yfiYLu_PMBxEbjCjKu8d1RQLq2B-kU-XZpGdmplqtSuhDE65HvP9S8YRweEhTe1hugzg12pq1YnVmduUvas0WfWLVkTUNBFk4_DJzby7NDw_cT98CX3nrVfEyL8JeaBaZrRASglXSaB9Q3zWcR2cVPFmehKwGWoS-Ht85lUTPLVg2GuARZ-p5MH-L4keJLzCoC-72n-OB91nOTm2Y8U9flkwNNRZPz737ywTfkjTWsDhn1_MI_7YkmrmugBYXwTL47W12k9Gt3j-GuQ8pXEdnzTQv5A6e4SBKga3azEXkHpgNopm_hDy1y-Axh0lX1ZSYkWU7AXUGZ3htPYv8A&sai=AMfl-YSQNTA5586yMCkfS3_F3nKQrtt8N7w1fi_mTjMZU5l5Tp4PKtpEZy3WFxP6oYeXJzazbX0Vz8nOaarh6_jV3uZF3wsMwxFkRkOllz6y6TvFFBkoj05wY_kSpNtdplZM34fsAxeKSruvRHvj1Sc34bYscaPFzekMfVXfj80VSKgcaSLjghqtyrxjOtDqVYA4QWP53WnaU8Wf7K2Qa_GuiZbiPwSdROlZs1c3ArNbYE4nzYPh6LtVfGvAvmWSMquKxfsS4S0PRg2M_bNeru0URrmAYilcc99z0davIEUgFIv7U5gvQr_Pr_W5QBqqTg91l5B5E9-843vicC7F-YB89oC34AOvQvP2tbFNfOzUcO6N1KLy8COozIDfTEwpHo1zjtnv8c_0-7rDKk0BHShRcIG3W0Rogj2wwvMskaikHOVJ&sig=Cg0ArKJSzNw0j2aOJgzoEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9reXRhcnkuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=41&vt=11&dtpt=41&dett=2&cstd=0&cisv=r20240118.44814&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: facebook.lojaseofertas.com
URL: https://facebook.lojaseofertas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 3782 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3782 8 KB
750 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 05:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 04:55:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 05:31:32 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 3782 15 KB
3 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 15:10:12 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 3782 378 KB
131 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 15:10:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3782 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3782 0
0 30ms
29ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTulAZup_8-SJUo8qZgg1-jnrbpPcJbo5NSlG4WoPbnIBv36hXiYC2PKT-hfj0O1T6lrZ--oDGtx2NgC6XbpnDkdkKDUA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EFB1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI33n4lUvhtShk5AfK4HXBA&google_cver=1

43 B
731 B

55ms
55ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI33n4lUvhtShk5AfK4HXBA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGJ_HhoQCMAE&v=APEucNWsPlC6SMKSwKssws5K0xT8S-968ipFBQkrPxaEMjfxROl1h0Tgio_-zfZn8K3fJP4IhycwmjynymesTSSbL5nr2TezLWsCLpbOd9FVb4nQhdrdgxcb4J0MWTj9aiVKvJnZ_W_1o4mEo7CEWdUm6gk6oas9UK6zJw6lZMsLtiK0yj86EFM
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rx709pH%2FHSBgKBmlYXqcpfB2L48UBX2gCopEHmadyjYyV%2FDXfbxrPilyHRjmEC5P4eLgWgbTiV6nn9uJDlIzImEsDcPXBdGi1nNnN7DuZn6QqVet4%2BOsuNPFjazraBaldw6o3lCtbK7lYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8484ee88a997451c-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI33n4lUvhtShk5AfK4HXBA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EFB1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zatas7IV1h3d1mKpTOQsEAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI33n4lUvhtShk5AfK4HXBA&google_cver=1

43 B
733 B

51ms
51ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI33n4lUvhtShk5AfK4HXBA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGJ_HhoQCMAE&v=APEucNWsPlC6SMKSwKssws5K0xT8S-968ipFBQkrPxaEMjfxROl1h0Tgio_-zfZn8K3fJP4IhycwmjynymesTSSbL5nr2TezLWsCLpbOd9FVb4nQhdrdgxcb4J0MWTj9aiVKvJnZ_W_1o4mEo7CEWdUm6gk6oas9UK6zJw6lZMsLtiK0yj86EFM
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H86pSGiLdXyWA7%2FM8Q30kFTGSsneOqpzpvlxXzBOyxCHUNch60iu3QLos%2B5gj5oTpfsU4DijNeMvfVCZg2JXK6rCI%2FB5lN3RqRJHnhcuZslHW0l%2BuT0T29wLtjDjWib9rozKGWcjvJ6J8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8484ee88e9d7451c-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI33n4lUvhtShk5AfK4HXBA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame EFB1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAIdjnaH9TLvUlF1VqDneds&google_cver=1

43 B
1010 B

34ms
34ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAIdjnaH9TLvUlF1VqDneds&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGJ_HhoQCMAE&v=APEucNWsPlC6SMKSwKssws5K0xT8S-968ipFBQkrPxaEMjfxROl1h0Tgio_-zfZn8K3fJP4IhycwmjynymesTSSbL5nr2TezLWsCLpbOd9FVb4nQhdrdgxcb4J0MWTj9aiVKvJnZ_W_1o4mEo7CEWdUm6gk6oas9UK6zJw6lZMsLtiK0yj86EFM

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
an-x-request-uuid: 47eb0830-7c22-4759-afdc-03e32d8e30fc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.19; 217.114.218.19; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAIdjnaH9TLvUlF1VqDneds&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EFB1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMzNTk2NTMwMTI1MTQwMDA0NQ%3D%3D

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMzNTk2NTMwMTI1MTQwMDA0NQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
an-x-request-uuid: cd03c93f-b933-4466-a682-e9f1f379e948
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMzNTk2NTMwMTI1MTQwMDA0NQ%3D%3D
x-proxy-origin: 217.114.218.19; 217.114.218.19; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8080 42 B
64 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8MpRhzRGsYQwSHhY-D4l3sUBFSIw9xEoouwF_fFQ-jHJ_R5nruLhF7yfGDOaPjlPUJgh9NfCuqEBkC_f2sSmXGxEjz-SgYdLSJLmfsB-1pG4K2zNoUk2k79JQBMvM8DrhO3mMcC4rSh_0v1csjOl3rNnT&sai=AMfl-YSil82gP-2ac1V-6b0227NDSbY-Fw1WtHRITGUqOBbytb-FHiYvfq0WhxIykOCop6bEZfwO1mh7JazAdO4QJDkB5f3Wzm6S74qUvo4apw-o6NaHlb2GOfGC9m8o&sig=Cg0ArKJSzPhuVDvQiLayEAE&cid=CAQSPAAvHhf_UtkTheWM8SjqskPLijCbO-5KLGhwjXvadib6yzN6TS9_Fa1-l7SrXNUFvwe60KNGIUaCcmfawBgB&id=lidar2&mcvt=1009&p=0,0,250,300&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3814094608&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705728690647&rpt=888&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA3B 90 KB
28 KB 371ms
371ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

468655f79bd97610119dec1ef6e384a03ddc947fff0890a6cda7fcf9e3f8807a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook.lojaseofertas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 28733
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:31:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame CE11 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 14:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 14:00:04 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 3782 0
17 B 25ms
25ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrlmtmk8&c=1052528232148&slotId=526264116074&qqid=CKa-mMae64MDFdkQVQgdEOIDbA&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3782 15 KB
16 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 14:18:08 GMT
x-content-type-options: nosniff
age: 227604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 14:18:08 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3782 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:13:53 GMT
x-content-type-options: nosniff
age: 271059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:13:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3782 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CYH_NtFqrZaaUBNmh1PIPkMSP4Abf1NG3dfjdxMDrEbHR_d8FEAEgkLCHE2CVgoCAsAfIAQWpAp2Ka-hlSLI-qAMByAObBKoE_AFP0Cp9YtebuRARYnnFDpN7wWjXRSDy-DC90eQnq3M70eh0TpRv1eYTNigoW-gF0-GwNh9krL6k5zdvwv41OCxEPOdOONQjqH8xPv9yvhwkikbdCy-HsJigFOi_z2HiX6BHmZYrwcicwkHuc9BTSp6aM47nsobRgwpyL78VlTYZOkfGsV86wox1z3gZwtpnoVyahKQQtNP7-RN7AGy2n7__h_LNFpX26yGirj3HosB-Y9Pdxrh1WcbfXaZ6XAWxrsPAR_gVbtcM85FkNfhrHtD47fZUwkhWwFsXg1RugMuMvlVNHjFyBSFl-YpWAHae4MDl3fAd0O4EG6rTN4zABI-RxbPQBOAEA4gFztL8xk2QBgGgBnaAB_y3qowFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9qaYxp7rgwOACgHICwHgCwGADAGqDQJERbATqvqwFsgTruTm4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1705728692609&ai=CYH_NtFqrZaaUBNmh1PIPkMSP4Abf1NG3dfjdxMDrEbHR_d8FEAEgkLCHE2CVgoCAsAfIAQWpAp2Ka-hlSLI-qAMByAObBKoE_AFP0Cp9YtebuRARYnnFDpN7wWjXRSDy-DC90eQnq3M70eh0TpRv1eYTNigoW-gF0-GwNh9krL6k5zdvwv41OCxEPOdOONQjqH8xPv9yvhwkikbdCy-HsJigFOi_z2HiX6BHmZYrwcicwkHuc9BTSp6aM47nsobRgwpyL78VlTYZOkfGsV86wox1z3gZwtpnoVyahKQQtNP7-RN7AGy2n7__h_LNFpX26yGirj3HosB-Y9Pdxrh1WcbfXaZ6XAWxrsPAR_gVbtcM85FkNfhrHtD47fZUwkhWwFsXg1RugMuMvlVNHjFyBSFl-YpWAHae4MDl3fAd0O4EG6rTN4zABI-RxbPQBOAEA4gFztL8xk2QBgGgBnaAB_y3qowFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9qaYxp7rgwOACgHICwHgCwGADAGqDQJERbATqvqwFsgTruTm4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 3782 0
17 B 26ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrlmtmkh&c=1052528232148&slotId=526264116074&qqid=CKa-mMae64MDFdkQVQgdEOIDbA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.fn&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 3782 30 KB
17 KB 59ms
58ms XHR
text/xml 64.233.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AWGvPrOpniXiv0kiJ2eY73WQIzfmhgeEv9H4IJ_tru-tmtyoO6YojyG3iwH8bmjSE8RWXjaXwUmXIZ74O4sm4S7dd82g&cry=1&dbm_d=AKAmf-C46Cx5ufm2VLU5ip6wyN6heO81h03FR5ZgimWB1eA1zmBTinBdU9_J8FmRIVbrs4P6bvy-P5BrvRmN2oGc6WlmzZ1uFyerp7izEjOlNg2oASAYSIuQKhpl85J9yaM1j8x0Vvpoc1GL9U190kOWiP0Ahi7uHpiuQW9QsIA3bsO15njfRlyCpSH1P1i_787QOLdv7ZP7quHRr8e8Ps3wwDOneJDfcF7a6PvrQ7jFdctO1PW0ZEe5KlLZ9eJvdxyzvZChJ-4h46VxjhXJf_qWYFRsbauaNCQzNQkRXMY7tGneNpCHd83FzG96rnRGY1w6FNUxV_N0j3Apy3X_xDDulZw08n1FUIilCSV7Uh6jXdusnQkXEGldUDKbHBexEDpId6QadgFUcsdExjidZGI-v9zNXamNZX3CAHjlmPELvMR4dKrICpq8-tuIEFZf9ev1EjHQ0mEgSSchHelVpWvF6uiH1d5Jz-ZOWmWANPAwxpMd_RJxNonPoZ4OBpYIwgxzdVwGasZpH9Imbe3BOzWI1kkwsjexFTlVmwIjqmYu2TyLWdO90bkwoszo3F_n6vM54H8-mm0dH-jDWZRC5sUsEvht8jfNqzxVtbJg73Qo23X3zDE-MHQ8fgvHeGz0--SaNQd6v3v3tvwhyb01pknY3B-xrhN6DWqHnISAju1s_uyKLSev0RXiQbVTzUeVEBdGAdZgPLFLf8Tp6C1vCyD9rTQzHNgw76Of2mU4RB9XVwbXJBYKFRwh37_9VdQebiC4fAt72ERCygvfyMNSU7a1gJPjR4GQOnDTYibSK3Y_D6MTG3j4vxAKYVgm8Mxm8xRfuY-jS1R1Nigh4QihVizPDKWxatjZp8wAb5w1cmXRvtMvH32NaEMThU4FxtgveNQKM62j5dVzW5xkPapM60jmbcYefkRb-bqGyFmWYJ14R4dGC2dxsTaB6gWW-6Ypk3HzWZkAyl1s8pw1q_DR-1XV-VrZqKx7DRUso7ExhwHbWqUBJZnm1d_onBxiYzt-Q5Oz11EsvVzuChjPcOC3epL_2rpLEsk9sGq70FaFI73uy-4geDLjNxefU7PtQf0xAJ9yuemdfH6IgzKN1yJdJQi7U5OghHy7w5hLuZc_q_msUgFiJiRrtOsg4NyEhLOjL8ehbgpQoBi3N-njwEaozjzllZNh1UPQB6PbV1K_ianGspxp5RAFgzgv9Np0ULfc3UQMeiaqobrKJZtCOwMTuQb_JYI12vqJZ5B8qbE__OlaL5JbMP1IN-2Ee9rYWkn-qsZ4j-rqrsGD0w8z-6cs_g0l15txglBiiWcHhV0MepSHZ0Wr4c8IRWTAh59pxc33AlE2K4CBg5BvPPkJcRbXR_oxJYPgyJJP8deo7qGlhsnrtu3ekVKVKFfIYGYF6WWFv-L1bVdhuoxqSYIJEL-EiukWpAVd6A3-QaXYGtijq3waF1EYq9g_xHtkIOLIxKuO3p0sHTfNKygc8G0vvZVb16fnF8w4YGkMVZIl-BkMhxSzbmAPvzXjfH6Ui4SysWVvhR6xR24j-dz1_99AsjihapaW72YcQSaJrqX-QIHJF6fd3r7X_mvhK9bDXT6P47c5oDBqMvUkdl9cheJl0Mny6zj2PjUgUVF9P76VAzxdK0zdK1OKW85_Wmxf7FhIiVwRtM44EnnVCRvLNysZnxsgEWbpIMiDMDHxWOzc0h_YsxZG8jTmkN15jamWrk7nEi3aX6rvSeS6-gtch_r2z2kRILI9rTDW1IU9Omfut9aEfvl2Mx6yJ2rXCswPwMSfKmYDueedgCPmRy6dXUlrwB0ftqzPCI60xfXRnaytLnB1J9lf-LWY_hGLeAOfw60sxd_uGvBxNhtH12__9KS2p6dWRId7vohj-CBFSm4kRuy1IcrxZ4oskELBNIDqRMjSKMvR95KXT6HG-6O6kO-yhqXN5rSpmpVPK-QtpevXofSprGOTFsfNcmnaO4K3_yGkTwqnu8g7PHQaHQxrDU6dHe7AFprq5awl7XqSTZRTCT5eVqmF0WIoLgeNlEqg2VjJmkbA6Uo1FOwhOEqRQ9lKFKJnE-_2eCJi8ZuFAaRT9ojMNclO6GtqtwKTyjvIjHXg_6MK1Z2d8ZBBXsa2TWtQuuHdWj-pmCJMxd74n5XxEFgk1nJGzu4KItd3KuNq1R84XyeiP_we5y3cHyLBLE-56rpjuI4uRevnr01m0QPPq3UyqA1vIlDPRBLQepa1d4hC6dpOh9ehcrFnkR0naOYZhjlmHgHbdS2dvVshGLTE9tbM9RjBTa9iDTagRGx8El0xHKwj5-rTJCppX8lpWr7B4t_0YdXPLxSIIN_sXGVHh0A0I72yezhrFylx_CwpN0EeqCIbGfiHR-ZpqHhpx8Ngr_5UoNJkLaPz60qscYy7SqERPGK_ZNmcSJA4lZRxFM63WknQJ1gEGWwE0TpPC4yHiPy4TIiDC_sUT5_VxQqIp3km129NSYfU7y_xFQ4-F-kOhoYExaUPKklN10OGh0FHVlK50quX4NSxH9J5-s3yrTTrL45P_roYs9d1VJvLjJ7uY41cnFIhPiPi66RH_QKWaiOMBRFs_u_oaXFCeD9NKJLgl1T4M_OO1mU5I02dmpnr3MfrTFw3ATIPw918iuer7qG7qJiIQYOjRgu55PjVCifqYUp-MXyvzrRr66r0_yxXJ2dwXDu9DmsRCShc7Sau4FPCizXLxJIinJtAb1sqHy1rOduabTZOuG-Crtlv7_mJP7aBkfmXXkYeppq7Og7Jjmrq3UGvi9ASb5rlZgzUO43cySmTqocRUCLIolWCECCIG5I3P56W53sl9LfvdpZjGkAh0r5fwprBT-Y9BhEl50zo24_2x57qlRp-I3Lf77fFrlIFo6OGMiOwvPaKvH6SzyZ7QlQJbkuFSh16X9UyV2JRVd0SrNebuXMqcz1ikw0OYj9de8JqCU8NcAXP0qxyNbHr0_9mw7zxfzEHSec69C9MvHJFCjhBeKdHHZyhGc62k8iK91m4fEi-4kzqQNa3gzbx2QFR2RCQ7l8pws61OSY9jRPPwOyZGutIf1SZK2ES3zufJ4PvKvTViW1U6C-5Z_J_-zZRo2uiN4JLC1D28tKU_UY9bdPihn5Emwf42svzclGpddeRsR8PhavSIpvX5yngqHB2A0sdUkPLBHjtlgHVsqYCW3k1Dw24b3gfxf03ALMnUl_3VtYG1pythC9GZMyeaZ_5xSeW5_6ntVqyFAOpt2pv7tpG1aItNAPSrjCxdni6XW36IY5OpBKd57u2F-yVavvBppguBvjnX0BYYO9-z9gwnipRjWCDqF1cMJZQHDfPdSJtBPYVVReOzp_HGDRTm4KSfNteCLpeEnCkpBQXuKQsgFw5xQvvslt10wh8Vn1WiOOVuI46dyXtflX-7BLlcr2HnWagWpRnSKMMgBEc2A9sH1Dk51O266YblLWWsZK_wVmWwkn5ANBBWWzBQGxlIJEJi1b5Q4bcLQ&cid=CAQSPAAvHhf_sIOnnK9WD3GRC1T8IhVJ9TxgGLJWXbA1Bnno8oWhAGwK01shU9aEN2luCASBYpI3kQsbWDUPUBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f156.1e100.net

Software

cafe /

Resource Hash

426bb789e3abd05fae745f32758ded453f1240551c7d6d985565919e6e4ce950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17184
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B8F7 1 KB
643 B 19ms
19ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sat, 20 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3782 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d23375836805476072d66fa170bd1961bc47867bed4e142a8ab7a494f920166

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B8F7
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTh4UEhQa1UxUnIzWDY1&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmSia2v8lxVunj2ajN8f1oWlj2G6ap9kcHJHUxmZa0t...

170 B
188 B

41ms
40ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTh4UEhQa1UxUnIzWDY1&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmSia2v8lxVunj2ajN8f1oWlj2G6ap9kcHJHUxmZa0tKmJLlYcNePAIPRqXfTszxzu61g96uNUNybL1B39IhuVh859fMtmMZxXXS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 20 Jan 2024 05:31:31 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-05a941aeab12055fa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTh4UEhQa1UxUnIzWDY1&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmSia2v8lxVunj2ajN8f1oWlj2G6ap9kcHJHUxmZa0tKmJLlYcNePAIPRqXfTszxzu61g96uNUNybL1B39IhuVh859fMtmMZxXXS
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B8F7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGiGCRqVDQQp41nJJowwV1M&google_cver=1&google_push=AXcoOmQYytTdgrhc30oaep2VjdMMIxoEIhbfvEFsJepd4Ash3NeYVlf7BbluAP58sptnoqwmiMWHqfGDBd4P2D_ReMoRHpNe-38rrZwR
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmQYytTdgrhc30oaep2VjdMMIxoEIhbfvEFsJepd4Ash3NeYVlf7BbluAP58sptnoqwmiMWHqfGDBd4P2D_...

170 B
188 B

55ms
55ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmQYytTdgrhc30oaep2VjdMMIxoEIhbfvEFsJepd4Ash3NeYVlf7BbluAP58sptnoqwmiMWHqfGDBd4P2D_ReMoRHpNe-38rrZwR

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 20 Jan 2024 05:31:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmQYytTdgrhc30oaep2VjdMMIxoEIhbfvEFsJepd4Ash3NeYVlf7BbluAP58sptnoqwmiMWHqfGDBd4P2D_ReMoRHpNe-38rrZwR
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 19 Jan 2024 05:31:32 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B8F7 43 B
362 B 27ms
25ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTlTm-iYFfQz70NKVZrtnoDpLsY2gjktmYuzE8tVCRBLli7FmMY_RaQRUXc9aTkgtqgtob4a6kDjQeRcOXcdsmRqAwEdcm41al1&google_gid=CAESEBfDOHUI1wpHs7hQ3X2VOdM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 210498
expires: Sat, 20 Jan 2024 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B8F7 0
12 B 54ms
54ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JsgHPsLtBxKNq5Vsle0VTt3lXzCmRFMJh15i0leF7ukw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F426 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrz6bSrGwF32S3VYkBfev6_9WxkkSHpcYCCMNeI1jqh9ZDK2CpgzwNImI0qXlA_NP3NHtzK2y2NMo9DuGT8_XfkrVzIpCUJ8slg4-pFQnufcbuq0p18g&sig=Cg0ArKJSzEsFSJ6GpZXMEAE&id=lidar2&mcvt=1000&p=0,0,280,770&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=948510642&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705728690644&rpt=1000&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3782 0
0 54ms
53ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYeJ3tFqrZaaUBNmh1PIPkMSP4Abf1NG3dfjdxMDrEbHR_d8FEAEgkLCHE2CVgoCAsAfIAQWpAp2Ka-hlSLI-qAMBqgT5AU_QKn1i15u5EBFiecUOk3vBaNdFIPL4ML3R5CerczvR6HROlG_V5hM2KChb6AXT4bA2H2SsvqTnN2_C_jU4LEQ850441COofzE-_3K-HCSKRt0LL4ewmKAU6L_PYeJfoEeZlivByJzCQe5z0FNKnpozjueyhtGDCnIvvxWVNhk6R8axXzrCjHXPeBnC2mehXJqEpBC00_v5E3sAbLafv_-H8s0WlfbrIaKuPceiwH5j093GuHVZxt9d_nuuqyJU3lK-a41lUpSfYY5gCoFzCn6DLPqrbVxjUT6byLhynn52nGIwKdb8vwsjLpwvWoYbZmXWdXA_kEFty8AEj5HFs9AE4AQDiAXO0vzGTZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH_LeqjAWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChDi_xgYhK_Y_wHSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPammMae64MDgAoByAsBsBOq-rAWyBOu5ObjA9ATANgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GADoFwU&sigh=7JUWcUIeSrY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_sIOnnK9WD3GRC1T8IhVJ9TxgGLJWXbA1Bnno8oWhAGwK01shU9aEN2luCASBYpI3kQsbWDUPUBgB&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6970387599&adk=3652174042&adf=2873711921&pi=t.ma~as.6970387599&w=336&lmt=1705728692&format=336x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692041&bpp=1&bdt=1847&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=849&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=7
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE11 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_0zFtFqrZfiUBIGJ_NUPtbmQiAcAAAAAOAHgBAI&bg=!GhmlGVbNAAa8BdJLnAU7ADQBe5WfOG1aphhgWP1kmBrOb3NGunXsTztth1P-TJBgaKXH_RUmym9KDFQyteHDJrtNZc3IAgAAAE1SAAAAAWgBB5kDD-zRthDTOdnj5y4tbbyOlgfhl0yeN7AgA-R1VxDCdoqhMQpxHwFS1Ir-P1js4HuCRfjHP6uA2b8yB1IkvXbtCCKYc-Rja7kaqckNR_md1odOMEvw9ZdtzXQqUn9iCYx6fzOsVG-keXGIMuSqBAuxXPOpL1MANbZVEwJOyMixWCM-mwJ_muPvK7oELi48r-cMf1zy5GfcylkSmwrQh-DZL_S8Pt8apVk436cEOi3iTsHF9lp6Cga1m4zRARiRsG8wEqJMeXob2Sr73O1cdAQjo8FaRWHC0auOQfR6guitvbWGOEOiuhyl2cFe8NhQ-bqdaRUhV9HCeC72lzk3NbdjgBjNeEGZl5vIGrikve0ZrqSwNcRwOQE8mvkOqiVGi0FfkTLq8DUqqawgwrTamesxf9p-ywcAxM0vipI--Qt6S44x2EBEx9Exk8K4x6V9ny5g_Th_I1V0U96F-qPYl5-kx4sx-JBgUWxaXEbulYuAJIUiY3v3MwFhmfhI63dcxN8_2oLHt76Y-vsC4O1x4UaniI6rGs46Xo7Nx9jiSsShGLSyX_STD2OjifypqGlaMLIWWq7QBGiml6lYQbw7e9uwMJKdJc16lH_g4-gPsKdcducedFDbJjTa_kFm6kp-y6dcbF8wL3EDh_uNOkOpS8Q5VFYzemABNfbxBFhYYHn2gSV92H7OusbY0QDa1Mx4JIrttyXKRDXgi-wVsEEoIjVnQT4TlErOb_ud36w0CatdkPmCiEXRDM-gDIY4ZFKO2UEyigLo3u1x0NdZ8y76BM1LL8j5EJbTXTj1LBIY-pCCCErCbw6DEd2cxhcxGMPT7XhQoxErwscN60IRdhEosFZz8PGms1Bh-3xPQWZ-UsEim1q8cOnVZX6UccJJ3yAm6l_UtqME7RVSZKjY6aCmYvXwFdvmMAdYVe4X-ApGQOe1CWfl8j6ekDdhj8QxNYu9KK9TYSCNR10OaCOnqPtY_2T1613FWEt-rnHZBBauePfXGwWya5erTTkYNUNfRK0Wglr0y9uNYHCZr0joINPxW-XZ1w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 3782 0
17 B 25ms
25ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrlmtmkl&c=1052528232148&slotId=526264116074&qqid=CKa-mMae64MDFdkQVQgdEOIDbA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 3782 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 18:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 18:20:56 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5lzner.c.2mdn.net/videoplayback/id/bd2dd5cf8d0ee1ff/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 3782
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/bd2dd5cf8d0ee1ff/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5lzner.c.2mdn.net/videoplayback/id/bd2dd5cf8d0ee1ff/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

89ms
20ms

Fetch
video/mp4

2a00:1450:4001:15::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lzner.c.2mdn.net/videoplayback/id/bd2dd5cf8d0ee1ff/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/61B8050973D201ACF999C55F75F445BD1020CE71.36101DFB71E70B6CAC2F01741A7B180896D71D32/key/cms1/cms_redirect/yes/mh/NP/mip/2001:1b60:2:240:3247::9/mm/42/mn/sn-4g5lzner/ms/onc/mt/1705727890/mv/u/mvi/1/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:15::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 05:31:32 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1693086
Last-Modified: Tue, 28 Nov 2023 14:00:54 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 20 Jan 2024 05:31:32 GMT

Redirect headers

date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5lzner.c.2mdn.net/videoplayback/id/bd2dd5cf8d0ee1ff/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/61B8050973D201ACF999C55F75F445BD1020CE71.36101DFB71E70B6CAC2F01741A7B180896D71D32/key/cms1/cms_redirect/yes/mh/NP/mip/2001:1b60:2:240:3247::9/mm/42/mn/sn-4g5lzner/ms/onc/mt/1705727890/mv/u/mvi/1/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 3782 453 B
478 B 19ms
19ms Image
image/png 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-8847092362748368

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 06:21:32 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 1230 23 KB
8 KB 20ms
19ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 213036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 18:20:56 GMT
expires: Thu, 16 Jan 2025 18:20:56 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1230 39 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 14:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 14:00:04 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame ECBB 0
127 B 34ms
34ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 20 Jan 2024 05:31:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 206 file.mp4
r1---sn-4g5lzner.c.2mdn.net/videoplayback/id/bd2dd5cf8d0ee1ff/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264692/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 3782 2 MB
2 MB 39ms
19ms Media
video/mp4 2a00:1450:4001:15::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:15::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0c6193ca6cc7b434ad5b6076cc3da05f0781fad9533e555f8c9433cdc6dae259

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 20 Jan 2024 05:31:32 GMT
date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1693085/1693086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1693086
last-modified: Tue, 28 Nov 2023 14:00:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1230 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BTdX7tFqrZYboJuKJ7M8PnqSLYAAAAAA4AeAEAg&bg=!-Pul-7TNAAa8BdJLnAU7ADQBe5WfOAOOVikTG_yyFEkGzpJ8LRogjMMGJQc1GmLArcxIjQT3AwRk68_JIkC-Y0RoC9EmAgAAACdSAAAAAWgBB5kC_61IAfxvRpsfIhm-jxdQyrV20TxaXU2KjdMA4OFNDLh9_RWGhzuTmpCCoIDjNcnzHnD5cPR6nENF_JkOasMDcIbROzpavI7-Awx2pE4l7eF7RkcfiTyATVUbgo9y2lQUXkPa_8_CgLjIKP2fMYo3xZJqpVrNbE8ZdRSRsAcRU05Btm8_ZdnwapprATLRqZOOWLboSwIMym29Jt0I4J9SlKLnQ5frZqSH-iShbaKyuRxn-JfYjYSbMxbJAQpmyAKCijHRAIoFDZBTqhd8cvMK-LkShmF144ch2e0YEaI9WJXDctJnIWH-h7fl4dayXOxxU7X_lYKyPo-FnS6IUe0EMAFiBFEdL3cm2b02ym_5dTQQYJ5VWoPwn0nz4GjOKxd7wzKjw-DHoJ-X4Dyu8eE1Dnn90fTdfz1BmFSS1NeLcXwhncFRzPo0fnmhVT5rClC8UzjnCMKfso_FRULArIqIp061rqpMPEAH_qGz4lfWKElCsSbI_K0K5ufD6Dd0Sbo7RoL9HoVCTFhwiM0v3P-YXtWWYHgaqKMZhb828RQigaCo8QITWykA-I9JEj-acgOsWdR3ze1NHyQENzeUv3OIv4aPe_KUpara1kFrJ9y5LhhU8sUOKFZIBo3ALkOYF6Dou0zZ7cSx8fsUrurs7DX2znk_61zwZweJLAZcXDgZbuJUdBt-7Zggrw-s6Z5usYuYFY2JGViNUnv23Y0Bl_W6XPVmVJszAJfszhsbzOul-CGSMJlntHmzZxUX0jhWYbMX1xjsh6u8B6JxqPB6PRLjLmFRGIJw5c_BzGtIkedGWqoN1IpG7AmaPKoJwiKadu3WacMGI48plkPcCnUprw9W2w2d6ti0_0haRN__GA2IIwOyQA3W2OIoplXXKDEv4TAgdUGsn5TdubdYHVj8Gcvfph1FnB7sFgmazUsaUeSXQOKaQ3wH4jf6_vKQdeBrdwM03UWqF7vpPCE0Ry68XDaJPOFE1vVVBoBJvBnf0gIA080akP1J7shdpqobvDeIS_Gn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=3307973028482334&bg=!MTKlMn3NAAa8BdJLnAU7ADQBe5WfOMEZlJ27IVmgGLewI5HonjGy68v095E7LJLAnT1PbmO-SOkjNf5tjdfZZazvdTGYAgAAAG1SAAAAAWgBB5kC1ocUpCUYSrEW2qQDAKX7Kevx-zpythUBCssVeRSJW-dsTf-v_wmUbJ1XgcjXf3pCbEdKrAOVw_an9ayx_5fzFtpXfBJyrO9Tm_c99Nqp8E2Kt-eGyvH4X_8u9LdtG_HM4_sCg5_Gw8OyE7c-viZvpyAMtk9f9D4CATLQLe2DwToWb0klI7RYFLV-NCQax0K5MxGqq7VRxEz7LFjLujUaBppXQnbyhs7AYpUj7ukxmOjvNOXTC5oYrd70OMLXeydsepJFdMQV84UshcXGTgsPDnw1klkKpgMKekb3tnhEdCCzjxkbpuX_-M9QKvLNeHpg9Uc5lTmGOtzlKq9IXqq6B5NDkbFIusEk80-PNxbfFHUxn4Pwtl-ne-iM8oGkcecKv56_MuLACQ5UA4ByI8BQfOPYOVG-dFG5DKLkQUhGmk3nVWC-mMnaJyt7eAcH0qhlXFXFTTTQOFNDdUVR-yIhOh_N59ksau9tonEPG8hHIA2EQUf98wGaCvKuFDR55XmaofEBpliiONw09jxTM9-zAxJNASon0I1j2T5b-DRi5UZ-KTedPtMggCTr3hTQYBGBGIN1Eg0p3uEcMPrGYDlqM7ICdy1bfeTwvZ_NuZqXFohC_ZdsnpfEAnxfeC_3bjG6H2xS0ua5kqUBm_DqONrUfWLa97QsiOq2lGj38CY_HG9G0i8QQqZmOTxgtgSqFhJqQMqDVx8MaUgEppnQgGCVVjDYq2R8Gq1_igBLQ0CgcaamIpxkof4mdid_5xAE4jSiOk9qr3cgODEOoUODgK5t_y04jVtRTspmNeJWQFXBg02mcH6n5KbwU5EY_9Cc_TtQaDVegecj916Eqhyc-fr-pJCxhuFGSm7nFWJJbXIshfYuCLRJO2JkwHlEI5D4nA5WZpCpKu6AFPDYdV2POQu8lfH3YUhLBKfIOjbcyx8VWSGb4wgO3Wm5KaPOu7cAlw4jNqr7B9daFg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://facebook.lojaseofertas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame BA3B 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BA3B 8 KB
750 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 05:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 05:05:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 05:31:32 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame BA3B 15 KB
3 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 15:10:12 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame BA3B 378 KB
131 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 15:10:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame BA3B 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BA3B 0
0 28ms
28ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMcQR2gYIzvitadDy2tz91LNzJw9XVYItHFz3XhL8TC8_3WRjsMkh1d5JrXVWqfniphuU6RwsjQljx4otNm3q0WHhcRQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame BA3B 0
17 B 26ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrlmtmue&c=6285911436530&slotId=3142955718265&qqid=CKm5t8ae64MDFZMdVQgdZ0UD1Q&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA3B 15 KB
16 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 14:18:08 GMT
x-content-type-options: nosniff
age: 227604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 14:18:08 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA3B 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:13:53 GMT
x-content-type-options: nosniff
age: 271059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:13:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BA3B 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C1phttFqrZamPI5O71PIP54qNqA3f1NG3deL3zdqdErHR_d8FEAEgkLCHE2CVgoCAsAfIAQWpAp2Ka-hlSLI-qAMByAObhICABKoE_AFP0INKnLVDb8zdaNbtS1_fsLZvm6L53EOtXJbuktHnBsZrfr2FSRH7XIftTFT6XE23N7Cdim1pH8WW2_LPybu8adqYpSs-ZhCsfYRQPqcoWi6tF0xiu9OtsSU3JWZYSkvSstMuf2UlYkeqTB7O3BfXc5S45POV3-hV5VnFOlHHMGV9wr-NQZkXIBRuMY0aAOyRHBQj129Nc4tsdFCarg78JjKnLdzr5oyxqZCaR0yBkpZaCf8WUWhGEdR8fiZTVJfhhLmIVuzeu_13LJGoaaY4uj4NLxvz0EnAOuOLmYwkkrBgc1XEm7HQri0iOVklS5XTHqTLXF_UYhiUmbXABI-RxbPQBOAEA4gFztL8xk2QBgGgBnaAB_y3qowFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYvJO3xp7rgwOACgHICwHgCwGADAGqDQJERbATqvqwFsgTruTm4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1705728692976&ai=C1phttFqrZamPI5O71PIP54qNqA3f1NG3deL3zdqdErHR_d8FEAEgkLCHE2CVgoCAsAfIAQWpAp2Ka-hlSLI-qAMByAObhICABKoE_AFP0INKnLVDb8zdaNbtS1_fsLZvm6L53EOtXJbuktHnBsZrfr2FSRH7XIftTFT6XE23N7Cdim1pH8WW2_LPybu8adqYpSs-ZhCsfYRQPqcoWi6tF0xiu9OtsSU3JWZYSkvSstMuf2UlYkeqTB7O3BfXc5S45POV3-hV5VnFOlHHMGV9wr-NQZkXIBRuMY0aAOyRHBQj129Nc4tsdFCarg78JjKnLdzr5oyxqZCaR0yBkpZaCf8WUWhGEdR8fiZTVJfhhLmIVuzeu_13LJGoaaY4uj4NLxvz0EnAOuOLmYwkkrBgc1XEm7HQri0iOVklS5XTHqTLXF_UYhiUmbXABI-RxbPQBOAEA4gFztL8xk2QBgGgBnaAB_y3qowFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYvJO3xp7rgwOACgHICwHgCwGADAGqDQJERbATqvqwFsgTruTm4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame BA3B 0
17 B 25ms
25ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrlmtmup&c=6285911436530&slotId=3142955718265&qqid=CKm5t8ae64MDFZMdVQgdZ0UD1Q&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.bw&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame BA3B 31 KB
17 KB 53ms
52ms XHR
text/xml 64.233.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BUSadxtnghhU_b3e3mMfmvVmnFule8VGd-h42B6jMok9g13KZVT3hfHQjmWV2Zs3EZMhSkpto75ZUDwZDGooK_B2YGVA&cry=1&dbm_d=AKAmf-Bzk7XO_8FRmg5FCBhJxjeSKyJ-9DAOtW3pjcMik5TdoVr3fC1Q05K0LzswrLUM7003e9g78yNUnvydYezK2AGDvA0WBRY401IPAHhtEAuYz_SUiwiOXV6Hy7bz7Ur-rpeEV6usJsF5tjEkNQt7YcO1TofJ_rxRAoPw8MIpChMQB9sioElYsGRfKdBG6dblO2yno4ILT8h09D9z6WQDJ1zcFPQp0omarFnz51gpjh39JwRi9Szjo5ujpxdgH1rJF-x3yceklphAgACfiQDK_cADO-hZJ3INDvhqTwn-TOpkO_XZa27mY2xKmcIGVGHv34WgxbUgF4sLYE_nba740q86NSJxYvKw-mPWPfSggfZjlLgKYe_gBFYHId5u6am-3lwdXns4Q9O8MV_JyTSvjhp7z5G3afccemXPMDO1gAfNHlg3wrTcpSkep5UWMH0ZrcQjD888Fty2XWbITVvGGdIcDv9tFamBhwOJVhiyHMludR6rn19aw_c_YZ4w5fQHpY_mbYHOe0VTW8WBDxaaoqAoF51PNLrYzWXP7jf7Jywk3e1Eh8vEHVKXUV21kTozBLJpAcE8cZd9DXrUkQERB7TFZ9WQwtXkbUgG4W3LcMmVMrHZlPQaIU1pmr-wNL3SIWlaEgUahB0MGmUlCrqVBLfD1Iomn4tcwVEZBDVE79Gr1dqNe_9W6SV7-Vuu3Uwxf0AVBDMdUtje0Stton8RoNgrznKsGqrEHYbIoOncixlMJ5OqBgIU2FFXc9CNpwiEtfcs_FkkdPOweEt1KTGEE5VDWsiRY5wCn6RNj0xfnLcImQv28pSStS7Ie2IjFDE0l_7d-GKAjshmRzi-h8Os3empBW1yeicyB29n5PZiqA8vOt9qP55URUTDA-CyoymNq-WRzREukgD82DbbbPfLAghQ8o-tc2Jywx8wBCOD2aQe9kW9rorMhRsIQijPo9cwi4capMk_IHjO6aHf81S-gvitdMA80P5V6LTxS1oLRwzj6dEzIq_nMFpB0CuOV1Cx8E3fiE1VvoKI8v2bVkqUFobn-3xY7hGWgp2AiJqobRnuLAlcLPkUYL75DK6k2AvVw4DTuzfUrTV3fsw69_5od8HAkVJtQTdMvll_KoQhCy1iXRYrft89O1eSoC3MLF0-RfZdm0V-rovyAKr0OMjjz2KiKom_aKv8HJFlwHMny90ql2OpUQV9HdIAK_ur-ORaaoOA--PyeHink9ZzC2kPiGJRKZiTAx3b1FLD-aP-FnOV7ttSDkxt7RGLcbMcA8nvySHKi65c3T3cqj8huqjBL1SATLooCfOzObOvrEXOFDPHir9-Z_6nt0VhEOgBy0pBMx5Bs-iHJEk1JNtNsbIBk223SOg8UptrrMssaYHKy-UHpPvw-Ix53TltoTVz9jYVtQkV4TiXylMnP-UeUgENn60XJk-Ks8QXJ9LG7SfkKnds838B-_2NvT9YExr4CaiofkjMBYZNbJ8n1fksp_P86YfWzb0r4edupxHA-WRTJbNT3ZwEGIqGP5xk07hyTTtv8rjEQllONF99wkZsyxNjm8zI7E09AuTUL-uNoQoF9lI8uHptGOJ17qw3pEHqtESDBPOcf6TNEJgNEOv3yDs3j_48yn9WjwHF5E7TFUUOyZn5xKNpKi2nnfUanmfnl8ZrswJTFajfwu62deK4hVxlGKZhe_q7_PiKl6HYBW_BjlH0L4kHSWNs_dWET_ecZm2-s2cuTmIb4p5nRXFZuU3PYVw_7qMfas5XQLC3hXOZfTg2BGjF93OzxkS0HGffUAMFaKLZZnPLmSZL-0dQpw1SQHGy6lenvTv593l5aw9n3Tam34tSw5OPU5K8OjElLWSAeINxwVvWQQu8v76UsK6lEKHfXnXsAsdk6Aebyn-uWWRfhklqZsG-zZ6xPQiKhaB8YzRBCKqpBdqufDoLSGf9xHR2vr_4xwQhs4KSZ5dx2CScPRnc8AXqykAobT8ZyTYz6SzlXNWg1Hx3ss9IPA8jMkq0bb1KDl766PKcHLfR2-KPjRUT7hcEfRUU-UDJ9rH0AyG5svF68JFX-mdyKwn-dWAJug6fflw60LKMAFnJsgHaJKleGV8Wf1kcjkCF_O_ri0h6QoRIKXMYcOtaxQOL4Ggu38-w9PvN6GBvxg8kTpPZ75g1qXizesHrm0GoBZ7itLdrPLO4IppeE7EwaSH2zbrYYuNG1ZuADesW1CvylDnJvGkjEkjspe_K2KrPvLjbIM91uhk-m9M9eD_lhUp5UjHmq9rrlw74rvFFyATjgZwYfXynOuGyA3GHjNLBW2EJFpLNOoY4LDCLbjStJ88SFm_utyP0iA-C4o07LIaLHAY0Wf-QjKmIoYxFJbzLMJyKJHILFUrS1zC5v-uHnUnceGunk3tBKNXNX23T_Grb8C9r-fNp9jQQV2QsEhqnESUx7s3m6a7hPhCtWsv56XQd0YSNumbtnZVabtlf1qyqXJs-PKvsoBoRh3BHOFXkvflSwjGX_oqNqYEOWmckQN7RIpXT2--tLbbvrD0IQFJeqiYap1V6-56R-EAPwSyegukYbrT8BVQoK4BSTE0oZaZym5V_jU7smsk3iknPVeaNmh-7OeksEiY-x8MwA3hhAQcFrMpxqb8b8qn4RAvIMcH49w_sX-o8VENAKp5CeXZ4JmIjazGnUjqcDlcOfR_ZGCRuwddkQ05svH8WBHGxDUvcpJSNmUhP3Op43gkIqAltH-B6nfa359JXwB1hM8VCzyhwJR-7jmW7a0S8HsQ47Nowds9tWAjBA5A2uXngQplQ7RVYjYI9CGXfeRKUYVdOh9up_W9mI7qK46Kr79u-7k2bDOMMTzhbwa7CvI0wYtm22AZOKh1bYoGqtH4qa9glH6DLjxPi4G2l4vGQHVdsYVjkuf68ww0J9cZaP9ncFJeDc2EomSAyc4szv3DR5mNumXn8KTHCZW9uSS0NLgCI_KFbLLWSuHzgs0aOb7_54NuAlKeKXPcfNcdfdkb043IfbZP1NSNFAJJQQ0nSvoL1snQG8ERGPMetyO6tqWwcgmPjWocZWbRSKlxuTUx1Cy_HX1s0Hx6Epu3_NQSSIBbC1AVgE8gS9KjsoKcvtF_45ffpDPpsusgYma87xKf7vu6wNbBMO3-YtCbxbHqMJq_Nel6ZQWyNvE9NhhQAuUki111bCZ2p7qZq-zJjq6OHEA8Td20S6R_abgzfOYZ9pvQleVVIfarV8nJSZCjGazIS76sfvnBTDtzKrqMs7vp7-VVt-VEZQ_1I208iBfWK0fh4jQ_BQAQMCtjHPclxqI7ltQSEDBBmaA_5aLpP925iXp5Q3ABM3Ppkj2bAuW5DRzGFDdPqa6sVIbI5lCgVd56ddRyFNXCiZaX7bR0w5ldnEu5lYZUKqb78UQuDoe8ft5x1B0biA1i72_f4M_Vo2hotUiM7DPlvhknSB4eKcsJcAN7rv53yg_X1WW5byAFX8er_GUjIFuoavNRKLA&cid=CAQSPAAvHhf__dY1P8kdYn7PgUenbsw9LOIP1sIMGlIkWfSoaJ5i1wUL8BAwcy4E7uTby_iFAWhGV9Hj4YtEkRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f156.1e100.net

Software

cafe /

Resource Hash

19989d0d4b96d2f33f32aac09683a758de519cc9043ed050e3fa0feb75ce121a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17691
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7038 1 KB
643 B 19ms
19ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sat, 20 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BA3B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a17f897bf9994fcb595e95b5be1f1ef7b5fc24ae028c4fdf51ef011752070c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7038
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTh4UEhQa1UxUnIzWDY1&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmRDNBSiLfheekllLy6Ssw692IoiYux_tw2jioaHss-...

170 B
188 B

45ms
44ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTh4UEhQa1UxUnIzWDY1&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmRDNBSiLfheekllLy6Ssw692IoiYux_tw2jioaHss-B5VRD25t2ip2F0lSBYjJirbMXUlz-LPH202EAsWawufqbPmUHPTgXHg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 20 Jan 2024 05:31:32 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-0414fa71e87322d9a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTh4UEhQa1UxUnIzWDY1&google_gid=CAESEHsWRWYt5N56feSxCtdOBwk&google_cver=1&google_push=AXcoOmRDNBSiLfheekllLy6Ssw692IoiYux_tw2jioaHss-B5VRD25t2ip2F0lSBYjJirbMXUlz-LPH202EAsWawufqbPmUHPTgXHg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7038
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGiGCRqVDQQp41nJJowwV1M&google_cver=1&google_push=AXcoOmRxp903_VxJkcYeWumNDG24BLklucoCfTrnRGjwyfuv3Agc6IbtsBHooNxa-EtKk-UJsdgGE3mEgftLFjLL-cwAR72xiUwJ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmRxp903_VxJkcYeWumNDG24BLklucoCfTrnRGjwyfuv3Agc6IbtsBHooNxa-EtKk-UJsdgGE3mEgftLFjL...

170 B
188 B

58ms
58ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmRxp903_VxJkcYeWumNDG24BLklucoCfTrnRGjwyfuv3Agc6IbtsBHooNxa-EtKk-UJsdgGE3mEgftLFjLL-cwAR72xiUwJ

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 20 Jan 2024 05:31:33 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2104DAF613524F338932968EB040C49A&google_push=AXcoOmRxp903_VxJkcYeWumNDG24BLklucoCfTrnRGjwyfuv3Agc6IbtsBHooNxa-EtKk-UJsdgGE3mEgftLFjLL-cwAR72xiUwJ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 19 Jan 2024 05:31:33 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 7038 43 B
362 B 26ms
26ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR3Z3bpjEMN4Bl6Yu3JZ0Wf0x-htFPPflSZVnPaQp1PKyxSlkPivXPjWtDLVGJL2l3u8uJ-10GXhc0NSI_XoWQerJvsFebqAA&google_gid=CAESEBfDOHUI1wpHs7hQ3X2VOdM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:32 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 257644
expires: Sat, 20 Jan 2024 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7038 0
12 B 28ms
27ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JA-xRcjYzvkUH8kSr71RpqVciLapg81pIBJ2KGzR_vMQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BA3B 0
0 54ms
53ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnSQxtFqrZamPI5O71PIP54qNqA3f1NG3deL3zdqdErHR_d8FEAEgkLCHE2CVgoCAsAfIAQWpAp2Ka-hlSLI-qAMBqgT5AU_Qg0qctUNvzN1o1u1LX9-wtm-bovncQ61clu6S0ecGxmt-vYVJEftch-1MVPpcTbc3sJ2KbWkfxZbb8s_Ju7xp2pilKz5mEKx9hFA-pyhaLq0XTGK7062xJTclZlhKS9Ky0y5_ZSViR6pMHs7cF9dzlLjk85Xf6FXlWcU6UccwZX3Cv41BmRcgFG4xjRoA7JEcFCPXb01zi2x0UJquDvwmMqct3OvmjLGpkJpHTIGSlloJ_xZRaEYRjH3s6MDO6nN9KhBdaUbXDZ15Y0IEfL7U5KNGPvlzQ-kif11r2dZaeU9dTWBiL750iegWdT2wM1MVIaazIZEUecAEj5HFs9AE4AQDiAXO0vzGTZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH_LeqjAWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCzyBcY8dPE-gHSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLyTt8ae64MDgAoByAsBsBOq-rAWyBOu5ObjA9ATANgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi04ODQ3MDkyMzYyNzQ4MzY4GADoFwU&sigh=RvzeVMz0D8Q&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf__dY1P8kdYn7PgUenbsw9LOIP1sIMGlIkWfSoaJ5i1wUL8BAwcy4E7uTby_iFAWhGV9Hj4YtEkRgB&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=1989054176&adf=4136276705&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728692&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728692548&bpp=1&bdt=2354&idt=0&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De0304ef317d56178%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA&gpic=UID%3D00000d44443ea429%3AT%3D1705728690%3ART%3D1705728690%3AS%3DALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g&prev_fmts=0x0%2C770x280%2C336x280%2C770x280%2C336x280%2C336x280&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&psts=AOrYGsmH6TIujXjV6h_409IFmqCzVqjPoCteQUaBwejGnWYwICAFSlxCryGTW3E7076wYCIF9qqnyrT7mqZoutdxeLkoFTNB%2CAOrYGskyuoO6i2-yEwVCnkPLA3CC7BAwxs-6x_Qh6jB2auMSktunNR1-uCiNIs3xfjBhU945zlSiDdZ1mClXrg%2CAOrYGslwZlaUnz87pk3gTZynssTWeH5gqkrYgDRBa18Lw0LkDz8dbnnwcvOL1-IT-E0t4zI0AC6_5gE--SFLtnTp0X28lrON&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=2
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 05:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 csi
csi.gstatic.com/ Frame BA3B 0
17 B 25ms
25ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrlmtmur&c=6285911436530&slotId=3142955718265&qqid=CKm5t8ae64MDFZMdVQgdZ0UD1Q&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame BA3B 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 18:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 18:20:56 GMT

HEAD
H3

200

file.mp4
r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame BA3B
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264693/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264693/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

19ms
19ms

Fetch
video/mp4

2a00:1450:4001:11::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/50D4FA9761534398F9799DCA7D4BAB3C9E30689F.79697CE948A2924C3F047DCA268CAAE925FB0359/key/cms1/cms_redirect/yes/mh/SX/mip/2001:1b60:2:240:3247::9/mm/42/mn/sn-4g5lznez/ms/onc/mt/1705727890/mv/u/mvi/1/pl/29/file/file.mp4

Protocol

Server

2a00:1450:4001:11::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

client-protocol: quic
date: Sat, 20 Jan 2024 05:31:33 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
content-length: 2854551
last-modified: Fri, 13 Oct 2023 15:49:08 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: null
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: null
expires: Sat, 20 Jan 2024 05:31:33 GMT

Redirect headers

date: Sat, 20 Jan 2024 05:31:33 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/50D4FA9761534398F9799DCA7D4BAB3C9E30689F.79697CE948A2924C3F047DCA268CAAE925FB0359/key/cms1/cms_redirect/yes/mh/SX/mip/2001:1b60:2:240:3247::9/mm/42/mn/sn-4g5lznez/ms/onc/mt/1705727890/mv/u/mvi/1/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame BA3B 453 B
478 B 18ms
18ms Image
image/png 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-8847092362748368

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:31:32 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 06:21:32 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame B7FD 23 KB
8 KB 20ms
19ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 213037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 18:20:56 GMT
expires: Thu, 16 Jan 2025 18:20:56 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 206 file.mp4
r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame BA3B 1 MB
0 19ms
18ms Media
video/mp4 2a00:1450:4001:11::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/d81c4ed72c881b10/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737264693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/50D4FA9761534398F9799DCA7D4BAB3C9E30689F.79697CE948A2924C3F047DCA268CAAE925FB0359/key/cms1/cms_redirect/yes/mh/SX/mip/2001:1b60:2:240:3247::9/mm/42/mn/sn-4g5lznez/ms/onc/mt/1705727890/mv/u/mvi/1/pl/29/file/file.mp4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:11::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 20 Jan 2024 05:31:33 GMT
date: Sat, 20 Jan 2024 05:31:33 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2854550/2854551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2854551
last-modified: Fri, 13 Oct 2023 15:49:08 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame B7FD 50 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 217249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 17:10:44 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 13E7 0
17 B 26ms
25ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrlmtm6v&c=4052042774618&slotId=2026021387309&qqid=CM_a7cWe64MDFf8DVQgdcKcCoA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2076&mt=video%2Fmp4&vs=576x1024&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.li~atrd.lk~vil.t7&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7FD 0
20 B 100ms
100ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B_hdHtFqrZaH8PMnF9fgPkoKn6AUAAAAAOAHgBAI&bg=!BwSlBEvNAAZVxkGXdcY7ADQBe5WfOGbpB052v9xDgX46Om-5w0T5Nh9oVv5R99Yv2Q9NeWtEvntAlkQLCCJ28ytyZ8EQAgAAADhSAAAAAWgBB5kC46GxJkgjhK8S31qbo_F4j0_dnz9dDomyLqZn-eO7iHRJwHQ0PvsFyo1xzjywBBM_98bT5nxCOaqEjWbIKXYsoLxOI_XmQxWjV_HNGcKF-XhjcBGj7BXFDJV_oRF4GHSInvY4TwHawyie9FGTQhgFQm9hSwXLncbfA4sISY7PoqoYN2tYuo9uEh5t7t8AoOG1kMRKF3vmuyOdPPFStuqxeKclZtddp3-Eqh_NdjETWYUPeIXhu7d99ZIeCpOzfrAXGTLTRch1vO8o7LyYjUlDjhvDeHT4MRNePnlmaqHQBDFxnP82Vhi2k-B6r1Gy17v7z7s88eeeSCxqbKY019f_foYqkia1w0Thhu_-v5_FKuGL_YDZTuDbBi_XZmmx3WatbPcpaGptmzS9NHEIq6JPnh0L5IjemJ3tabfscMzOSUSTVxDHvRUjrMydCFNVzXxFWfVaOt1eVDec5qXfUAa7B9kgYbYm6Pqun2SVuhJ8ArpTq8Czi5NhF3QMtVXPJSS5meSOQcaYr37IqSSQy2aZYFev-hhE1FREPz8KzFiusxJm0qaghkPMypeDdiO0xhPuVY1F3czqfS46bcTX8PlCfdC7P5TkcLEGPbMITMhH1CR81vV1IM3HedJVNgrVctyGSm2LoGZQzjuqJyb-55Kj7GWSyvLn7h54SI1zoD887-DN7ed4n8Bve6nZu8XfwTU_fI-51rPFBxQ4JM3RZKTLFDvwnsUl8nc2FtqIV0Xc87frTshY5LmOaxMQG0zPGyTN0QAeQURnCwvlBUfnoZcXHWiFAsiun48WkKmIAyJ6EzyO-owsGN2tdAPDQQhNSjS3wg0oChi-dJtugSOaNQhXTkqAaKfBSOjuVZspx4QYYnv1wzwpTPvDIkuHJqfNM4RUpUXGPfVy8hXF9harmqagNl4lgow_a_lB7SFcjWkOMT9lqm9VGjY0Z4IFOb1I-RQt5iIPJEhOi8Aa747Ily_MKflFo1o

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 3782 0
17 B 26ms
25ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrlmtmmi&c=1052528232148&slotId=526264116074&qqid=CKa-mMae64MDFdkQVQgdEOIDbA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2044&mt=video%2Fmp4&vs=576x1024&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.hm~atrd.hn~vil.oh~vfl.q2&ua_e=1&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame BA3B 0
17 B 25ms
25ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrlmtmwd&c=6285911436530&slotId=3142955718265&qqid=CKm5t8ae64MDFZMdVQgdZ0UD1Q&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2076&mt=video%2Fmp4&vs=576x1024&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.dk~atrd.dl~vil.gs&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:31:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lojaseofertas.com/	1970-01-21 03:24:48	Name: _ga_NVYCR0PXBD Value: GS1.1.1705728690.1.0.1705728690.0.0.0
.lojaseofertas.com/	1970-01-21 03:24:48	Name: _ga Value: GA1.1.1631870637.1705728691
.lojaseofertas.com/	1970-01-21 03:10:24	Name: __gads Value: ID=e0304ef317d56178:T=1705728690:RT=1705728690:S=ALNI_MYVICgTeIpurqKTsg7B96_wP4tBVA
.lojaseofertas.com/	1970-01-21 03:10:24	Name: __gpi Value: UID=00000d44443ea429:T=1705728690:RT=1705728690:S=ALNI_MYh1Ie-MkSdLTVmtuWLqsjFfPsr3g
.travelaudience.com/	1970-01-21 03:20:29	Name: _tracker Value: %7B%22UUID%22%3A%226343E121-0D2D-450E-13F7-D77E126BD8D3%22%7D
.ctnsnet.com/	1970-01-21 02:34:24	Name: cid_19288a5629b64003a6b22413395801da Value: 1
.ctnsnet.com/	1970-01-21 02:34:24	Name: gid_CAESEH4bAcT5BHaAFHZ1Y1A1_xU Value: 1
.simpli.fi/	1970-01-21 02:35:51	Name: suid Value: 2104DAF613524F338932968EB040C49A
.casalemedia.com/	1970-01-21 02:34:24	Name: CMID Value: Zatas7IV1h3d1mKpTOQsEAAA
.casalemedia.com/	1970-01-20 19:58:24	Name: CMPS Value: 5264
.casalemedia.com/	1970-01-20 19:58:24	Name: CMPRO Value: 5264
.adform.net/	1970-01-20 18:33:27	Name: C Value: 1
.yahoo.com/	1970-01-21 02:34:46	Name: A3 Value: d=AQABBLNaq2UCEETFrU1hGCSJw9XmXaQsiJYFEgEBAQGsrGW1ZQAAAAAA_eMAAA&S=AQAAAvwy5op9ZSOpDlkaszpDKG4
.adform.net/	1970-01-20 19:15:12	Name: uid Value: 178030862573182801
.everesttech.net/	1970-01-21 02:34:24	Name: everest_g_v2 Value: g_surferid~ZataswAPrEumeQAM
.adnxs.com/	1970-01-20 19:58:24	Name: uuid2 Value: 6335965301251400045
.doubleclick.net/	1970-01-21 03:10:24	Name: IDE Value: AHWqTUn7xZCLY0DoW95qeRg34UvdK3qxKHWHIvCCAl1rmnjjeImtywH4AsBtb7sEipI
.tribalfusion.com/	1970-01-20 19:58:24	Name: ANON_ID Value: anntuJoZdUQdR2Hp9uswmOex5ZaNBdmBwXZdI8ZcU0q9UsuUPl4hsIXacU9aFwt0WMpmIj9NrQGQAqwVZaHLcXBZdgtVie
.quantserve.com/	1970-01-20 19:58:24	Name: d Value: EEsBCQH5KoEA
.quantserve.com/	1970-01-21 03:19:03	Name: mc Value: 65ab5ab3-a50cb-d15de-826ba
.de17a.com/	1970-01-21 02:27:12	Name: guid Value: 1.212298473036952251
.blismedia.com/	1970-01-21 02:34:28	Name: b Value: 65AB5AB46FA343AC525FE7C4BLIS
.doubleclick.net/	1970-01-20 22:08:00	Name: APC Value: AfxxVi61f4OA0_lp61HeH8lr3L9R3JoYUHrC6xD1PTrocfXP5J0deg
.innovid.com/	1970-01-20 19:58:24	Name: uuid Value: 6faa46d6-df5a-46cc-8693-bdfd5b886ed8-20240120 00:31:32
.w55c.net/	1970-01-21 03:20:29	Name: wfivefivec Value: a8xPHPkU1Rr3X65
.adnxs.com/	1970-01-21 03:24:48	Name: XANDR_PANID Value: zwcy4FocmWY6GgE4c6iitAABEiUr2LEhUI8cKFEm-O02VaiFG4J0TYAJCPKonqTIYWi-BdOay8VFm1hkB8p9ZNAUedWGf1MtfGYf1Me1xOo.
.adnxs.com/	1970-01-20 19:58:24	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In>j_I'@!]tau8i_iqf!oN/@E'zz<Z0Q<)iJ%bP6>V(B0<X-(piB9G8D:T`b4vBQ%$mTD._PlZ[C[-kX-Pp_d6
.w55c.net/	1970-01-20 18:32:00	Name: matchgoogle Value: 5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8847092362748368&output=html&h=280&slotname=6451512849&adk=948510642&adf=865389875&pi=t.ma~as.6451512849&w=770&fwrn=4&fwrnh=100&lmt=1705728690&rafmt=1&format=770x280&url=https%3A%2F%2Ffacebook.lojaseofertas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705728690640&bpp=1&bdt=445&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4601774456062&frm=20&pv=1&ga_vid=1631870637.1705728691&ga_sid=1705728691&ga_hid=445602129&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080334%2C31080343%2C31080442%2C95321963%2C95321626%2C95321862%2C95322165&oid=2&pvsid=3307973028482334&tmod=560240132&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=4 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ads.eu.criteo.com
ads.travelaudience.com
ag.innovid.com
bid.g.doubleclick.net
c1.adform.net
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
cse.google.com
csi.gstatic.com
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
facebook.lojaseofertas.com
faebook.com.br
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
ib.adnxs.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r1---sn-4g5lzner.c.2mdn.net
r1---sn-4g5lznez.c.2mdn.net
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s.tribalfusion.com
s0.2mdn.net
static.criteo.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.75.89.75
142.250.184.198
142.250.184.226
151.101.130.49
172.64.151.101
178.250.1.6
178.250.1.9
185.89.210.212
2001:4860:4802:32::3
2001:4860:4802:34::36
213.155.156.165
2606:4700:3034::ac43:c0e9
2606:4700:3036::ac43:d9b9
2606:4700::6810:5614
2606:4700::6812:18ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:11::6
2a00:1450:4001:15::6
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2006
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a02:26f0:3500:11::215:14cb
2a02:fa8:8806:13::1400
2a05:d018:d29:3601:fa46:4bf7:11fd:dd50
2a05:d01c:1d8:8100:c911:5d1a:a3d7:1490
34.96.105.8
35.186.193.173
35.190.0.66
35.204.74.118
37.157.4.28
51.75.86.98
52.57.164.72
52.59.145.139
64.233.167.156
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a0f317e75572a36f8047ae245ac9fe5521da3ca1fa402e9231375f46544f1ed
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb516147c809d5b4449cea5cf85c8a1ed94caa1f711765646ba036702ca9cff
0c6193ca6cc7b434ad5b6076cc3da05f0781fad9533e555f8c9433cdc6dae259
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d23375836805476072d66fa170bd1961bc47867bed4e142a8ab7a494f920166
1067af948a37ab1a2518f29dcc20b3abb85d8079a601c10636a4be67955bad6a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
19989d0d4b96d2f33f32aac09683a758de519cc9043ed050e3fa0feb75ce121a
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e9885e861cf51a45c9fd90bfe03ba077a9e9c7c400b8a7ec14de046f35a296d
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2554b2d61f5b87f9c3b5bcada2a3b571e2e86f1d5c6c6a7238a2ec1e226909e0
2c67eda54105c8a47591a53005af9d16b572f4ddf3915bf5fd23be891795d332
2fd3ec1c9bbd8649a7df803f56aee470fa259abb0a9b70485cd51c9d1bf77a03
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
426bb789e3abd05fae745f32758ded453f1240551c7d6d985565919e6e4ce950
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44d62946386a5e80f46c67bd7bdba8c83b860d0f4f538d70e50f495ea8de35ab
468655f79bd97610119dec1ef6e384a03ddc947fff0890a6cda7fcf9e3f8807a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4f62b8b68eb642cfd17c23cca8f64c72c3a22e21f670a8e31a3ea474f59b95
4dbeca94bb78a777283cb4a1eeb6838169fb325f9c71f0e36486af10aff58785
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
5fe5fa6acfdb9ca111dc0c430e0b4d90c8a22b37f4d87283f3685fd9233f5885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6dc4ea2cba6b644d985fc8fd84682f65bad3df0768d17566907f0b7775b0ac08
6ecd2a103a7260474c3239da5f32a2f7cb999765d9ab12161f3e4abe3906316f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
788098b04b7a83adb2e403f22a56a43ec808448f01a6908d7929d8fbc0a30a32
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7fea219fc2ab637c1327753a83b49690e7573409f552d35f6559123109228170
82274395ae9741732320547050e84cd8ca10510c0afb8cead6eb9172aa891deb
88400116c7d366ff7d2e826d4e33d4ce56ceb60efe3e925bbe82b31081a3868b
8a17f897bf9994fcb595e95b5be1f1ef7b5fc24ae028c4fdf51ef011752070c3
8b87f4587ecce0b96793a2819d2f6dc307a6ec9f389d7ab449abaa746a9c0638
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9737e1f2d8e8394823b95d1c2ed3db1a65efabeb4eaf36b3d35ed053dff921b9
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a48d32f69593281f6bb0dcda7204e155a33813c37f7156ba2ea6069fb08683b4
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba5fdfe04e83b940b02e631badb80b6e7bba4f7dfefe00b214bbfee554bc97dc
bb0cecbef61077520cca7d1a605276c1320ffe8ae314b5eaed5d339cb3cab88b
c063768095e107a4c53ffdc6ddc6dc73fb3b729327359ae1f5e6f835a5188d61
d2221accb209973d909ca64dd061021a44c94e8d3cfcd5e9f1237ab96a677d2e
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d74eb509db76ca0a03c05eeba326e08794176d2776fcf2fe93415c5e9f39e279
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e324770eeeaa4c13e34d76ab58ffea71dfe7e6c47bb763025a23c95b1f60a454
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6cead7689ece39643f370c4b8f069d2a556b2ce5aeda8e970067d4cebcc01f0
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecc86bf1c054e60603fac09e8ebc103435202b9e4c9bd9131fb8714e32dcf13d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f3c2d0a80f66894b792782edb19f37cafabd4c7c31eabd4dca28200e44e24930
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7cdab7c2dd8f9d6576813bb6816663f7902f4cf1ec1a32959b18286f9f3f5cb
f9fe58e66017cc25a666875d8bf8022f2590ef39e5611cbfea15d79ac09cd760
fb445d5cbf02293de2a77a556c11d3a99df7ee1d54f4564addbbad74af6c9a9c

facebook.lojaseofertas.com Open in urlscan Pro 2606:4700:3034::ac43:c0e9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

208 Requests

86 %HTTPS

63 %IPv6

33 Domains

50 Subdomains

39 IPs

9 Countries

4222 kBTransfer

9163 kBSize

28 Cookies

1 Outgoing links

Page URL History

Redirected requests

208 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

facebook.lojaseofertas.com Open in urlscan Pro
2606:4700:3034::ac43:c0e9 Public Scan

Screenshot
Live screenshot

Full Image

208
Requests

86 %
HTTPS

63 %
IPv6

33
Domains

50
Subdomains

39
IPs

9
Countries

4222 kB
Transfer

9163 kB
Size

28
Cookies

208 HTTP transactions
6 data transactions