www.omelete.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.omelete.com.br/
Effective URL:
https://www.omelete.com.br/
Submission: On January 08 via api (January 8th 2024, 3:34:12 pm UTC) from US — Scanned from DE

Summary HTTP 430 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 58 IPs in 10 countries across 58 domains to perform 430 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is www.omelete.com.br.
TLS certificate: Issued by R3 on January 1st 2024. Valid for: 3 months.

This is the only time www.omelete.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 71	179.191.182.65 179.191.182.65	52580 (Azion Tec...) (Azion Technologies Ltda.)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
49	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	18.173.154.21 18.173.154.21	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	18.173.154.83 18.173.154.83	16509 (AMAZON-02) (AMAZON-02)
1 9	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
5	2.23.209.44 2.23.209.44	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	99.84.88.91 99.84.88.91	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 10	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	108.138.37.209 108.138.37.209	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:cf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3033::ac43:9fa2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	185.86.139.96 185.86.139.96	201081 (SMARTADSE...) (SMARTADSERVER)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
2 5	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	108.138.36.122 108.138.36.122	16509 (AMAZON-02) (AMAZON-02)
1	18.173.159.32 18.173.159.32	16509 (AMAZON-02) (AMAZON-02)
6	162.19.96.35 162.19.96.35	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
15 50	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	95.101.148.198 95.101.148.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3033::6815:325a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
73	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 13	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
6 10	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	2a05:d018:d29... 2a05:d018:d29:3605:c0d2:1e6b:33e4:3d3e	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
3 3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	52.28.181.94 52.28.181.94	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3	3.122.48.206 3.122.48.206	16509 (AMAZON-02) (AMAZON-02)
6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	34.254.59.108 34.254.59.108	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:237... 2600:9000:237d:2800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	81.17.55.108 81.17.55.108	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4 4	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1 1	35.214.181.122 35.214.181.122	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.55.83.73 162.55.83.73	24940 (HETZNER-AS) (HETZNER-AS)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
12	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
2	167.235.39.43 167.235.39.43	24940 (HETZNER-AS) (HETZNER-AS)
4	2600:9000:26d... 2600:9000:26db:ac00:15:157b:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.100 108.138.36.100	16509 (AMAZON-02) (AMAZON-02)
1	35.208.216.174 35.208.216.174	19527 (GOOGLE-2) (GOOGLE-2)
430	58

71 179.191.182.65 (Offenbach, Germany) 1 redirects

ASN52580 (Azion Technologies Ltda., BR)

www.omelete.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ome.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.ome.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-21.muc50.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-83.muc50.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.32.185.35 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.23.209.44 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-44.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-91.muc50.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.37.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-37-209.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-122.muc50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.159.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-159-32.muc50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.19.96.35 (France)

ASN16276 (OVH, FR)
PTR: haproxy03.cl13.ovh.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
marfeelexperimentsexperienceengine.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 142.250.185.226 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.198 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-198.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)

experiences.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.181.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.64.151.101 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:d29:3605:c0d2:1e6b:33e4:3d3e (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.86.98 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.181.94 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-181-94.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.48.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-48-206.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.254.59.108 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-59-108.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:2800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.17.55.108 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.29 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.181.122 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 122.181.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.83.73 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.73.83.55.162.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.233.6 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.39.43 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.43.39.235.167.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:26db:ac00:15:157b:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

img01.ztat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-100.muc50.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	googlesyndication.com ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	470 KB
77	doubleclick.net 17 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 ad.doubleclick.net — Cisco Umbrella Rank: 199	424 KB
73	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	1 MB
69	ome.lt cdn.ome.lt analytics.ome.lt	2 MB
16	revjet.com ads.revjet.com — Cisco Umbrella Rank: 8504 cdn.revjet.com — Cisco Umbrella Rank: 8224 pix.revjet.com — Cisco Umbrella Rank: 7200	680 KB
13	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6	2 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796	7 KB
10	teads.tv 1 redirects a.teads.tv — Cisco Umbrella Rank: 1674 at.teads.tv — Cisco Umbrella Rank: 5198 sync.teads.tv — Cisco Umbrella Rank: 2019	5 KB
9	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 2047 ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167	4 KB
7	openx.net us-u.openx.net — Cisco Umbrella Rank: 930 rtb.openx.net — Cisco Umbrella Rank: 1007	1 KB
7	yahoo.com 5 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418 ups.analytics.yahoo.com — Cisco Umbrella Rank: 505 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819	3 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	79 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	387 KB
6	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 45211 usr.navdmp.com — Cisco Umbrella Rank: 50426 cdn.navdmp.com — Cisco Umbrella Rank: 33736 sync2.navdmp.com — Cisco Umbrella Rank: 78647 sync.navdmp.com — Cisco Umbrella Rank: 41196	6 KB
5	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 7834	2 KB
5	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	11 KB
5	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 10258 marfeelexperimentsexperienceengine.mrf.io — Cisco Umbrella Rank: 46663 experiences.mrf.io — Cisco Umbrella Rank: 12895	65 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 359 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925 aax.amazon-adsystem.com — Cisco Umbrella Rank: 464	75 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 818	142 KB
4	ztat.net img01.ztat.net — Cisco Umbrella Rank: 28362	52 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 1001	3 KB
4	onetag-sys.com 4 redirects onetag-sys.com — Cisco Umbrella Rank: 1105	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 4002	689 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	158 KB
3	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 998	1 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 590	436 B
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 731	1 KB
3	criteo.com dis.criteo.com — Cisco Umbrella Rank: 943	1 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1396	1 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	234 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	261 KB
3	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 39247 go.trvdp.com — Cisco Umbrella Rank: 35420 s.trvdp.com — Cisco Umbrella Rank: 30856	148 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 857	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1449 r.turn.com — Cisco Umbrella Rank: 6381	869 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1620	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 7787	647 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 1428	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	69 KB
2	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 791 pixel.rubiconproject.com — Cisco Umbrella Rank: 620	4 KB
2	gstatic.com www.gstatic.com	18 KB
2	omelete.com.br 1 redirects www.omelete.com.br	30 KB
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 29242	605 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399	573 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1348	463 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1467	416 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1035	236 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 65617	608 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 5728	104 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 1215	166 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8834	553 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 3160	623 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1200	724 B
1	t.co t.co — Cisco Umbrella Rank: 751	376 B
1	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 28146	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1184	15 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173	2 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
430	58

	Domain	Requested by
73	s0.2mdn.net	www.omelete.com.br ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com s0.2mdn.net
67	cdn.ome.lt	www.omelete.com.br cdn.ome.lt
50	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
46	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.omelete.com.br ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
27	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.omelete.com.br ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com googleads.g.doubleclick.net
13	ad.doubleclick.net	1 redirects www.omelete.com.br ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com srcdoc
12	cdn.revjet.com	ads.revjet.com srcdoc
10	www.google.com	1 redirects www.omelete.com.br tpc.googlesyndication.com ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
9	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com pagead2.googlesyndication.com
8	sync.teads.tv	1 redirects googleads.g.doubleclick.net ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
7	ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	prg.smartadserver.com	cdn.ome.lt
6	cdnjs.cloudflare.com	s0.2mdn.net
6	us-u.openx.net	googleads.g.doubleclick.net
6	www.googletagservices.com	ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
5	events.newsroom.bi	sdk.mrf.io
5	ib.adnxs.com	2 redirects cdn.ome.lt googleads.g.doubleclick.net
5	analytics.tiktok.com	www.omelete.com.br analytics.tiktok.com
4	img01.ztat.net
4	c1.adform.net	4 redirects
4	onetag-sys.com	4 redirects
4	pr-bh.ybp.yahoo.com	4 redirects
4	www.google.de	www.omelete.com.br
4	connect.facebook.net	www.omelete.com.br connect.facebook.net
3	ap.lijit.com	3 redirects
3	x.bidswitch.net	ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
3	eb2.3lift.com	3 redirects
3	dis.criteo.com	ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
3	sync-tm.everesttech.net	3 redirects
3	sdk.mrf.io	www.omelete.com.br sdk.mrf.io
3	c.amazon-adsystem.com	www.omelete.com.br c.amazon-adsystem.com
3	www.facebook.com	www.omelete.com.br
3	region1.analytics.google.com	www.googletagmanager.com
3	www.googletagmanager.com	www.omelete.com.br www.googletagmanager.com
3	securepubads.g.doubleclick.net	www.omelete.com.br securepubads.g.doubleclick.net
2	pix.revjet.com	srcdoc ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
2	sync.1rx.io	2 redirects
2	ads.revjet.com	ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com ads.revjet.com
2	ssbsync.smartadserver.com	ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
2	pm.w55c.net	2 redirects
2	d5p.de17a.com	2 redirects
2	um.simpli.fi	2 redirects
2	analytics.ome.lt	www.omelete.com.br
2	www.google-analytics.com	www.omelete.com.br www.google-analytics.com
2	ups.analytics.yahoo.com	www.omelete.com.br googleads.g.doubleclick.net
2	www.youtube.com	sdk.mrf.io www.youtube.com
2	tag.navdmp.com	www.omelete.com.br tag.navdmp.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	www.omelete.com.br
2	www.omelete.com.br	1 redirects
1	rt.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	sync.targeting.unrulymedia.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	cms.quantserve.com	ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
1	csync.loopme.me	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	s.ad.smaato.net	ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
1	rtb.openx.net	ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	dclk-match.dotomi.com	ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	experiences.mrf.io	sdk.mrf.io
1	cms.analytics.yahoo.com	1 redirects
1	sync.navdmp.com	www.omelete.com.br
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	www.omelete.com.br
1	cdn.navdmp.com	tag.navdmp.com
1	usr.navdmp.com	tag.navdmp.com
1	marfeelexperimentsexperienceengine.mrf.io	sdk.mrf.io
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	fastlane.rubiconproject.com	cdn.ome.lt
1	analytics.twitter.com	www.omelete.com.br
1	t.co	www.omelete.com.br
1	stg.truvidplayer.com	go.trvdp.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	at.teads.tv	a.teads.tv
1	go.trvdp.com	cnt.trvdp.com
1	cnt.trvdp.com	www.omelete.com.br
1	a.teads.tv	www.omelete.com.br
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
430	87

This site contains links to these domains. Also see Links.

Domain
www.chippu.com.br
www.theenemy.com.br
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
apple.co
www.omeletecompany.com
www.ccxp.com.br
latam.gamescom.global
www.gaules.gg
www.twitch.tv

Subject Issuer	Validity	Valid
*.omelete.com.br R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.ome.lt R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-17` - `2024-01-15`	3 months	crt.sh
*.truvidplayer.com Amazon RSA 2048 M03	`2024-01-07` - `2025-02-03`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
ssl03.cert.cl13.k8s.mrf.io R3	`2023-11-24` - `2024-02-22`	3 months	crt.sh
ssl01.cert.cl13.k8s.mrf.io R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
img01.ztat.net Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://www.omelete.com.br/
Frame ID: 363BB84FAE00D5EF0BFEF0FD098A1AD4
Requests: 151 HTTP requests in this frame

Frame: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8270218FAB75B70305CD251342C0AC8C
Requests: 1 HTTP requests in this frame

Frame: https://experiences.mrf.io/passexperience/dw-check.html?v=6
Frame ID: 14C759FE7847F0DA24511170BBEE0047
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B8BB2E81DB37A0CE2E221980FA2E023E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E67BD7A01C7E36728AC346DA7CCBF5BE
Requests: 2 HTTP requests in this frame

Frame: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1BED7B8263B4DB6AF24E8D7C4D78F638
Requests: 13 HTTP requests in this frame

Frame: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C56AB53CBDBA2BBEE7C27C0FE7F24AAD
Requests: 13 HTTP requests in this frame

Frame: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E5D9120742E82605752A53995AE26831
Requests: 14 HTTP requests in this frame

Frame: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1B76631BD178C3CB3A28A4868EE1DD27
Requests: 14 HTTP requests in this frame

Frame: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6D01CA080EA8797E84F46CDA5F845BF4
Requests: 19 HTTP requests in this frame

Frame: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9457B310B8CB816C3994006CB9D1928C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUudCHA9QE-HyrerOD5Qaj1q-Ce227w4gyt6R8DudD2-fyHGA4cxSNalKfZl8zpu032qMTiCvQ_AOwJwnDrQU5HM9hjdFc5BlzZDinros11UE3IJIdUWx0ToYUYTjyRdMzAEsFZaf--AMTRnZcAMOndkHh2C_uKt5hEnNgr5kXko0XM5_A
Frame ID: 50831E50D7CA01D7CE87374315753D77
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 408B7A9097DE9D453EF08109997716B4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNVKMT2IWI_2JHsA7qaGUJ0CkyCyTf3vG9KNcplBiAZp8RfrPsKh7DP7squ-hf8kiJO-70smaVs6q-Lln03Smbx8XW7sErvijURa6Bo33BCyP-udroAZffNTtpmZMlOdAOlzbXlSu26Jha85yUzDS3U_ujDcJ_87Bh_HBNWiFcqyCgm6swc
Frame ID: C658371947E1F431382F9E61EBFE80FF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B630B514CDB78C5583ACD4EB74890D9F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNV15OtEKTzC8qeYnF_uwdIjy2UjlUbzCY-MiBNbKer8GZm5Zp_jWml4vCCC1MlRMAqM7WFR8P0CCQM46a-0AQhOUntplW5pzN6xT2VsVZbgB-dkEaB8f-4vrQ_umHD3c1N74_3hNZbs13gBzjD28SWo6qI2_vIHWW5CBqFRo2bl9tZiYJg
Frame ID: DBC53945651728D35ED62609652611CC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D4F3431E5BF14ABF2842536C50F54AF7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEPWIy-AEGNih9foBMAE&v=APEucNV8cbqwtztQ0Egctg748Ekl4OyM8jvoID99gULYWwgWeVwCZGivC9twi89B1BvijID7iKPuqwZEm5krO-xPffl2ILKsSGphwe__UKicuHHvJ8dmrapnd4G7pzunPH19GsOkDWezkJTgmxn6CYsCpftaVsoMCXi1GLfbblxH9Pwi46_MjTM
Frame ID: 1B1A6EBA4ED0D600CDBB3BE41BA800FD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B3EA882C434719788977F58E74FBF026
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLLC3d4BMAE&v=APEucNVhYmm_pO_SQlc3hjrlrkibFSBpNcMRQgV9WXYLMbLsY0fMVYAVeILFDT1xTU7KMxNrgah_vpXHm68ZzwfTgOjWX7lkkARYaGV1KBco9K0HB9BD0J5gFXqqAZF7Wu_SJAa_Zt6WkBqvn6kF6unrd_HujrTPWPWZ622-R8WIEs2NerrW7Qw
Frame ID: 8FBB609396D89452A401499C59023A8F
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYi-3DggIwAQ&v=APEucNUbe_sm37T_kWw37YbxrX6DaQXqoNfWpQe_8Xl5jLSm3e4gk2cL5q4cqTrxryrzegCSNm78UYKgnKKHzLADGB28BGtKXAvRlZkkg3Ki3JGYi984ERj3-QHC4wxf_6DirbaYdRmErVGGUPwbfK8Jh5CkR7hiePZcrys-ya73BUgkUJSLSKc
Frame ID: 35ED988CB8DB7D87DF60B9FB0130BAAE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9C73605FA2A33CB2E9B6E4BC993D4CC2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E9AB9CF6B7A40C5C546955D53886FA71
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2D2BA887E56899C94A68C7B31658E4D2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6665A5DCAD4E7CEC330145C0BB12DC2F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9463930A5E3B5B32D59D6EF89E7C6E0A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2491A976282936DDA544B7555EB846C1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
Frame ID: 528D813E662ED662F6ACC5716624926F
Requests: 24 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
Frame ID: C04BB2E7080FA0C1006AEBCB100BF1C3
Requests: 26 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
Frame ID: 024585C2D9E0D815324B5BAAEF9D51F3
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9031F52A07238D49AA520EEFAB6BF2D9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 560C9BE41B899A3C44D9261576D2847E
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
Frame ID: 04F2A85BBDF9D390584D7E9382217EBA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Frame ID: D376EC3C6F429F504EC802CB770700C9
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Omelete

Page URL History Show full URLs

http://www.omelete.com.br/ HTTP 301
https://www.omelete.com.br/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

430
Requests

88 %
HTTPS

36 %
IPv6

58
Domains

87
Subdomains

58
IPs

10
Countries

6368 kB
Transfer

12872 kB
Size

66
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.chippu.com.br/
Title: chippu

Search URL Search Domain Scan URL

URL: https://www.theenemy.com.br/
Title: the enemy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Omelete/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/omelete/

Search URL Search Domain Scan URL

URL: https://twitter.com/omelete

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/omeleteve

Search URL Search Domain Scan URL

URL: https://apple.co/3RgUGcZ
Title: APPLE TV+ POR 7 DIAS GRÁTIS. CONFIRA CONDIÇÕES.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@omeleteve
Title: Omelete no Youtube

Search URL Search Domain Scan URL

URL: https://apple.co/3OVhHiR
Title: 7 dias grátis Assine o Apple TV+ pelo Omelete

Search URL Search Domain Scan URL

URL: https://www.omeletecompany.com/politica-privacidade
Title: Política de privacidade

Search URL Search Domain Scan URL

URL: https://www.ccxp.com.br/

Search URL Search Domain Scan URL

URL: https://latam.gamescom.global/pt/

Search URL Search Domain Scan URL

URL: https://latam.gamescom.global/pt/big-festival/

Search URL Search Domain Scan URL

URL: https://www.gaules.gg/

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/baiano

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.omelete.com.br/ HTTP 301
https://www.omelete.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855068064/?random=426777865&cv=11&fst=1704728042735&bg=ffffff&guid=ON&async=1&gtm=45He4130v867967661&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.omelete.com.br%2F&label=8PwyCNXH4KwDEKCb3ZcD&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20Omelete&value=0&auid=1930156319.1704728043&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=6hWcZem1MpiS-cAPw5GKiAQ&sscte=1&crd=&eitems=ChEIgNfurAYQz7aygIaG7svpARIdAG3mpvt3h5ONo7HlMVqZ6qwZE7SRwdo0VkSQ6AA&pscrd=Ek5DaEFJZ05mdXJBWVFwUHpMNXNYWW9lVTVFaVlBR2pBOFFhRVFpa2IwYUt1SEtfQzVzU1RlNU5vYnhiNzNtT0stVnRLeVJzOFNZQjZpWXcaWENoQUlnTmZ1ckFZUS1NMlM4cVhSbVAxYUVpNEEyLTZYSEt4Z2NLc1RaMDZLQkM1Sng0bTNTV2x2RGM4RXdUVm0yNjlIcXROV0xScGhhTmdqbWcxRktXRDkiEwjp0rnrjs6DAxUYSR4CHcOIAkE HTTP 302
https://www.google.com/pagead/1p-conversion/855068064/?random=426777865&cv=11&fst=1704728042735&bg=ffffff&guid=ON&async=1&gtm=45He4130v867967661&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.omelete.com.br%2F&label=8PwyCNXH4KwDEKCb3ZcD&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20Omelete&value=0&auid=1930156319.1704728043&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05mdXJBWVFwUHpMNXNYWW9lVTVFaVlBR2pBOFFhRVFpa2IwYUt1SEtfQzVzU1RlNU5vYnhiNzNtT0stVnRLeVJzOFNZQjZpWXcaWENoQUlnTmZ1ckFZUS1NMlM4cVhSbVAxYUVpNEEyLTZYSEt4Z2NLc1RaMDZLQkM1Sng0bTNTV2x2RGM4RXdUVm0yNjlIcXROV0xScGhhTmdqbWcxRktXRDkiEwjp0rnrjs6DAxUYSR4CHcOIAkE&is_vtc=1&ocp_id=6hWcZem1MpiS-cAPw5GKiAQ&cid=CAQSGwAvHhf_Tbb1ZuBXRAit3iAqv3jeaFm2xWHWrg&eitems=ChEIgNfurAYQz7aygIaG7svpARIdAG3mpvtM1RhCpJlxG4uAc6_EPYroVJXDfQjqOUo&random=3302184674 HTTP 302
https://www.google.de/pagead/1p-conversion/855068064/?random=426777865&cv=11&fst=1704728042735&bg=ffffff&guid=ON&async=1&gtm=45He4130v867967661&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.omelete.com.br%2F&label=8PwyCNXH4KwDEKCb3ZcD&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20Omelete&value=0&auid=1930156319.1704728043&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05mdXJBWVFwUHpMNXNYWW9lVTVFaVlBR2pBOFFhRVFpa2IwYUt1SEtfQzVzU1RlNU5vYnhiNzNtT0stVnRLeVJzOFNZQjZpWXcaWENoQUlnTmZ1ckFZUS1NMlM4cVhSbVAxYUVpNEEyLTZYSEt4Z2NLc1RaMDZLQkM1Sng0bTNTV2x2RGM4RXdUVm0yNjlIcXROV0xScGhhTmdqbWcxRktXRDkiEwjp0rnrjs6DAxUYSR4CHcOIAkE&is_vtc=1&ocp_id=6hWcZem1MpiS-cAPw5GKiAQ&cid=CAQSGwAvHhf_Tbb1ZuBXRAit3iAqv3jeaFm2xWHWrg&eitems=ChEIgNfurAYQz7aygIaG7svpARIdAG3mpvtM1RhCpJlxG4uAc6_EPYroVJXDfQjqOUo&random=3302184674&ipr=y

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85639111796 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=85639111796&google_gid=CAESEIfesqEQhG2CF2Sq0bauHN4&google_cver=1

Request Chain 130

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=78c5659c-15ec-4e00-8873-45b61e04cdb9

Request Chain 131

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1&C=1

Request Chain 221

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZwV7SLwBtvPfBlGz4u9NgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE-7_YuGoGpr33MCvKsSQQg&google_cver=1

Request Chain 223

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0ODA2NTYwNzY2ODE3OTEyMg%3D%3D

Request Chain 224

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_cver=1&google_push=AXcoOmR8On8rIVcav7LWrGr-fdhao3XjyjISRbg-g-M4UNil1LR51fYyqnpKf5QWo2_44iH8QzreJQj3gSquKb0f4VGZ3ejFkjU2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_push=AXcoOmR8On8rIVcav7LWrGr-fdhao3XjyjISRbg-g-M4UNil1LR51fYyqnpKf5QWo2_44iH8QzreJQj3gSquKb0f4VGZ3ejFkjU2

Request Chain 225

https://um.simpli.fi/gp_match?google_gid=CAESEKQkpTcNgqOGdT4HL9Uq_3Y&google_cver=1&google_push=AXcoOmS-SOkYca4FfVob49FJgkuurtkWEF2ShkjQgldYYSs60PNPRoTiQgKw63u-kC99KHmjb0Pmx6MLy5TQPukx7QCGi-2SIZu0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EDCF97B43B0D4F4287C16D621E11A14C&google_push=AXcoOmS-SOkYca4FfVob49FJgkuurtkWEF2ShkjQgldYYSs60PNPRoTiQgKw63u-kC99KHmjb0Pmx6MLy5TQPukx7QCGi-2SIZu0

Request Chain 226

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDkp8eIDmcpJt7kBP-fo6ao&google_cver=1&google_push=AXcoOmTJZy56gtuq_K9HVjGVZW7P87pw-pY4Cr_A52X7sURIfdxxoVcJBZ8ScrTAdVZThJOcj-5PPje0R5jAx-FHs_HD0XZNzgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTJZy56gtuq_K9HVjGVZW7P87pw-pY4Cr_A52X7sURIfdxxoVcJBZ8ScrTAdVZThJOcj-5PPje0R5jAx-FHs_HD0XZNzgg&google_hm=eS0udkc2MTJsRTJwRnBNNHJhSi5vMUY4bkxLSEhjYUhZUH5B

Request Chain 227

https://d5p.de17a.com/cookies/google?google_gid=CAESEEpNpQOTDzJoNPepVVTrsoo&google_cver=1&google_push=AXcoOmTjc816w-9qYKbepHJS37_qV0_CuwKrSYsSZlP8vcGjcHq9-ARKQRx28St_d9bqOQWQbFWtddS4Be9H-j_GxHrlsYeE4RE5 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEpNpQOTDzJoNPepVVTrsoo&google_cver=1&google_push=AXcoOmTjc816w-9qYKbepHJS37_qV0_CuwKrSYsSZlP8vcGjcHq9-ARKQRx28St_d9bqOQWQbFWtddS4Be9H-j_GxHrlsYeE4RE5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTjc816w-9qYKbepHJS37_qV0_CuwKrSYsSZlP8vcGjcHq9-ARKQRx28St_d9bqOQWQbFWtddS4Be9H-j_GxHrlsYeE4RE5

Request Chain 229

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENlv-eraKLhMf9Tvh2mc300&google_cver=1&google_push=AXcoOmQvcDI1JihH3e0pVyTKVsUUALM0uxh6vUpxLJ3an6IThqdvt7Q5RF1hHrR2W6y21050wimfg6dna4hKsiVPZ2Yje33fWzo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQvcDI1JihH3e0pVyTKVsUUALM0uxh6vUpxLJ3an6IThqdvt7Q5RF1hHrR2W6y21050wimfg6dna4hKsiVPZ2Yje33fWzo

Request Chain 230

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELpy0Jf9gU8sCxN1vhS822A&google_cver=1&google_push=AXcoOmRGGCv3OeEJ5In03ffq-zBgC8RTtT1oY91tbpZa0zPUvI7l3MAs_PMRw86toSptFGYRs9Lkh1hIXH_CXOypq6SVHn3uVb0 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRGGCv3OeEJ5In03ffq-zBgC8RTtT1oY91tbpZa0zPUvI7l3MAs_PMRw86toSptFGYRs9Lkh1hIXH_CXOypq6SVHn3uVb0&google_gid=CAESELpy0Jf9gU8sCxN1vhS822A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYwNDUyMTk2Nzc5MDA3MDIwNDMx&google_push=AXcoOmRGGCv3OeEJ5In03ffq-zBgC8RTtT1oY91tbpZa0zPUvI7l3MAs_PMRw86toSptFGYRs9Lkh1hIXH_CXOypq6SVHn3uVb0

Request Chain 234

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMCkUUBy7_KCVZFwGzdTiao&google_cver=1&google_push=AXcoOmR9VB6B32hrsETgXScY6rchlboebAaCEFDfjElLs0ozNvkjxzynxeUaWWIZJrgdDxFtrAbLGzEDpOeT5PdjBR6Dyonj4w HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMCkUUBy7_KCVZFwGzdTiao&google_cver=1&google_push=AXcoOmR9VB6B32hrsETgXScY6rchlboebAaCEFDfjElLs0ozNvkjxzynxeUaWWIZJrgdDxFtrAbLGzEDpOeT5PdjBR6Dyonj4w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NU9YSHV6MEUxUm1SREQ1&google_gid=CAESEMCkUUBy7_KCVZFwGzdTiao&google_cver=1&google_push=AXcoOmR9VB6B32hrsETgXScY6rchlboebAaCEFDfjElLs0ozNvkjxzynxeUaWWIZJrgdDxFtrAbLGzEDpOeT5PdjBR6Dyonj4w

Request Chain 235

https://ads.travelaudience.com/google_pixel?google_gid=CAESEF0yaApO-9zkVHJaRisAw2k&google_cver=1&google_push=AXcoOmTSRxZYF2BkabnGTRKfL6FEkxgxsLAh1y7ZQ-uWSJwIfzIWgXAY4qY5g5Bu7y80uH1oAlaOQeBQ_VM4v7yWC8ZNcmuKNZ4 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dsoDugSzS1MkmhWqHGdXlw&google_push=AXcoOmTSRxZYF2BkabnGTRKfL6FEkxgxsLAh1y7ZQ-uWSJwIfzIWgXAY4qY5g5Bu7y80uH1oAlaOQeBQ_VM4v7yWC8ZNcmuKNZ4

Request Chain 236

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDkp8eIDmcpJt7kBP-fo6ao&google_cver=1&google_push=AXcoOmQmLJTp_EBhlmUC431Mc-sZopurPglHvrYn-hl7cd2El1HCy89HTMTDlWF9AOJHkKc7Bd7lFrBQ6nJ8DIjY5b4XF2nM8qg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQmLJTp_EBhlmUC431Mc-sZopurPglHvrYn-hl7cd2El1HCy89HTMTDlWF9AOJHkKc7Bd7lFrBQ6nJ8DIjY5b4XF2nM8qg&google_hm=eS0udkc2MTJsRTJwRnBNNHJhSi5vMUY4bkxLSEhjYUhZUH5B

Request Chain 238

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKaqq-PSs3wAKOWAh-6iN58&google_cver=1&google_push=AXcoOmRa4DJT56Qua7UUwYLeHwjzfqEd5lBpBciBRPBaYgZicfzXV8A1GTw5xpK_LWEnmcL7J6TtAUCpt_W-5wFCVOyGuR64-W0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI1MzI5M1ctQi1CMVVB&google_push=AXcoOmRa4DJT56Qua7UUwYLeHwjzfqEd5lBpBciBRPBaYgZicfzXV8A1GTw5xpK_LWEnmcL7J6TtAUCpt_W-5wFCVOyGuR64-W0

Request Chain 239

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENlv-eraKLhMf9Tvh2mc300&google_cver=1&google_push=AXcoOmQopY-VTU42Hf-EP5xZNkMANZiqI_Pb9XUskytTpaaQviEaulptAXHXEU_V-VE0H2_bSevHtdYjOXvGF3KF5ahtK7TGAsQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQopY-VTU42Hf-EP5xZNkMANZiqI_Pb9XUskytTpaaQviEaulptAXHXEU_V-VE0H2_bSevHtdYjOXvGF3KF5ahtK7TGAsQ

Request Chain 244

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6OvUe9LcvZUxMUDdNUGoo&google_cver=1

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOywS0LVWvn83q1V26PGJrQ&google_cver=1

Request Chain 249

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECwrOyPGmbyhDXRhOg3IQM8&google_cver=1&google_push=AXcoOmR1L8XJ5TVnV0I3z6q6boc-2ygCxwmcCLSqqrS4btf8OQAZ4t1PrfutZF7v--e1qxnQ5mlTNciJT4N2RKLU1z4ksPTyStD4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR1L8XJ5TVnV0I3z6q6boc-2ygCxwmcCLSqqrS4btf8OQAZ4t1PrfutZF7v--e1qxnQ5mlTNciJT4N2RKLU1z4ksPTyStD4&google_hm=1VbbR9maQD-nLtHIVZtybKU

Request Chain 253

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGQRjhhLOkam6kssjFh14yk&google_cver=1&google_push=AXcoOmQWSNNEY5GsTmH1WCpAHUxrho_F7FDQOP3EEVZDGkMALj0cpsYDPUp6CfyberjC-hhxm6M0m57-lJtrqJOKtLSJY61BGeY HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGQRjhhLOkam6kssjFh14yk&google_cver=1&google_push=AXcoOmQWSNNEY5GsTmH1WCpAHUxrho_F7FDQOP3EEVZDGkMALj0cpsYDPUp6CfyberjC-hhxm6M0m57-lJtrqJOKtLSJY61BGeY&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQWSNNEY5GsTmH1WCpAHUxrho_F7FDQOP3EEVZDGkMALj0cpsYDPUp6CfyberjC-hhxm6M0m57-lJtrqJOKtLSJY61BGeY&google_hm=H9SmAGZHqMHyPs4gS72m2wUt

Request Chain 254

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBgMvsTn9gYN7lgIzY4hu5E&google_cver=1&google_push=AXcoOmSNJSKXk7aHmy3u2PyEKZ3xrNwyccBIgq_RVN8BDuaweJWe7fVu4ayDSW0gO9UwZTuXsBHUe7QpkkwnYfq9qjuNJnK5yk7BIw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSNJSKXk7aHmy3u2PyEKZ3xrNwyccBIgq_RVN8BDuaweJWe7fVu4ayDSW0gO9UwZTuXsBHUe7QpkkwnYfq9qjuNJnK5yk7BIw HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 256

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1

Request Chain 257

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZwV7RgvHfPUPZblWppg1QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE-7_YuGoGpr33MCvKsSQQg&google_cver=1

Request Chain 259

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0ODA2NTYwNzY2ODE3OTEyMg%3D%3D

Request Chain 260

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6OvUe9LcvZUxMUDdNUGoo&google_cver=1

Request Chain 262

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOywS0LVWvn83q1V26PGJrQ&google_cver=1

Request Chain 264

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGQVJL7i0Q9MconX4S-QKpU&google_cver=1

Request Chain 267

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6OvUe9LcvZUxMUDdNUGoo&google_cver=1

Request Chain 269

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOywS0LVWvn83q1V26PGJrQ&google_cver=1

Request Chain 275

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_cver=1&google_push=AXcoOmTIE1f-iqdDJFyQdd7C-k6MxFEAb3oJ20qydw8co5jTahaZRiE-7hxckWez0YQ7C0zhvnRVTFwmk_9aTObYn7NFZtv7FWMXyA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_push=AXcoOmTIE1f-iqdDJFyQdd7C-k6MxFEAb3oJ20qydw8co5jTahaZRiE-7hxckWez0YQ7C0zhvnRVTFwmk_9aTObYn7NFZtv7FWMXyA

Request Chain 276

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDkp8eIDmcpJt7kBP-fo6ao&google_cver=1&google_push=AXcoOmTc8ahN-3orfm0NLmLtIjdTRAf3ymeDVcaIQZtpFojziixiQ0TE9SoTnFTHn9DG9BvVjAuCz7ey6jDlFQb5X4-iqBTheQEF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTc8ahN-3orfm0NLmLtIjdTRAf3ymeDVcaIQZtpFojziixiQ0TE9SoTnFTHn9DG9BvVjAuCz7ey6jDlFQb5X4-iqBTheQEF&google_hm=eS0udkc2MTJsRTJwRnBNNHJhSi5vMUY4bkxLSEhjYUhZUH5B

Request Chain 279

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENlv-eraKLhMf9Tvh2mc300&google_cver=1&google_push=AXcoOmSNLTMHD83yjkiS2Sdqg5KM39o3mQVMZniQ8q6HhR0WJwXgvX8syxS5redS7rgrpaLsu5C237SGdvG73zn4YOo-OF47uzd9XQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSNLTMHD83yjkiS2Sdqg5KM39o3mQVMZniQ8q6HhR0WJwXgvX8syxS5redS7rgrpaLsu5C237SGdvG73zn4YOo-OF47uzd9XQ

Request Chain 280

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELpy0Jf9gU8sCxN1vhS822A&google_cver=1&google_push=AXcoOmT_EixH6g-fJb5rVt9oJa-Y5-mS8gFfe-36hjptbskoZwYK-ZP9M8WsLQ1r3rzJhF8cB_xuI3uQhzZYg2id88ANsyU3ks9a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYwNDUyMTk2Nzc5MDA3MDIwNDMx&google_push=AXcoOmT_EixH6g-fJb5rVt9oJa-Y5-mS8gFfe-36hjptbskoZwYK-ZP9M8WsLQ1r3rzJhF8cB_xuI3uQhzZYg2id88ANsyU3ks9a

Request Chain 288

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPHQK7iXcgi-Umkz7VozmNM&google_cver=1&google_push=AXcoOmS1MVF19E9CYoS-3G6WEWmFf5xHtqy0aV9kxaks-0BHgJKBABKtEVeCgxeYVRC4_ZmyAqPCetoL2KOwmhBGPJgxSRjuPNU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAxNTU5MDk0NDU1ODM5NDk4OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPHQK7iXcgi-Umkz7VozmNM&google_cver=1

Request Chain 289

https://um.simpli.fi/gp_match?google_gid=CAESEKQkpTcNgqOGdT4HL9Uq_3Y&google_cver=1&google_push=AXcoOmTxrU56czE2K6Uo0KOB0oD5I-dR14OcIHxI6JDdm56C5DbNCoezo8dYFexqz5M2ff1HCoxQNxVUxrZPXMm0AppQkuLwVt9K HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EDCF97B43B0D4F4287C16D621E11A14C&google_push=AXcoOmTxrU56czE2K6Uo0KOB0oD5I-dR14OcIHxI6JDdm56C5DbNCoezo8dYFexqz5M2ff1HCoxQNxVUxrZPXMm0AppQkuLwVt9K

Request Chain 291

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAH-NN_G8aCEZkQ1g6t0DBw&google_cver=1&google_push=AXcoOmRo5mGy1ej1fs_Z0yK_GNK8-tTECeI0A-iPddxYBYkryLa5j-5YUKOgFgt0PS0uMfH5KxkM09ZFjQ-Fbpc0tahKCYQbdBZp HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAH-NN_G8aCEZkQ1g6t0DBw&google_cver=1&google_push=AXcoOmRo5mGy1ej1fs_Z0yK_GNK8-tTECeI0A-iPddxYBYkryLa5j-5YUKOgFgt0PS0uMfH5KxkM09ZFjQ-Fbpc0tahKCYQbdBZp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg5ODE5Mzk4NTU0NDI1MTA3MQ&google_push=AXcoOmRo5mGy1ej1fs_Z0yK_GNK8-tTECeI0A-iPddxYBYkryLa5j-5YUKOgFgt0PS0uMfH5KxkM09ZFjQ-Fbpc0tahKCYQbdBZp

Request Chain 292

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAH-NN_G8aCEZkQ1g6t0DBw&google_cver=1&google_push=AXcoOmSX6jXSbbqb1pd7H2CqX_DMS7vFcu4IrgTEJuIwx3xJIc8O2YexPetF7JtCQ4-hwpmQPhHnjO9NI6T9lQeUtN4ugxXHBFiT HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAH-NN_G8aCEZkQ1g6t0DBw&google_cver=1&google_push=AXcoOmSX6jXSbbqb1pd7H2CqX_DMS7vFcu4IrgTEJuIwx3xJIc8O2YexPetF7JtCQ4-hwpmQPhHnjO9NI6T9lQeUtN4ugxXHBFiT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI5OTY1NTkwOTk2MDU0MjU4Nw&google_push=AXcoOmSX6jXSbbqb1pd7H2CqX_DMS7vFcu4IrgTEJuIwx3xJIc8O2YexPetF7JtCQ4-hwpmQPhHnjO9NI6T9lQeUtN4ugxXHBFiT

Request Chain 294

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEDuT13nHMKWvJsxJIgZrWhE&google_cver=1&google_push=AXcoOmQOqdvQ1nHz7nmui1ZLEQoLn_Tse_u01wdxShytgzw2AB31mgL-034JJZLQzz9BRRSxgpcOZsSZp3oLrXsy2Xdn69IcHZmrhQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=51f5af31-cda3-41b3-9f75-688af5821c0b&google_cver=1&google_gid=CAESEDuT13nHMKWvJsxJIgZrWhE&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQOqdvQ1nHz7nmui1ZLEQoLn_Tse_u01wdxShytgzw2AB31mgL-034JJZLQzz9BRRSxgpcOZsSZp3oLrXsy2Xdn69IcHZmrhQ&gdpr=${GDPR}

Request Chain 390

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_cver=1&google_push=AXcoOmRZVeCD5zKT81efNb_xJrqNAuHH1axbZDmDVIjf3ngRC8Kpi_R_yLpyMOLYKs0KsVmYxRiMmr0UhmZbWNTENveshM76r-Hh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wlp3VjdRQU01R1kzVWdBTQ==&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_cver=1&google_push=AXcoOmRZVeCD5zKT81efNb_xJrqNAuHH1axbZDmDVIjf3ngRC8Kpi_R_yLpyMOLYKs0KsVmYxRiMmr0UhmZbWNTENveshM76r-Hh

Request Chain 391

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDkp8eIDmcpJt7kBP-fo6ao&google_cver=1&google_push=AXcoOmT8YKcxKiOzVuIm65k8zHQv2aMDNgXDWWdr-9ihrLN4xc_Q2vPqH7Ol2fhxNDd63wvpPkcOywutALHWpyI0jLPi-xQITDBN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT8YKcxKiOzVuIm65k8zHQv2aMDNgXDWWdr-9ihrLN4xc_Q2vPqH7Ol2fhxNDd63wvpPkcOywutALHWpyI0jLPi-xQITDBN&google_hm=eS0udkc2MTJsRTJwRnBNNHJhSi5vMUY4bkxLSEhjYUhZUH5B

Request Chain 392

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIMjkX69mFPHYGQHjLnBbro&google_cver=1&google_push=AXcoOmSqLiqZzSjJh-ceHmDaeDyBpDzhMeiUNYJ4vq86uv2YIcIRpFsn0d3HTgXA5mCSluZg1bhZuzfFgdwUmTd3GH4VWbtJ5u4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIMjkX69mFPHYGQHjLnBbro&google_hm=ZZwV7SLwBtvPfBlGz4u9NgAAFF0AAAAB&google_nid=index&google_push=AXcoOmSqLiqZzSjJh-ceHmDaeDyBpDzhMeiUNYJ4vq86uv2YIcIRpFsn0d3HTgXA5mCSluZg1bhZuzfFgdwUmTd3GH4VWbtJ5u4

Request Chain 393

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGQRjhhLOkam6kssjFh14yk&google_cver=1&google_push=AXcoOmTc8Ts2IFkWszsvivljIsW1T0b9D8ZFCgaIGqAG2h8SMKxOzq7dAMyYJkio6wwIME0iZLAy_-gIEr0Dg5x9ssASUkvEhkY HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTc8Ts2IFkWszsvivljIsW1T0b9D8ZFCgaIGqAG2h8SMKxOzq7dAMyYJkio6wwIME0iZLAy_-gIEr0Dg5x9ssASUkvEhkY&google_hm=H9SmAGZHqMHyPs4gS72m2wUt

Request Chain 394

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENlv-eraKLhMf9Tvh2mc300&google_cver=1&google_push=AXcoOmT2-0DW9nHbGyxoSmOi2aPQ2HeNjZA9mADA5ewJOddeDD3f7_Aq5LWIfNPmIWeOWI_yQYvFWX4JM0MNmsuYG9meiUBzA7wr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT2-0DW9nHbGyxoSmOi2aPQ2HeNjZA9mADA5ewJOddeDD3f7_Aq5LWIfNPmIWeOWI_yQYvFWX4JM0MNmsuYG9meiUBzA7wr

Request Chain 395

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDKtCcMT5AmAtB457BHoLfM&google_cver=1&google_push=AXcoOmQTrkhhG6jsvTw9T8wwOOLz5bwypmPOHh3I4jr9Yd69gcYtDxZnu91ZkXlqR5PJkjQcHElSjRr5Fr0grp8qewIAwenmEWQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQTrkhhG6jsvTw9T8wwOOLz5bwypmPOHh3I4jr9Yd69gcYtDxZnu91ZkXlqR5PJkjQcHElSjRr5Fr0grp8qewIAwenmEWQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1704728046160 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-22e96ade-5b9a-488c-8a0e-14a0ab3dc6d7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQTrkhhG6jsvTw9T8wwOOLz5bwypmPOHh3I4jr9Yd69gcYtDxZnu91ZkXlqR5PJkjQcHElSjRr5Fr0grp8qewIAwenmEWQ%26google_hm%3DAyLpat5bmkiMig4UoKs9xtc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQTrkhhG6jsvTw9T8wwOOLz5bwypmPOHh3I4jr9Yd69gcYtDxZnu91ZkXlqR5PJkjQcHElSjRr5Fr0grp8qewIAwenmEWQ&google_hm=AyLpat5bmkiMig4UoKs9xtc

Request Chain 414

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704728046237 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_pre=CNrDju2OzoMDFUr0EQgdTF8FyQ;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704728046237

430 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.omelete.com.br/
Redirect Chain

http://www.omelete.com.br/
https://www.omelete.com.br/

154 KB
29 KB

589ms
429ms

Document
text/html

179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 1488093f4f9826c032c96c9d7c6bef5cff310c3fd277b93ecbced2ae353c6d97

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: http://dev.tribotomajor.com.br
cache-control: max-age=30
content-encoding: gzip
content-length: 29880
content-type: text/html; charset=utf-8
date: Mon, 08 Jan 2024 15:34:02 GMT
expires: Mon, 08 Jan 2024 15:34:32 GMT
server: nginx/1.12.1
vary: Origin

Redirect headers

Cache-Control: max-age=30
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 08 Jan 2024 15:34:01 GMT
Expires: Mon, 08 Jan 2024 15:34:31 GMT
Location: https://www.omelete.com.br/
Server: azion webserver

GET
H2 200 UniNeueRegular-Italic.woff2
cdn.ome.lt/static/omelete/css/fonts/ 36 KB
36 KB 1064ms
26ms Font
binary/octet-stream 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/css/fonts/UniNeueRegular-Italic.woff2
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ebd3757400943fcbea840e4958aba933c76c7cb5238f640daab079a51cfa9fa

Request headers

Referer: https://www.omelete.com.br/
Origin: https://www.omelete.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
last-modified: Tue, 12 Sep 2023 15:11:24 GMT
server: AmazonS3
x-amz-request-id: 848X8XCFCHD4K59P
etag: "06330c36ff8c865d70635569ae2949c6"
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 36880
x-amz-id-2: LLZeR5v4GeJdo7XP16JvEqH8FbSPFCaTC/YBQndY8evbEGbWyXBErGkaRTM+QaMPg+HJmTH538o=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 UniNeueHeavy.woff2
cdn.ome.lt/static/omelete/css/fonts/ 35 KB
35 KB 1077ms
39ms Font
binary/octet-stream 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/css/fonts/UniNeueHeavy.woff2
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f89aa233585a1c9dbff4be7af8b01097de04e4f1465a1e923a8baad16f020097

Request headers

Referer: https://www.omelete.com.br/
Origin: https://www.omelete.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
last-modified: Tue, 12 Sep 2023 15:11:24 GMT
server: AmazonS3
x-amz-request-id: 2DBYJWC6ABF865Y9
etag: "a7906f008b7329fd2ba2d9187f0d4656"
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 35476
x-amz-id-2: e2ibBqkQUSmZzyyYi3MfIoxPWNVNC5iCNM7BvjaGg2rUtkLa5VQtLzk54ZLywD59QeE9nGI/hY9XALD7On+j4Q==
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 omelete_logo.svg
cdn.ome.lt/static/omelete/img/ 2 KB
1 KB 1062ms
25ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/omelete_logo.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eee87e2cdd1327491bdfede2706365f058aa671d980d78a0981d5041c47cb62c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: X6J895SZKNCTR412
etag: W/"dab695c1ae09d9e6dcd9c3308d6d14a7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: BDBNILwzaRYX5dmI3/fsiv1PMM53Z/xiILpNS3M057OWeGQwQOFnP8xgmw9PdBpF6Et696R4gpY=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 loading.svg
cdn.ome.lt/static/omelete/img/ 873 B
793 B 46ms
45ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/loading.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 059e2c7b3433933e04e1d05e2c72aadf3dfc27fa0d5283610f6bcb7d01990b54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848HJEWZ4GEYRSPQ
etag: W/"ee06e9568d6b09b87f057249c2553192"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: FqG+LUjjY0214TavvjAFp6/Sk5IGN18Yu3yTBiqclsFvdz4D+T6xG3mcwidmUxy4bZ+rxncElXGeNeJxrjr+l/h3wqeGC/MFpPb4GcdHFr4=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 97ms
23ms Script
text/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date: Mon, 08 Jan 2024 15:34:02 GMT
content-encoding: br
last-modified: Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id: NQXE11X5K8H8AYEK
etag: "ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3418
x-amz-id-2: jdtuVk7eGo46a+WmTzRlvYujzFiLhXywO2mCBLWv/7FJbfBJdKJ1pUw5yufRYL5B6NXXMm6UeC4=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 126ms
76ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c147a771edf73103fca6b7d3d0a738ea2435500d4d9b6f3c34529e0c27aba621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29026
x-xss-protection: 0
server: cafe
etag: 651 / 19730 / m202401020101 / config-hash: 14526931567537324104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:34:02 GMT

GET
H2 200 main-routine.min.js Show response
cdn.ome.lt/static/omelete/js/advertisement/ 21 KB
5 KB 47ms
46ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/advertisement/main-routine.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f63d9178fd9b2960a8e65c86aa989b67c2f577d3c7720028f857c6ef1934ff18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: Q0XVHSQTKD2BM1VB
etag: W/"3253ae825819b73410785ab89e1b3b97"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: tyC9DpBYU9PS7lnXaWscc7DuK23ZxR0DcNVHa3QCC8qt80tUpicVhsFFbvn3snceriGVe8cfRps=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 reset-slots.min.js Show response
cdn.ome.lt/static/omelete/js/advertisement/ 3 KB
2 KB 48ms
47ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/advertisement/reset-slots.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e77cb34731d746d00dfc8b46d6e5ae90c32c5a885e3ee6faa4a3cbc80d51a21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: Q0XKKQRRQPXDMNZT
etag: W/"d0dc63c1aa698a117563f4d181f05a09"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: TOKV6QO5wImGnr/kCAqCjr6bUGqdzYVSAr/aOms7lYn8MozMS5dsLkZHYscTlIQv3J5bRgfOIwx2qYjsue/JzJLzVyFjEEJg97Q9LyyFUkc=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 fontello.css
cdn.ome.lt/static/omelete/css/vendor/ 2 KB
989 B 1061ms
24ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/css/vendor/fontello.css?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 338fa690162b4c45bb63092b1d12ecf55ed1a3fdd73f07080807ebf971621a74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:40 GMT
server: AmazonS3
x-amz-request-id: 0TG52QWXEK3X70BZ
etag: W/"db2260777aeb6c28e7c8cf72b7687bd2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: CzJsTp27CVcqscMd9cB4ONLwzyGR0fLMoDVXscqwEO2sdLZX//wJP7Img1Ag+PZzxN5YAqCbBvw=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 swiper.min.css
cdn.ome.lt/static/omelete/css/vendor/ 19 KB
4 KB 1060ms
23ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/css/vendor/swiper.min.css?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c161dae3ec1c4a337b2531ea815565f6a2dc7bc787aaa074490ac483274371c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:40 GMT
server: AmazonS3
x-amz-request-id: 0TGC1R7XTYXM8C86
etag: W/"1a1424b0f9a102a7c2bbc06871d4e4f9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: KI4/7KRwKr9Gjjs6e1l9PPHhQSWUBJSK8NjXH7wmXEHhbbkTlU96iPwkY3nW0lrul4X7Px/1uR8=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 index.min.css
cdn.ome.lt/static/omelete/css/ 102 KB
23 KB 1059ms
21ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/css/index.min.css?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff340b47638e30d37db826972047c55485cf37ae6ff6b93e0924131fcb4ff090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:40 GMT
server: AmazonS3
x-amz-request-id: 0TG0R8ACKHBXHY4X
etag: W/"55094ee8e16b346c3b11e4c262b4010e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: n/9mG9rWbW40g61xf5NYg4dE1lAiTJZC1LMbnzIo9pK/RuUrOhft/UWwSDvTBiWIJOwhQ2W2sM4=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 icon-chevron.svg
cdn.ome.lt/static/omelete/img/ 305 B
635 B 1061ms
41ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/icon-chevron.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2411ddc50b71ef631996cf91290a035d1066c3ef055010f244efa42d7d119d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848R51S0D3PC26MD
etag: W/"3113dc00b71fbf91314efb4b92893748"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: wn9+keLP/sq84zxgbKUE95+Ai28FwQZI8IZDY7cMO1Rv4EPz93e3lQSEQ0dF/LOw6hopmZYA5gU=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 93539ba0-e2cd-489c-b66e-0ffbac82ea04
cdn.ome.lt/wOJTM4w9lEu_6phIyGKx4evQOpI=/90x90/smart/extras/webstories/ 15 KB
15 KB 909ms
42ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/wOJTM4w9lEu_6phIyGKx4evQOpI=/90x90/smart/extras/webstories/93539ba0-e2cd-489c-b66e-0ffbac82ea04
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 645a36835eb7cdff5dde0aa1dd179ee3caf617e80f2a7fc730f0d95156ae00b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "fa38192ec28160ac777e125a3eab2f81596007da"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-length: 15450
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 f1947329-fc90-4af6-aa2b-ffdb317d1d3d
cdn.ome.lt/JT2qOKXTRr8q-l_I7WAY-NjkwUI=/90x90/smart/extras/webstories/ 2 KB
2 KB 908ms
41ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/JT2qOKXTRr8q-l_I7WAY-NjkwUI=/90x90/smart/extras/webstories/f1947329-fc90-4af6-aa2b-ffdb317d1d3d
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: e2dc5bb29540bbd5f8dfd077751a2d33f15e00ad3d0ed899888968708d5f041f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "636973a36d27371925ee733cd61387e39176b4dd"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-length: 2102
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 27841454-b846-4438-96e7-079027b0b82d
cdn.ome.lt/9Dwwgz9ptveoZf4Da9VDdAlvBuo=/90x90/smart/extras/webstories/ 2 KB
3 KB 903ms
36ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/9Dwwgz9ptveoZf4Da9VDdAlvBuo=/90x90/smart/extras/webstories/27841454-b846-4438-96e7-079027b0b82d
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: fc137fc6c40cb0c11877998983fcc32316fa9ff2d0ba255d9fd70741ada291df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "5e89e5a7582251ec23ffb2f0295003f4ce4c266d"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-length: 2506
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 fa09bddf-f438-4132-b348-ea31342dd5a7
cdn.ome.lt/y0q4Z1w-BSGN4pXv9X84HvXvJE4=/90x90/smart/extras/webstories/ 1 KB
2 KB 892ms
25ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/y0q4Z1w-BSGN4pXv9X84HvXvJE4=/90x90/smart/extras/webstories/fa09bddf-f438-4132-b348-ea31342dd5a7
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: de31dd4294035c772f6e06eca33abf75d34c25383e6772a0e47ce7f05ad83b3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "34c6d74e76ac41f3fc8e1bfe88c9f0a1ab193b6f"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-length: 1438
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 eb65b8e0-e1cc-4beb-8837-2ceb5dae00cf
cdn.ome.lt/5na1lwCKF1MKlPLtlb3RCK2xWfw=/90x90/smart/extras/webstories/ 20 KB
20 KB 907ms
40ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/5na1lwCKF1MKlPLtlb3RCK2xWfw=/90x90/smart/extras/webstories/eb65b8e0-e1cc-4beb-8837-2ceb5dae00cf
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 540f4b77319f1f71a0ef6085d2d0043409270804751e422ff8ec8205e03f0816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "eb0ad614e00d1a419d4ee276f1a2219c54a9b4e0"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-length: 20307
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 f8e38c69-7940-44e3-a2bf-674fb1abc5ff
cdn.ome.lt/uIbXzfZPY5gEjDlIaI8RgdpBQG0=/90x90/smart/extras/webstories/ 17 KB
17 KB 49ms
48ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/uIbXzfZPY5gEjDlIaI8RgdpBQG0=/90x90/smart/extras/webstories/f8e38c69-7940-44e3-a2bf-674fb1abc5ff
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: d2c70869058f2fe874b7bc15180cff05244acc747d565252c45e944a05472e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "50876d79d9ae2a51583e6bac5560232b348ed2a7"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-length: 17514
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 f3e86d5c-a4f6-4548-81ea-4f37f014f780
cdn.ome.lt/oR9hInwz_t7Y7NEaq4IlMlNfEu0=/90x90/smart/extras/webstories/ 24 KB
24 KB 50ms
49ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/oR9hInwz_t7Y7NEaq4IlMlNfEu0=/90x90/smart/extras/webstories/f3e86d5c-a4f6-4548-81ea-4f37f014f780
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 3d7673c7e6c043d96171b248b7b8dcf00d10df8e889547cf7efb004fafcc55a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "3340cc5544d4081537c17e98250e0757d2985b87"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-length: 24661
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 851fb3e6-b69f-4821-b08d-abab29a49afe
cdn.ome.lt/nXMbzbWL6Dm0KiyZH1WPiRzRAmA=/90x90/smart/extras/webstories/ 19 KB
19 KB 52ms
51ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/nXMbzbWL6Dm0KiyZH1WPiRzRAmA=/90x90/smart/extras/webstories/851fb3e6-b69f-4821-b08d-abab29a49afe
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 3aa348aad728126cdb847ce20f8a92f673ea9a7c24fe7ac6fd2209e22884d6f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "66cdbb9a9247e0c4e1f42f11a6cc91dccfd2a77d"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-length: 19292
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 6847.js Show response
cnt.trvdp.com/js/1627/ 691 B
1 KB 88ms
26ms Script
application/javascript 18.173.154.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1627/6847.js
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-21.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23ac22fac67ced5028985031c76904ca5503aa60f29142c13e249021efbbbe30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:26:19 GMT
via: 1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 16:05:19 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 2077664
etag: "3b1bf96f6605b0c9d8c5f10f854c42e1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 691
x-amz-cf-id: 7jlgveteJIMhWDyLjC3f1D1I5KPLAZtJu97TzBcxreUpWg0NYRV0Ww==

GET
H2 200 icon-timer.svg
cdn.ome.lt/static/omelete/img/ 826 B
893 B 53ms
52ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/icon-timer.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d684d847a1a127a8410f5f19ba0c4dc95dd718bbc0c0596aa8d751231152508

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848NNXBQ45HF3P30
etag: W/"4466437b1201d3fa98cdb536bf748dda"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: Bqihzt3gqy3oEhoHqd1HIVj0yj8s80n0eovN1cBvdubKeM2YyAedGlehOp6dauar1PgIEfRD1Pz5F/+QfeShqQ==
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 icon-alert.svg
cdn.ome.lt/static/omelete/img/ 519 B
787 B 54ms
53ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/icon-alert.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b1c4182e0759f31cf7d9de0e66aaeb7e72f6c9c2750feae20f2d25a4425b969

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848TSX1VGT6EPN2C
etag: W/"a1b1e0af2a0d512301d0aac863998845"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: hE25W/rnUhpPYUeWvmMQq93j8d3cJbL9Kz7Ibr5xcGXhTCaTeqcBPOLWflEjdL1Yoe+0xex2JDv+ZpNE/53F8g==
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 icon-arrow.svg
cdn.ome.lt/static/omelete/img/ 586 B
773 B 55ms
54ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/icon-arrow.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64e60f20091c10538e3ef79477aacc245314b970b9ec89718ddb719415193c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848JFZ27NM7RA3KZ
etag: W/"d5fefd64aa8ff398eb03c4ea969608c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: ulCPZKefBLNkF9o6rP6EfiheFGJQ/noDSDZutQGX/asr5J3ABAEGWh5XZZ1AWHSB0QG7Jx0aBz75kGLzxTEhuX/QWa6NWIoO
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 icon-calendar.svg
cdn.ome.lt/static/omelete/img/ 628 B
773 B 56ms
55ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/icon-calendar.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: deed89f76f895f6afc93a0aee8996083b58c091d2af7d82ff1a5804cbb68c02b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848R7W0FQP0PVWJT
etag: W/"f7cc75d11edfb234b82a158d61676bdd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: fZzzLNIXDxch2qGuDjvrG1hiqb/lzaTC6J+KPxm/RZEI6sbajB/ligs4gCFBZIPG45XyDqmxPG2ygMEcK8VwtG0RqYh6lgih
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 icon-warning.svg
cdn.ome.lt/static/omelete/img/ 357 B
657 B 56ms
55ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/icon-warning.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afa7ce685176ced89c09ac5df6dd3132848cbf5e6db030582e0144d7a20b8f40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848VAWY32139TRMK
etag: W/"e050091670b78e5894e2592ac613c84a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: +viJfIWwO/NGe7lzTwAzdIw7l9CTdIWi8znTbQPwmaABbchGnN6Hf1/pdOMZBB8SgupLIJnxjxc=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 icon-success.svg
cdn.ome.lt/static/omelete/img/ 387 B
698 B 57ms
56ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/icon-success.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48db22016c12abee76f578c9484b948b694944e3fdc04321cb5ba015960ca525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848GXD2AYG6AC96H
etag: W/"16b5b6e4198381e9ae5f4971056a4872"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: zv2sWud8mst161ip1Vm9BAPOqsM6oliY3z6tv5+AgnyYgpCyfqI5YbvK9IEwbFQ4hyu/PfEfB5B8JELuXYJ3tcDrAj6odXlliCRyNXZuCUM=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 jquery.slim.min.js Show response
cdn.ome.lt/static/omelete/js/vendor/ 71 KB
29 KB 23ms
20ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/vendor/jquery.slim.min.js
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 2DBXHB2J0NR2Z2B2
etag: W/"fb8409a092adc6e8be17e87d59e0595e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: sNkaqXz5eFsEFcDURn3RyWfuF4mfsrFVHUy6qsWPNO01iLvZmMXCA18J1xECB48j9Q6s90BKGjE=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 jquery.mobile.custom.min.js Show response
cdn.ome.lt/static/omelete/js/vendor/ 8 KB
4 KB 32ms
29ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/vendor/jquery.mobile.custom.min.js
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a986ea00773d0694d74b1e10e2fde329c2aeb4a29f6386d9d5002017fd01e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 2DBT3MXQGE9W04KR
etag: W/"016f7eaa5a233c7f85eb2cba65166754"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: rKU4sMHuqySacFkRMlDh7zBK0zs2uWTRllepPHCky1dJv6cOd7tymRyo5SYJkN7n3sa7huPEDX8=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 utils.min.js Show response
cdn.ome.lt/static/omelete/js/ 5 KB
2 KB 33ms
30ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/utils.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7be6d35b0272e4a334e6b959b504ebd22038340f533106df1cc85ce57d4e1ecb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: Q0XQ155MC1GXKWZG
etag: W/"8c6e9d684a2a20b8d11c46677241cad0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: umvRG6ys1sX9qvBaQgkZLzczOZjq9ZJByz/ZCy+HkC/Ip4R5DyMWcgd8zs/8nHm3+gzUAPaq+sWO17JQOvJnfNdmt0K25rN5811pPN+YPL4=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 lazyLoad.min.js Show response
cdn.ome.lt/static/omelete/js/ 558 B
785 B 34ms
31ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/lazyLoad.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c4832dcee6c83b45d0c64c7b626628d24d4208c3084b49ed360c2042c40048f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: Q0XGJWBT5TF7C8BT
etag: W/"31e3cf685dc286fecde27a4a4e1c5714"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: 7I2zrkMwyNSfp9rDwrqSFNhkhWIlKZyFFsb9ewkMFQP1oLPsvhfP6m0kcUEyNN531IrWk+gH6iU=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 header.min.js Show response
cdn.ome.lt/static/omelete/js/ 2 KB
1 KB 34ms
32ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/header.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa5af17857ac25298ff679f7961fa27be1dc3312f0d63c725aa2f87e6bb3cd86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: Q0XQXGTZKQWRKP41
etag: W/"77fc552b457759fb39632e8870b29982"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: XsrOTuvTTzpNSx+COKQSU2FC3uxtbz6nsZIHX3S/9rKZEQN5C0V7J2eJdmk349oXE+p3vHL35tQ=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 search.min.js Show response
cdn.ome.lt/static/omelete/js/ 1005 B
810 B 35ms
33ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/search.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e275c8eab3b1c6c48f4b6840bab0b7aa61c58dfa018ea7a0ec3d07a500495d41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: Q0XJTY8ADGRXMKR4
etag: W/"088fe6b49d71d66908b8b72b60642abd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: XKS43teiHCT6WYcpg6++cpreJiNNQ2yRRCOpnneW7U71NxPRbxrqVimi80n3dMVKdaIp78q+/Wg=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 banners.min.js Show response
cdn.ome.lt/static/omelete/js/ 3 KB
1 KB 36ms
33ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/banners.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6da22bbe41a7b29a24dcab5489b3962db3c6c8e3c75d89747016969629455ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: Q0XTVN8WC69CVVF5
etag: W/"00900b828e6e8278e56f794d04425dac"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: nrqA1DDfs2rYVVTsMu72QqH+7zr03Gfp0WoUo4b/Ifa/w4Ys2RcXDfEf2AHAdnyvncqiIV1OdYE=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 animated-logo.min.js Show response
cdn.ome.lt/static/omelete/js/ 248 B
627 B 37ms
34ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/animated-logo.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1302f4fc3c33cec84590b4479711a6b1fdd2ac1ebd32635d4cd4cfbbd83308a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: Q0XXS02BXQVHDZ7T
etag: W/"f990d874462e75357ac8ea9d82aa94e5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: tuI8rfW/5/633RVrYI43qfM+zGpY8kxTpK0bglXTLWR7BWH57XjBo/rTy+U69FOS2h6zGwc+Rq9vm8a++bM0WAnL/XAP8OiZc+OzxK071NQ=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 swiper.min.js Show response
cdn.ome.lt/static/omelete/js/vendor/ 126 KB
40 KB 36ms
35ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/vendor/swiper.min.js
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 2DBZD15JAXS2DX11
etag: W/"2ac19265b38d14235141d184bca54d9a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: XfmtH5JfOULvYicVH8upoXZl6/9P1kQHuQvfXPzzLe2w4/TYv5QO6CVDGQfcSnNHKkivo2Jna1A=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 home.min.js Show response
cdn.ome.lt/static/omelete/js/ 2 KB
1 KB 41ms
39ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/home.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71877f1c47748751ee8c86727556741baebe894741c032ab6e5bd53b4faf4f69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: 0TG9NMPS3E99XQZ5
etag: W/"14d2648e09efceb65b860bd6aadf1a50"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: /ey1JLDpENGdwn1DejB+3SksMo/JS+agtdhIhAm58xMP5cPmKvVPH8Z7S9zfB+iriRTX5qZSeUM=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 reviews.min.js Show response
cdn.ome.lt/static/omelete/js/ 265 B
654 B 41ms
40ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/reviews.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0baa6e598c59c33239ad1d8eedb937ce0d3b5c0d8a2a63446fa7bee1e373a0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: 0TG7W3V3G0PK22MB
etag: W/"0afa2d05ddd388ee6d73b0e84eacb8ac"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: L2/9Tc8ZJeh8CKsViwWH58M2amedRClSRHTG/5Q3WQHlLHiMFW/UNq0diTnmOK0OURR6DCQkAXorLqT6d6mayBndjvJjB0fV
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 infiniteNews.min.js Show response
cdn.ome.lt/static/omelete/js/ 2 KB
1 KB 42ms
41ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/infiniteNews.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f20423efce6530b137706a27ca445bec490866891fbafb0fa77a857409fb99c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: 0TG113P6NCF4G0Q0
etag: W/"903a99b0d1e39ddba426767f9f73b3b3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: 6ghPuePzDbuZdUr7U08zUa/EWmakZ7WYsyQdiDKHcAmfHKKz82032qRngnYDsa45YgtSPd2jmbM=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 homeAnalytics.min.js Show response
cdn.ome.lt/static/omelete/js/ 2 KB
1 KB 43ms
41ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/homeAnalytics.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20bbd8ab88d7992c27fc1ab8a9783751cd46845528c5598eea90e9c0edb5a620

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: 0TG27X677RPVT2GQ
etag: W/"76d2bb20c0342019c6662282c85b337c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: KBCMSvrqrgE4mG8UJBWZ2ZQ2JXq1qbv/G6SHXBxwZW5ZHadsWE7KTo3wA/a2eksNk7m2tCbun5IOROQu6hc6e1j+spQLNA9hXsOobToXCPk=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 web-stories.min.js Show response
cdn.ome.lt/static/omelete/js/ 471 B
678 B 43ms
42ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/web-stories.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2c894119a46e0ce14b425e44d4a02692c2107479526498141c38503e432834d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: 0TG4EKK2V6CJN0P5
etag: W/"e7e3430b2b4f180fc3ba9862e341cbbd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: hE0gcS+KFlSzcGq5idvTvOMsmLHDHmz/f6ejWkNz1RrHL4/V3lCOj0M/w4PqJw+N/Zf8W71sprLwI5ZE/ClxVg==
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 prebid5.20.4-2023-03-16.js Show response
cdn.ome.lt/static/omelete/js/vendor/ 208 KB
77 KB 58ms
57ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/vendor/prebid5.20.4-2023-03-16.js
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bda70acd8cade0b42ffd2d57af39ca2594da5567d62e52807b2c483bffa00dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848PK6GZE5FQV0TR
etag: W/"b3227fff46c39becbe1c1355a416e505"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: J1+B5SMoR5A/VOfwQYcc2PiWBY5D9un0j1EKTz7NegqitcgLVdfA2z1n3Bp2C/hiUo9FCh3NakD6JK1sRscb3Q==
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 newsletter.min.js Show response
cdn.ome.lt/static/omelete/js/ 2 KB
1 KB 44ms
43ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/newsletter.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ebd231f17af82c57674d70d33810bc2410a4ce838e8c89658a682e18f6e891f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: Q0XWDZ1WQFF6BH3P
etag: W/"2e727027cfedacf7a71d273c151f522f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: kRFfDTHK7FAVp9lCWTFqzfOGojhNaVasjI0AI63jN/Zluv6tS181HPSB7Meo/8M7p5Jh7HWhupyuTnor/AesWg==
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.2.9/ 20 KB
6 KB 75ms
28ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.2.9/firebase-app.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92923e7ea94444b385afba025c7848d21f243be8358d35dc293275553863d97a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6528
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 21:12:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 10:08:31 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.2.9/ 40 KB
11 KB 72ms
24ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.2.9/firebase-messaging.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f921ad528f18411472daf5a169f99678086aec6ac4a71f00730575a092621f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 15:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10867
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 21:12:55 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Dec 2024 15:40:25 GMT

GET
H2 200 push-config-production.min.js Show response
cdn.ome.lt/static/omelete/js/push-notification/ 509 B
801 B 45ms
44ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/push-notification/push-config-production.min.js
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60a9dbc3429ac7e9e650722dce14ec0f5d2d55c0ec85dc24c16e8e14536352cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 2DBMNZNYEDGKHF3Y
etag: W/"e40e18ad6a7d0f584b05fb20279dbb1b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: dGwINHkjN79tTvlxgkc0KC5cpdkAFVORTGvGoFAW/bXDiLMVDV9ItPMvtSNuG0k8AQIpdmAkc06IbZSYpJYmUEmQSoR1LHQa30hnE5yiJJ0=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 push-notification.min.js Show response
cdn.ome.lt/static/omelete/js/push-notification/ 15 KB
4 KB 60ms
59ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/js/push-notification/push-notification.min.js?v=f2674
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fb990d6b27623254e5ee6687f143687a09c64f0e91cb4c83ff6f61d269fe5ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:08:41 GMT
server: AmazonS3
x-amz-request-id: Q0XSADQW5YWQ8HD4
etag: W/"9d994db8176e5f1440bb0e4c4ccd910c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: SnhPHkvuT599IcRZGNTULXrl5IrtO9WuNdLOgkdJitx7G/lbM42xwkpokVUpsebVw9VIZqCrpH7OwGcujj0nsg==
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 280 KB
96 KB 86ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQVQVWQ

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

248929cda9a1cb269996491cead4c9577ae9206c37754f36b61dd6e4bd403f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97938
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jan 2024 15:34:02 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6847.js Show response
go.trvdp.com/init/ 6 KB
6 KB 89ms
27ms Script
binary/octet-stream 18.173.154.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/6847.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1627/6847.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-83.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06af1c94bbac0654d905abaa5b2e4500a2829ec6f402261232ac1a2bdff613b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:26:20 GMT
via: 1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 09:56:50 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 2077663
etag: "80c327f0c5f491e86f3140e8b184458f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: o0Ov55fDJMvZWFHq1tYNak8QHiOGpdF9ZIoiE1WlRfwzzg0cJxrkTA==

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
341 B 119ms
50ms Fetch
text/plain 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_8172&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=471b531&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 15:34:02 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://www.omelete.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 08 Jan 2024 15:34:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
91 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WQ33SP58YS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQVQVWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3aa6010e012aa80ebe28057d2ec103ffc3d5d9d8b691e6e0d0ddcc0c1be7924c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93568
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 15:34:02 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/855068064/ 3 KB
2 KB 126ms
63ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/855068064/?random=1704728042735&cv=11&fst=1704728042735&bg=ffffff&guid=ON&async=1&gtm=45He4130v867967661&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.omelete.com.br%2F&label=8PwyCNXH4KwDEKCb3ZcD&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20Omelete&value=0&bttype=purchase&auid=1930156319.1704728043&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQVQVWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

86f9eb14e12e21b0fac19fe81082ec077e2a8b5a8373ccf5ef416869c652c430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1629
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 108ms
32ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQVQVWQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:02 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220094-FRA

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 250ms
148ms Script
application/javascript 2.23.209.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDHTGLBC77U9BMO6JL8G&lib=ttq
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4434d143e1c4a63a74bac0d9f7ee77e806e566e5fcd1f200489110fb5a655856

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: 79154fb6.44314d73
date: Mon, 08 Jan 2024 15:34:02 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24010815340253C85D70A3D533EF4F8A-4342066A603C48D3-00
x-cache: TCP_MISS from a23-62-213-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 99,23.62.213.108
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=6, inner; dur=3
content-length: 1340
pragma: no-cache
server: nginx
x-tt-logid: 2024010815340253C85D70A3D533EF4F8A
x-cache-remote: TCP_MISS from a23-220-104-211.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.211
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6d6317da3a885f06cbb06a50343fc36ee7da67ad46edf5773f5a3415ead27b68f7cf761a778ae7fdbf909f14f2508887b71fc5efbb3bb8d313eabe3f32576c901e473f554ed5556dd2c8f84d40146abf4b33cb274a7434f0ac0a0db1d9bb7881f9
expires: Mon, 08 Jan 2024 15:34:02 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 66ms
24ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jan 2024 15:34:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54372
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: tS619o97lgkxTOXmM14vQBI3oQK7+/m8zGcNvQeu9uAfo5vhU6fU0QfMK/wS3T80DuP8y1OkKoiNveiW92usVg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
74 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10955670600

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQVQVWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5903b8484232f9a1d05fe5b708b46d8069bdd6014bfd912204deaa6911a2a895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75270
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jan 2024 15:34:02 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:50:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6207
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 07 Jan 2025 13:50:35 GMT

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 6 KB
3 KB 4446ms
4383ms XHR
application/json 99.84.88.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1627&wid=6847&cb=657.4341577734822&pid=5028&url=https%3A%2F%2Fwww.omelete.com.br%2F
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/6847.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-91.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 8b4ab73197a9fe21bac962393e16f1e2339cdc0f11dacd7f3db71ccb33950ab3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:07 GMT
content-encoding: gzip
via: 1.1 4699c08b44211e17f977ca0133ec5e8e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.omelete.com.br
access-control-allow-credentials: true
x-amz-cf-id: K-fTRfgd93Xro4T7fQLgs4ln6K5aHFKHhgCkWd7u9cJ2DQZr2ahNFw==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
247 B 75ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WQ33SP58YS&gtm=45je4130v877053132z8867967661&_p=1704728042585&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1230367790.1704728043&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704728042&sct=1&seg=0&dl=https%3A%2F%2Fwww.omelete.com.br%2F&dt=Home%20%7C%20Omelete&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1407
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WQ33SP58YS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.omelete.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 85ms
29ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WQ33SP58YS&cid=1230367790.1704728043&gtm=45je4130v877053132z8867967661&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WQ33SP58YS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.omelete.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 95ms
46ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WQ33SP58YS&cid=1230367790.1704728043&gtm=45je4130v877053132z8867967661&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1939086643

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10955670600/ 3 KB
2 KB 108ms
61ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10955670600/?random=1704728042823&cv=11&fst=1704728042823&bg=ffffff&guid=ON&async=1&gtm=45be4130v896288557&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.omelete.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20Omelete&auid=1930156319.1704728043&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10955670600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4ca1f3f794f9bf9f06314dbecebf7098b1f408439289b3555e9c220f22bcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1254
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 408739521459897 Show response
connect.facebook.net/signals/config/ 130 KB
34 KB 145ms
144ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/408739521459897?v=2.9.139&r=stable&domain=www.omelete.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f1de51daf9b60c731dc5ad11cf33c9a490099e93a78572d05aa9485d579c45f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jan 2024 15:34:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: sVTkSYnry/MtU4+EIdX8zNxzBbZvBJ8COkVRaTc2LUA+1OSpc0/XSzUSkGS+iVG/kBCa3T30okaVrAB/AxQ2ag==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 182ms
130ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=2&eci=4&event=%7B%22value%22%3A%22Pageview%22%7D&event_id=cf30f82e-03d1-4fc9-9f67-84a66342e4d2&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=de33472c-213c-42fa-812d-b2459443bbcf&tw_document_href=https%3A%2F%2Fwww.omelete.com.br%2F&tw_iframe_status=0&txn_id=tw-o3smm-oe4js&type=javascript&version=2.3.29

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 08 Jan 2024 15:34:01 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: df788d4d2d722afc
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 8a9a0fc3a5bfb43324a9a6c3fd608c2a14a385aeaee560d296bd839841d993de
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
724 B 174ms
126ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=2&eci=4&event=%7B%22value%22%3A%22Pageview%22%7D&event_id=cf30f82e-03d1-4fc9-9f67-84a66342e4d2&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=de33472c-213c-42fa-812d-b2459443bbcf&tw_document_href=https%3A%2F%2Fwww.omelete.com.br%2F&tw_iframe_status=0&txn_id=tw-o3smm-oe4js&type=javascript&version=2.3.29

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time: 105
date: Mon, 08 Jan 2024 15:34:02 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 21633c9e661829f2
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: cf5b5c8e080c99d0c2c2950be03a83c5132fbd437611bec634c2d0171e171911
content-length: 43

GET
H3

200

/
www.google.de/pagead/1p-conversion/855068064/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855068064/?random=426777865&cv=11&fst=1704728042735&bg=ffffff&guid=ON&async=1&gtm=45He4130v867967661&gcd=11l1l1l1l1&dma_cps=sypham&d...
https://www.google.com/pagead/1p-conversion/855068064/?random=426777865&cv=11&fst=1704728042735&bg=ffffff&guid=ON&async=1&gtm=45He4130v867967661&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...
https://www.google.de/pagead/1p-conversion/855068064/?random=426777865&cv=11&fst=1704728042735&bg=ffffff&guid=ON&async=1&gtm=45He4130v867967661&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200...

42 B
64 B

46ms
46ms

Image
image/gif

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/855068064/?random=426777865&cv=11&fst=1704728042735&bg=ffffff&guid=ON&async=1&gtm=45He4130v867967661&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.omelete.com.br%2F&label=8PwyCNXH4KwDEKCb3ZcD&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20Omelete&value=0&auid=1930156319.1704728043&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05mdXJBWVFwUHpMNXNYWW9lVTVFaVlBR2pBOFFhRVFpa2IwYUt1SEtfQzVzU1RlNU5vYnhiNzNtT0stVnRLeVJzOFNZQjZpWXcaWENoQUlnTmZ1ckFZUS1NMlM4cVhSbVAxYUVpNEEyLTZYSEt4Z2NLc1RaMDZLQkM1Sng0bTNTV2x2RGM4RXdUVm0yNjlIcXROV0xScGhhTmdqbWcxRktXRDkiEwjp0rnrjs6DAxUYSR4CHcOIAkE&is_vtc=1&ocp_id=6hWcZem1MpiS-cAPw5GKiAQ&cid=CAQSGwAvHhf_Tbb1ZuBXRAit3iAqv3jeaFm2xWHWrg&eitems=ChEIgNfurAYQz7aygIaG7svpARIdAG3mpvtM1RhCpJlxG4uAc6_EPYroVJXDfQjqOUo&random=3302184674&ipr=y

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/855068064/?random=426777865&cv=11&fst=1704728042735&bg=ffffff&guid=ON&async=1&gtm=45He4130v867967661&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.omelete.com.br%2F&label=8PwyCNXH4KwDEKCb3ZcD&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20Omelete&value=0&auid=1930156319.1704728043&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05mdXJBWVFwUHpMNXNYWW9lVTVFaVlBR2pBOFFhRVFpa2IwYUt1SEtfQzVzU1RlNU5vYnhiNzNtT0stVnRLeVJzOFNZQjZpWXcaWENoQUlnTmZ1ckFZUS1NMlM4cVhSbVAxYUVpNEEyLTZYSEt4Z2NLc1RaMDZLQkM1Sng0bTNTV2x2RGM4RXdUVm0yNjlIcXROV0xScGhhTmdqbWcxRktXRDkiEwjp0rnrjs6DAxUYSR4CHcOIAkE&is_vtc=1&ocp_id=6hWcZem1MpiS-cAPw5GKiAQ&cid=CAQSGwAvHhf_Tbb1ZuBXRAit3iAqv3jeaFm2xWHWrg&eitems=ChEIgNfurAYQz7aygIaG7svpARIdAG3mpvtM1RhCpJlxG4uAc6_EPYroVJXDfQjqOUo&random=3302184674&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10955670600/ 42 B
455 B 80ms
32ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10955670600/?random=1704728042823&cv=11&fst=1704726000000&bg=ffffff&guid=ON&async=1&gtm=45be4130v896288557&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.omelete.com.br%2F&frm=0&tiba=Home%20%7C%20Omelete&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_xUsfot00u4lopRR8MQK5tM2AC_q2nQ&random=3847433230&rmt_tld=0&ipr=y

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10955670600/ 42 B
154 B 36ms
35ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10955670600/?random=1704728042823&cv=11&fst=1704726000000&bg=ffffff&guid=ON&async=1&gtm=45be4130v896288557&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.omelete.com.br%2F&frm=0&tiba=Home%20%7C%20Omelete&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_xUsfot00u4lopRR8MQK5tM2AC_q2nQ&random=3847433230&rmt_tld=1&ipr=y

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWZkNjY4MmI1MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 376 KB
101 KB 43ms
43ms Script
application/javascript 2.23.209.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDHTGLBC77U9BMO6JL8G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bc1c05bdd3b01d9aa9d49cd9381d674cb1e061a55698f2fabf7813ea46036956

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: 44314ea4
date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202401041514450A0DBF258D67641FC31A
x-tt-trace-id: 00-2401041514450A0DBF258D67641FC31A-2DE3F50676394AA9-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-62-213-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01650e25ba6bfd16b726674010b33c6cd71afef808727ea5647c88dac7a70977ec8d21a02f85b9df8fdd22f2a97549332b94328d57fd1c1111157e052c8bb5217c9bf2c4ab99f8ee81e0a5f3e0a408ce682c39e52414a8f70a28db0e9e4a278625
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=18
content-length: 103177

GET
H3 200 245472362892044 Show response
connect.facebook.net/signals/config/ 130 KB
34 KB 158ms
158ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/245472362892044?v=2.9.139&r=stable&domain=www.omelete.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

824f20d5e00c556dec0ba67660015f1e9a5077a3103161343e560945e980fbbd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jan 2024 15:34:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: v30hiPira/YvJLV/B6p1cZ+ykuORO5I6OIlrkyc7EzF/0uILqGJ8SeuKjgGRiVxeW6qTtem24fYfh80hEwOGqA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 80ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=408739521459897&ev=PageView&dl=https%3A%2F%2Fwww.omelete.com.br%2F&rl=&if=false&ts=1704728043013&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.2.1704728043013.1828020652&ler=empty&it=1704728042854&coo=false&rqm=GET

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 Jan 2024 15:34:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_55404.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 43ms
42ms Script
application/javascript 2.23.209.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_55404.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: 44314fcb
date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024010415144693A9E2F1B237F560A551
x-tt-trace-id: 00-24010415144693A9E2F1B237F560A551-2C0365F8458224B9-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-62-213-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01650e25ba6bfd16b726674010b33c6cd71afef808727ea5647c88dac7a70977ec68266c95a694eb12e6c27edd171b5586860911307249676a88a9b1baa4d5fe1557e7fc85bb5d35ae961f0572dfa5a1e6437e4321d5f159bb0204dd1ffc52cc8a
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 37008

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
841 B 219ms
219ms Ping
text/plain 2.23.209.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8f0d911.4431500f
date: Mon, 08 Jan 2024 15:34:03 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401081534031C9FFBE6D9A75C78150E-5072295B64B912A8-00
x-cache: TCP_MISS from a23-62-213-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 172,23.62.213.108
server-timing: cdn-cache; desc=MISS, edge; dur=117, origin; dur=61, inner; dur=37
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202401081534031C9FFBE6D9A75C78150E
x-cache-remote: TCP_MISS from a23-222-16-46.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 61,23.222.16.46
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6d6317da3a885f06cbb06a50343fc36ee7b72b5ab2c6d066ab4251addf6de3ea8fa72109e3442aa57106a0fbb053e55dc1537e91951a7f6886c6db3523d79c28b8ee7a9ee86c69f62b7da10467cef4ee5eda418d9e8f7b504ba50db565d76bde5c
access-control-allow-headers: Authorization,*
expires: Mon, 08 Jan 2024 15:34:03 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 22ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=245472362892044&ev=PageView&dl=https%3A%2F%2Fwww.omelete.com.br%2F&rl=&if=false&ts=1704728043195&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.2.1704728043013.1828020652&ler=empty&it=1704728042854&coo=false&rqm=GET

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 Jan 2024 15:34:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
841 B 172ms
171ms Ping
text/plain 2.23.209.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b2420767.443151a3
date: Mon, 08 Jan 2024 15:34:03 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240108153403EC1282237407EEAB7E08-4D2926BE9D82B18E-00
x-cache: TCP_MISS from a23-62-213-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 125,23.62.213.108
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=35, inner; dur=32
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240108153403EC1282237407EEAB7E08
x-cache-remote: TCP_MISS from a23-220-104-203.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 35,23.220.104.203
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6d6317da3a885f06cbb06a50343fc36ee79ec8e5cdf1aed82640ba8df77feb85caef185f816ecbaf9470b40948119490a58e1b8d5ca98977e1833faf9e3ecee3326a7353eec7351762b18fbc8141a9608700095b9e09ab76a00b7c5c218c48008b
access-control-allow-headers: Authorization,*
expires: Mon, 08 Jan 2024 15:34:03 GMT

GET
H2 200 UniNeueRegular.woff2
cdn.ome.lt/static/omelete/css/fonts/ 34 KB
34 KB 47ms
47ms Font
binary/octet-stream 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/css/fonts/UniNeueRegular.woff2
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/css/index.min.css?v=f2674
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a08e691d72c2751f4c9e3d314eb4096da345ef25c48edb8549cd7279c24f8f4

Request headers

Referer: https://cdn.ome.lt/static/omelete/css/index.min.css?v=f2674
Origin: https://www.omelete.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
last-modified: Tue, 12 Sep 2023 15:11:24 GMT
server: AmazonS3
x-amz-request-id: 57XJN7YSZHACEWJ0
etag: "f20aac1252aae84cb9dcc63118533249"
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 34508
x-amz-id-2: 9t8HPiJ2AOFlHxRgnfKUDIrmDK7Y8Y46TD+B6ZYWwIK2yhVXNC0EThG7HSiLXWlB28o0jip7UmB+6xmj8rl31A==
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 UniNeueLight.woff2
cdn.ome.lt/static/omelete/css/fonts/ 33 KB
33 KB 48ms
48ms Font
binary/octet-stream 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/css/fonts/UniNeueLight.woff2
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/css/index.min.css?v=f2674
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f953ee7a4665e1fccc4ecf3b06b1e0d8e9ea7abe48f8f5d829ab7a0c1ecbda8

Request headers

Referer: https://cdn.ome.lt/static/omelete/css/index.min.css?v=f2674
Origin: https://www.omelete.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
last-modified: Tue, 12 Sep 2023 15:11:24 GMT
server: AmazonS3
x-amz-request-id: R7D88H5YD8Y9MYGC
etag: "860bd0c73f059a6a8100acebbbcf0518"
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 33636
x-amz-id-2: 5FdpMWGyVoOWmwGr5WTiL18wjcgHuDYkUwexT/Nzu3F6+jYsqyGRv092j2/aUVdJXgLs53RX6tD1u6nX6+296Q==
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 UniNeueBook-Italic.woff2
cdn.ome.lt/static/omelete/css/fonts/ 36 KB
36 KB 56ms
56ms Font
binary/octet-stream 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/css/fonts/UniNeueBook-Italic.woff2
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/css/index.min.css?v=f2674
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99174facd8ea1aa035e74bf4144c515a94d57d75a74dae9ada78b6cd19b028b1

Request headers

Referer: https://cdn.ome.lt/static/omelete/css/index.min.css?v=f2674
Origin: https://www.omelete.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
last-modified: Tue, 12 Sep 2023 15:11:24 GMT
server: AmazonS3
x-amz-request-id: 57XY81XR5GH1D7A2
etag: "e164c8ed0f8c0e8af90b579c0c724608"
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 36412
x-amz-id-2: Q2oyA5ilX/95Arn2iW+dHlKmHG4L2LDiDPZOhS2LwzFUX2HG6bL1A1CHbj0C4OdJyX37vsAJeRw=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 UniNeueBook.woff2
cdn.ome.lt/static/omelete/css/fonts/ 33 KB
34 KB 62ms
61ms Font
binary/octet-stream 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/css/fonts/UniNeueBook.woff2
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/css/index.min.css?v=f2674
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6724e7d7b20e7a863c763e8d0070c8e9405b567f62a219216c9f6b448a4ccbe0

Request headers

Referer: https://cdn.ome.lt/static/omelete/css/index.min.css?v=f2674
Origin: https://www.omelete.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
last-modified: Tue, 12 Sep 2023 15:11:24 GMT
server: AmazonS3
x-amz-request-id: 57XS809RK2CGY2JC
etag: "c830413c9e1fdfc11eb9a79a39b8232f"
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 34240
x-amz-id-2: rOM/ConGfzsLa9ZTFSY9FUIJH1UxnQNOegSxCWVMGhrgskZl5zconwZefkU9tRajD7DCsFLcG3o=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 UniNeueBold.woff2
cdn.ome.lt/static/omelete/css/fonts/ 34 KB
34 KB 63ms
62ms Font
binary/octet-stream 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/css/fonts/UniNeueBold.woff2
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/css/index.min.css?v=f2674
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9cd98344793b837f2c181ec0a785570f274b20950c45586b30d7a0c6f876a71

Request headers

Referer: https://cdn.ome.lt/static/omelete/css/index.min.css?v=f2674
Origin: https://www.omelete.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
last-modified: Tue, 12 Sep 2023 15:11:24 GMT
server: AmazonS3
x-amz-request-id: 57XYQNGBEC22WF0Z
etag: "2861e03018a5501d3c6f904e59028c7e"
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 34504
x-amz-id-2: f2UgF9y4idc8OooH02vNjHGXRv5sr/qnQMrQtuM9uDVjEUFoOZJF3w3H4VNQiBS6GVTjTQ5ASR8=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 fontello.woff
cdn.ome.lt/static/omelete/css/fonts/ 7 KB
7 KB 63ms
63ms Font
binary/octet-stream 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/omelete/css/fonts/fontello.woff
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/css/vendor/fontello.css?v=f2674
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83d65354a1a0ebd5c9bc357f5ff2ff28959c9982bed2aab8c6d2decd1b36a359

Request headers

Referer: https://cdn.ome.lt/static/omelete/css/vendor/fontello.css?v=f2674
Origin: https://www.omelete.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
last-modified: Tue, 28 Nov 2023 19:43:35 GMT
server: AmazonS3
x-amz-request-id: 59PJVVYRDSEPSE3E
etag: "cf0ec48b38ccbd028bdd39f6e15c3f91"
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 7060
x-amz-id-2: Wa4DN44D9Pl6Wwtmhr9EgJzTbsRCslOGCOFfbGN+SanaC4cDOrcyl3luKLGb/c7bDMIhi7EztTXq9hXPTVMq4xv/qjseJDUf
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 loading.svg
cdn.ome.lt/static/omelete/img/ 873 B
793 B 19ms
19ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/loading.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 059e2c7b3433933e04e1d05e2c72aadf3dfc27fa0d5283610f6bcb7d01990b54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848HJEWZ4GEYRSPQ
etag: W/"ee06e9568d6b09b87f057249c2553192"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: FqG+LUjjY0214TavvjAFp6/Sk5IGN18Yu3yTBiqclsFvdz4D+T6xG3mcwidmUxy4bZ+rxncElXGeNeJxrjr+l/h3wqeGC/MFpPb4GcdHFr4=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 icon-timer.svg
cdn.ome.lt/static/omelete/img/ 826 B
893 B 20ms
20ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/icon-timer.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d684d847a1a127a8410f5f19ba0c4dc95dd718bbc0c0596aa8d751231152508

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848NNXBQ45HF3P30
etag: W/"4466437b1201d3fa98cdb536bf748dda"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: Bqihzt3gqy3oEhoHqd1HIVj0yj8s80n0eovN1cBvdubKeM2YyAedGlehOp6dauar1PgIEfRD1Pz5F/+QfeShqQ==
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 icon-calendar.svg
cdn.ome.lt/static/omelete/img/ 628 B
773 B 20ms
20ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/icon-calendar.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: deed89f76f895f6afc93a0aee8996083b58c091d2af7d82ff1a5804cbb68c02b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848R7W0FQP0PVWJT
etag: W/"f7cc75d11edfb234b82a158d61676bdd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: fZzzLNIXDxch2qGuDjvrG1hiqb/lzaTC6J+KPxm/RZEI6sbajB/ligs4gCFBZIPG45XyDqmxPG2ygMEcK8VwtG0RqYh6lgih
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 icon-warning.svg
cdn.ome.lt/static/omelete/img/ 357 B
657 B 21ms
21ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/icon-warning.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afa7ce685176ced89c09ac5df6dd3132848cbf5e6db030582e0144d7a20b8f40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848VAWY32139TRMK
etag: W/"e050091670b78e5894e2592ac613c84a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: +viJfIWwO/NGe7lzTwAzdIw7l9CTdIWi8znTbQPwmaABbchGnN6Hf1/pdOMZBB8SgupLIJnxjxc=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 icon-alert.svg
cdn.ome.lt/static/omelete/img/ 519 B
787 B 22ms
21ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/icon-alert.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b1c4182e0759f31cf7d9de0e66aaeb7e72f6c9c2750feae20f2d25a4425b969

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848TSX1VGT6EPN2C
etag: W/"a1b1e0af2a0d512301d0aac863998845"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: hE25W/rnUhpPYUeWvmMQq93j8d3cJbL9Kz7Ibr5xcGXhTCaTeqcBPOLWflEjdL1Yoe+0xex2JDv+ZpNE/53F8g==
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 icon-arrow.svg
cdn.ome.lt/static/omelete/img/ 586 B
773 B 22ms
22ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/icon-arrow.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64e60f20091c10538e3ef79477aacc245314b970b9ec89718ddb719415193c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848JFZ27NM7RA3KZ
etag: W/"d5fefd64aa8ff398eb03c4ea969608c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: ulCPZKefBLNkF9o6rP6EfiheFGJQ/noDSDZutQGX/asr5J3ABAEGWh5XZZ1AWHSB0QG7Jx0aBz75kGLzxTEhuX/QWa6NWIoO
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 icon-success.svg
cdn.ome.lt/static/omelete/img/ 387 B
698 B 23ms
23ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/omelete/img/icon-success.svg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48db22016c12abee76f578c9484b948b694944e3fdc04321cb5ba015960ca525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:25 GMT
server: AmazonS3
x-amz-request-id: 848GXD2AYG6AC96H
etag: W/"16b5b6e4198381e9ae5f4971056a4872"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: zv2sWud8mst161ip1Vm9BAPOqsM6oliY3z6tv5+AgnyYgpCyfqI5YbvK9IEwbFQ4hyu/PfEfB5B8JELuXYJ3tcDrAj6odXlliCRyNXZuCUM=
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 95ms
30ms Script
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:13:13 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P2
age: 1251
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: b0dCXdluD2ZkuHG58hn0qjYa3FzF_V3TRgGnC6oZ3Bz1_TfcDlgBUA==

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 132ms
77ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 2028
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 842580a22b894d80-FRA
expires: Mon, 08 Jan 2024 16:00:14 GMT

GET
H2 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 158 KB
46 KB 191ms
129ms Script
application/javascript 2606:4700:3033::ac43:9fa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcd2b90380b886e67b72b59a9e9a15718e3c19914c406add2a823c948e01e38a

Request headers

Referer: https://www.omelete.com.br/
Origin: https://www.omelete.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time: 4ms
date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 08 Jan 2024 14:53:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-envoy-upstream-service-time: 10
accept-ranges: bytes
cf-ray: 842580a1fbc44d56-FRA
alt-svc: h3=":443"; ma=86400
content-length: 46531

GET
H2 200 globo_de_ouro_oppenheimer_amy_sussman_getty_images_via_afp.jpg
cdn.ome.lt/jXpSpcEMRBHdzXzSlfvh2ZtKMik=/480x360/smart/filer_public/6d/88/6d88f102-6245-43d9-b444-8c6fe51dbf8a/ 15 KB
15 KB 482ms
481ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/jXpSpcEMRBHdzXzSlfvh2ZtKMik=/480x360/smart/filer_public/6d/88/6d88f102-6245-43d9-b444-8c6fe51dbf8a/globo_de_ouro_oppenheimer_amy_sussman_getty_images_via_afp.jpg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 8c874ef1b3a660dd636d827dcbc514c53d5783a1b176668acbab93b90f1f403d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
server: nginx/1.12.1
etag: "61173b978659dd0a1a4188ca2b4981421093dda5"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 14880
expires: Tue, 09 Jan 2024 15:34:04 GMT

GET
H2 200 tenet_filme.jpg
cdn.ome.lt/W6p133B733c6IsIzL47pegQVGm4=/480x360/smart/filer_public/59/f1/59f1970b-fdbd-44ae-a73b-38eb84cd76b1/ 11 KB
12 KB 23ms
23ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/W6p133B733c6IsIzL47pegQVGm4=/480x360/smart/filer_public/59/f1/59f1970b-fdbd-44ae-a73b-38eb84cd76b1/tenet_filme.jpg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: b774872cba7b39f361fad8583f8cbccd57ffb120483177d524374624309ea2fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "f8753b92117b878138980a3e2186bfd4386a5a7b"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 11683
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 fogo_contra_fogo.png
cdn.ome.lt/CNMaheNoGlhjAq4QmwLpv03xN-Q=/480x360/smart/filer_public/d8/5a/d85aef7b-1052-44da-be23-7d57cb92f7b8/ 361 KB
361 KB 24ms
24ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/CNMaheNoGlhjAq4QmwLpv03xN-Q=/480x360/smart/filer_public/d8/5a/d85aef7b-1052-44da-be23-7d57cb92f7b8/fogo_contra_fogo.png
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: d8634e7f77328b9098263858e80d3fb517b7e099ba5fa06f327a1a7ba4af50e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "47e0395300137c70e13b1659077e3e1423937fe1"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 369190
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 solo-leveling.png
cdn.ome.lt/zYFXtC0wHi1yupwW4FKIVP45FxQ=/480x360/smart/filer_public/35/eb/35ebde81-a81a-41d6-81f3-6c25cf1ab080/ 167 KB
167 KB 61ms
61ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/zYFXtC0wHi1yupwW4FKIVP45FxQ=/480x360/smart/filer_public/35/eb/35ebde81-a81a-41d6-81f3-6c25cf1ab080/solo-leveling.png
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: d7d0ac3d48477cce6d0e6cf13b24fd78b9da989284aceaad215faf54d0195eab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "1d3b33ea8db51e022b7bb582bfac9eb442594a4e"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 170583
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 priscilla_.png
cdn.ome.lt/HNKaVQ91ccdj3Jc7w_fsSXFM8SM=/308x500/smart/extras/capas/ 218 KB
218 KB 61ms
61ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/HNKaVQ91ccdj3Jc7w_fsSXFM8SM=/308x500/smart/extras/capas/priscilla_.png
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 7b130c7e1e04949b96ad165432d01acab359b2d94917c73a7f00cd0e328d8552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "2c8c2a29e9c8d378b90684368cf8e5840a415633"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 223180
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 poster_de_wish.jpg
cdn.ome.lt/tjcxLVgXbHYqufbv_fkSCC37TFE=/308x500/smart/extras/capas/ 29 KB
29 KB 64ms
63ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/tjcxLVgXbHYqufbv_fkSCC37TFE=/308x500/smart/extras/capas/poster_de_wish.jpg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 43043d7ecc1e616079e221e89e8dbfe56ccae1809b73f79196f74209e998ef2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "893147909018b57e3265f0927c6d9850bfbd950f"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 29671
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 concierge.jpg
cdn.ome.lt/AZI-A8ra6zAAc6LWC-k_DcjMrQg=/308x500/smart/extras/capas/ 28 KB
28 KB 65ms
64ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/AZI-A8ra6zAAc6LWC-k_DcjMrQg=/308x500/smart/extras/capas/concierge.jpg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 0f550e673cf74a675d4de866f40a6e8f178d744f487e13e05adf6027f0f8574d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "f0984c18117fca01caf55b018953cc5d11728a3b"
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 28500
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 a_sociedade_da_neve_poster_de_filme_da_netflix.png
cdn.ome.lt/lfezINybajCP04odI3nBIkYFsGc=/308x500/smart/extras/capas/ 273 KB
273 KB 66ms
65ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/lfezINybajCP04odI3nBIkYFsGc=/308x500/smart/extras/capas/a_sociedade_da_neve_poster_de_filme_da_netflix.png
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 738646c16773aef15b679917edb6279d6e63969ba3bc299e06bb4c0de325520d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "3ac9ea36afdfeaa95aaff2ba569da24d4b65555d"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 279223
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 berlim-poster.webp
cdn.ome.lt/KjKX1yYhP0DN3DPfbCgmaUzOSPE=/308x500/smart/extras/capas/ 32 KB
32 KB 78ms
77ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/KjKX1yYhP0DN3DPfbCgmaUzOSPE=/308x500/smart/extras/capas/berlim-poster.webp
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: db3ec29feaad61dc8943de34c1c0ee5fb7988daa4a7bbf4619a55d633f376c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "09d10ad0a5bb967c53184afc07b30634fc902384"
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-length: 32396
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 aquaman2poster.jpg
cdn.ome.lt/W_IChfLXitEpivRJ2j0WDlOXuU4=/308x500/smart/extras/capas/ 32 KB
32 KB 79ms
78ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/W_IChfLXitEpivRJ2j0WDlOXuU4=/308x500/smart/extras/capas/aquaman2poster.jpg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: c26f4e72b94e04baf21ae337ddf62accb340d9c38317b20efca960115cbd3f8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "5c751eeb56a6ab72e4e826e64a4f522f393f539e"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 32268
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 caos.jpg
cdn.ome.lt/m8rTVKpcA7cJukeDq2IC2xxBcKc=/308x500/smart/extras/capas/ 22 KB
22 KB 80ms
79ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/m8rTVKpcA7cJukeDq2IC2xxBcKc=/308x500/smart/extras/capas/caos.jpg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 3161e133ea15831f8acfcfae7ac19f170217fcd8c82b1d6c03f8441c94e54844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "6129d004b8b499509feae4c1fc3c9a047283181a"
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 22604
expires: Tue, 09 Jan 2024 15:34:03 GMT

GET
H2 200 unnamed_46.jpg
cdn.ome.lt/5GQ_CV6NQDXoa2YMkbSK5He_8C8=/308x500/smart/extras/capas/ 37 KB
37 KB 80ms
80ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/5GQ_CV6NQDXoa2YMkbSK5He_8C8=/308x500/smart/extras/capas/unnamed_46.jpg
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 064fa7ef2d21fc63c5ac4f8875dca4e5ac9f7c13c389c84b0b02883937a036e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
server: nginx/1.12.1
etag: "c416330b0f0d81d064db5afa98320e3b442c5d33"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 37732
expires: Tue, 09 Jan 2024 15:34:03 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 209ms
87ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.omelete.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
568 B 356ms
145ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.omelete.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 236ms
115ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.omelete.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
568 B 362ms
254ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.omelete.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
568 B 384ms
266ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.omelete.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 315ms
209ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.omelete.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 224ms
103ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.omelete.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 959 B
3 KB 388ms
282ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16280&site_id=118526&zone_id=559662&size_id=15%3B2%3B15%3B2%3B2%3B15%3B9&alt_size_ids=%3B57%3B%3B%3B57%3B%3B10&rf=https%3A%2F%2Fwww.omelete.com.br%2F&tk_flint=pbjs_lite_v5.20.4&x_source.tid=d86f8c4b-5511-4495-8d3d-24837e29482f%3B17e29d23-6c98-466a-a617-77fe7e433b47%3Bb18ee115-09cb-4bd4-aae3-47d7dc312843%3B0383e7a9-c3d9-4182-b26a-27adac2a267c%3B146467c6-35e2-4e87-a0b5-c0030a23a822%3B6ee7e56d-e8ad-4beb-b33c-587ad33557eb%3B226cc4a6-7d2c-438c-a7c1-6240f719215f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=7&rand=0.8540335226695308
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 41f13515e41e8a10e83fc334969c71f91a7a14d4f023945a7eccbd2b7233ef1d

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:04 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.omelete.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 29 KB
8 KB 338ms
279ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/omelete/js/vendor/prebid5.20.4-2023-03-16.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

d2338573a82d5a44daa4b5a13edee7a5b13ec5620a862bc8667ad995d0c3e89d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:04 GMT
content-encoding: gzip
an-x-request-uuid: 57a24017-e520-4255-a087-99f294c37b15
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.omelete.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.165; 84.19.175.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 eeaed78c-8268-4bca-9715-9bd07ae4a091 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
840 B 149ms
27ms Script
application/javascript 108.138.36.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/eeaed78c-8268-4bca-9715-9bd07ae4a091
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-122.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 82e2dfd508e384344b282a23ac94f79582c4c617426a8736e7824a8a08e6ea8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:47:01 GMT
via: 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
age: 2823
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: Wny5PhjyezG5qo9GJDCxpKGMC687vhki78u7RLBwEBe9li3Z_ue2gQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 26ms
26ms XHR
text/plain 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.omelete.com.br&pubid=eeaed78c-8268-4bca-9715-9bd07ae4a091
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 11:05:23 GMT
via: 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P2
age: 16120
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.omelete.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: ier3S4L5oFAC0A_gs_OvW371ktbmAbflgoTAqtb35Y83F5m4NnRtzg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 173ms
85ms XHR
text/javascript 18.173.159.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.omelete.com.br%2F&pid=N8PKMixNy7Esq&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-arroba-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fomelete%2Farroba_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-inferior%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fomelete%2Finferior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-realtime%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fomelete%2Farroba_realtime%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rodape-desktop%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fomelete%2Frodape_desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-superior%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fomelete%2Fsuperior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fomelete%2Farroba_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-meio%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F18178082%2Fomelete%2Fmeio%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=eeaed78c-8268-4bca-9715-9bd07ae4a091&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.159.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-159-32.muc50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P3
x-amz-rid: AEE1B85PK0FJ9QHJVGZF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.omelete.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 4fV2jZxgtUiPIoixfV4V4HltWW7nyQNFTSEP5gK8S15QvXfCck8gGw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 82ms
28ms XHR
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 04:54:08 GMT
x-amz-cf-pop: MUC50-P2
age: 38396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 0WsOu2OJoPegWpQHbi-1Kq4_YdzxaEPwoWYqyjB8zhBUYDbzYgV-bw==

GET
H2 200 88270 Show response
tag.navdmp.com/u/ 507 B
502 B 158ms
158ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/88270
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9d6066da42d61cf26a2c1ea6d50eb2abdfc5943c98bb39804e048ed612ce927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Jun 2023 13:31:33 GMT
server: cloudflare
etag: W/"64886fb5-1fb"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 842580a28be64d80-FRA
expires: Mon, 08 Jan 2024 16:34:04 GMT

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 126 B
874 B 135ms
38ms XHR
application/json 162.19.96.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.35 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy03.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.omelete.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 86

GET
H2 200 compass-multimedia-sdk.js Show response
sdk.mrf.io/statics/ 6 KB
3 KB 157ms
156ms Script
application/javascript 2606:4700:3033::ac43:9fa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=856
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9966dd73e3b6bd3309ea340c912de997aae36995155a7798a5eb036000111ed2

Request headers

Referer: https://www.omelete.com.br/
Origin: https://www.omelete.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
content-encoding: gzip
via: 1.1 368b317059d70e3ee45b9259c7201782.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: LHR61-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 94
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 05 Jan 2024 10:03:53 GMT
server: cloudflare
etag: W/"6e149db7eed9619ce5a01fc46778e184"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 842580a2ecb84d56-FRA
x-amz-cf-id: pt5z9iPYeMAjN3td_JIG_RF0Kscrnfqg0FNYhgI_CH6AMqrkO89AXQ==

GET
H2 200 render Show response
marfeelexperimentsexperienceengine.mrf.io/experimentsexperience/ 6 KB
2 KB 137ms
49ms Script
application/javascript 162.19.96.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://marfeelexperimentsexperienceengine.mrf.io/experimentsexperience/render?id=AC_nP7vFTr_QGW_ZmVqPiauWw&experimentType=HeadlineAB&version=esnext
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.35 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy03.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 2cea1b199a167029923331090b45413cfa8e5f1f15cc076f73c011e0cd1b862b

Request headers

Referer: https://www.omelete.com.br/
Origin: https://www.omelete.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:03 GMT
content-encoding: gzip
surrogate-key: experimentsexperience#AC_nP7vFTr_QGW_ZmVqPiauWw
server: istio-envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.omelete.com.br
cache-control: max-age=180, must-revalidate
x-envoy-upstream-service-time: 14
mrf-podname: marfeelexperimentsexperienceengine-669685d96d-5z8c6

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
431 B 506ms
497ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=88270&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a13c202f32effece28d1a8c0b45a7906d5b68f06d60514e4f3b4eb4d34f803

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Mon, 08 Jan 2024 15:34:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 842580a39ccb4d80-FRA
expires: Mon, 08 Jan 2024 16:34:04 GMT

POST
H2 200 recirculation.php
events.newsroom.bi/ 12 B
0 101ms
36ms Fetch
application/json 162.19.96.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.35 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy03.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.omelete.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H3 200 e87054ded32ae473684f.js Show response
sdk.mrf.io/statics/ 51 KB
13 KB 61ms
61ms Script
application/javascript 2606:4700:3033::ac43:9fa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/e87054ded32ae473684f.js
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=856
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29de72896b6c83b67a67bbbdd8b125541784c50c892aea043f3e7409c7899dbc

Request headers

Referer: https://www.omelete.com.br/
Origin: https://www.omelete.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
content-encoding: gzip
via: 1.1 0553d2c6f44677bef8e52cfad5faa5ea.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: CDG52-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 62
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Dec 2023 09:10:28 GMT
server: cloudflare
etag: W/"6d29da5f1031a7a6d4650f8d8b71306d"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 842580a3eb3d918e-FRA
x-amz-cf-id: ap3WLkHX5moZfgb1lXmVNiTjzoYVbIEd202RbjX6ZHpEDqqBS8a7Lg==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 941 KB
228 KB 956ms
955ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=470536533999614&correlator=2423524652149232&eid=31079957%2C31080129%2C31080283%2C31080292%2C95320408%2C31079784&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&iu_parts=18178082%2Comelete%2Carroba_2%2Cseedtag%2Coutbound-partner%2Cmini-booster%2Cinferior%2Carroba_realtime%2Crodape_desktop%2Cbooster%2Ccontagem%2Csuperior%2Carroba_1%2Cbackground%2Cmeio&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12%2C%2F0%2F1%2F13%2C%2F0%2F1%2F14&prev_iu_szs=300x250%2C1x1%2C554x41%2C930x530%2C970x250%7C728x90%2C300x250%2C728x90%2C1695x920%2C300x150%2C728x90%7C970x250%2C300x250%2C1800x1000%2C300x600%7C160x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704728044216&lmt=1704728044&adxs=1082%2C-9%2C-9%2C-9%2C315%2C-9%2C-12245933%2C-9%2C-9%2C436%2C1095%2C-9%2C1082&adys=2799%2C-9%2C-9%2C-9%2C2309%2C-9%2C-12245933%2C-9%2C-9%2C198%2C1072%2C-9%2C4085&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1%7C-1%7C-1%7C2%7C-1%7C-1%7C-1%7C-1%7C0%7C0%7C-1%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.omelete.com.br%2F&vis=1&psz=300x250%7C0x-1%7C0x-1%7C0x-1%7C970x90%7C0x-1%7C728x-1%7C0x-1%7C0x-1%7C728x90%7C300x250%7C0x-1%7C300x600&msz=300x-1%7C0x-1%7C0x-1%7C0x-1%7C970x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C728x0%7C300x-1%7C0x-1%7C300x0&fws=4%2C2%2C2%2C2%2C4%2C2%2C640%2C2%2C2%2C4%2C4%2C2%2C4&ohw=1600%2C0%2C0%2C0%2C1600%2C0%2C0%2C0%2C0%2C1600%2C1600%2C0%2C1600&ga_vid=1230367790.1704728043&ga_sid=1704728044&ga_hid=1827228218&ga_fc=true&dlt=1704728042572&idt=260&prev_scp=amznbid%3D2%26amznp%3D2%7C%7C%7C%7Camznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D25621597c9700c9%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.00%26hb_adid%3D25621597c9700c9%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7C%7Camznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D26ae4f15595d419%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.00%26hb_adid%3D26ae4f15595d419%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%7C%7Camznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D27487ac50840433%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.00%26hb_adid%3D27487ac50840433%26hb_bidder%3Dappnexus&cust_params=page_type%3Dhome%26section%3Dhome-omelete%26content_type%3Dmain%26environment%3Dproduction&adks=1299877804%2C3888980400%2C2343586216%2C3687926933%2C630818473%2C1865390909%2C798987849%2C1812812652%2C3127155630%2C753037025%2C3274805825%2C28181388%2C2667574814&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1a023b7af61e7028e7ad890de48afba8058d04150335e965f3d936583f7d962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233287
x-xss-protection: 0
google-lineitem-id: -1,6142193909,-2,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138430170751,-2,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.omelete.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8270 6 KB
3 KB 93ms
33ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.omelete.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:04 GMT
expires: Tue, 07 Jan 2025 15:34:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 92ms
41ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/e87054ded32ae473684f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 08 Jan 2024 15:34:04 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/ 216 KB
67 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68492
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jan 2025 14:00:20 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 158ms
149ms Script
application/x-javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=13f07d2474c449eba65967029810%7C0&acc=88270&tit=Home%2520%257C%2520Omelete&url=https%253A%2F%2Fwww.omelete.com.br%2F&upd=1&new=1&h1=Omelete
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 842580a6cfc14d80-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85639111796
https://sync2.navdmp.com/sync?prtid=2&id=85639111796&google_gid=CAESEIfesqEQhG2CF2Sq0bauHN4&google_cver=1

6 B
57 B

158ms
149ms

Script
application/javascript

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=85639111796&google_gid=CAESEIfesqEQhG2CF2Sq0bauHN4&google_cver=1
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 842580a758574d80-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=85639111796&google_gid=CAESEIfesqEQhG2CF2Sq0bauHN4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=78c5659c-15ec-4e00-8873-45b61e04cdb9

43 B
129 B

159ms
150ms

Image
image/gif

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=78c5659c-15ec-4e00-8873-45b61e04cdb9
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 842580a8290e4d80-FRA
content-length: 43
content-type: image/gif

Redirect headers

Date: Mon, 08 Jan 2024 15:34:04 GMT
Server: MT3 1237 600843f master ord ord-pixel-x12 config_version:"2224"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://sync.navdmp.com/sync?img=1&mdia=78c5659c-15ec-4e00-8873-45b61e04cdb9
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Mon, 08 Jan 2024 15:34:03 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

0
87 B

27ms
26ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date: Mon, 08 Jan 2024 15:34:04 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.94
content-length: 344
content-language: en

POST
H2 200 recirculation.php
events.newsroom.bi/ 12 B
0 39ms
38ms Fetch
application/json 162.19.96.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.35 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy03.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.omelete.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H2 200 dw-check.html Show response
experiences.mrf.io/passexperience/ Frame 14C7 3 KB
1 KB 119ms
43ms Document
text/html 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experiences.mrf.io/passexperience/dw-check.html?v=6

Requested by

Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.omelete.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18285
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400, s-maxage=2592000
cf-cache-status: HIT
cf-ray: 842580a99f5ad0c9-AMS
content-encoding: gzip
content-type: text/html
date: Mon, 08 Jan 2024 15:34:05 GMT
last-modified: Mon, 08 Jan 2024 08:31:32 GMT
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jan 2024 13:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6348
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 08 Jan 2024 15:48:17 GMT

GET
H3 200 1022132447830898 Show response
connect.facebook.net/signals/config/ 130 KB
34 KB 153ms
153ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1022132447830898?v=2.9.139&r=stable&domain=www.omelete.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

77220b52fd01a7dc6a0fc96e5adc57dae2228f2393a21278c73ff19c18b87b17

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jan 2024 15:34:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: nz2UHV5qE+GySNEKHyK2GbNepty3Pd0m7ZPB17pAlDv2OLBB4NYGIa6lhf4dN3rtCiB3h8i9F5TjInpmbKfuDQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 piwik.js Show response
analytics.ome.lt/ 66 KB
66 KB 934ms
221ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.ome.lt/piwik.js
Requested by: Host: www.omelete.com.br
URL: https://www.omelete.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
last-modified: Thu, 21 Mar 2019 20:50:56 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5c93f930-106ad"
content-length: 67245
content-type: application/javascript

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 120ms
71ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631b5d2af27fddf577d1710a753620c74dcf6657f4e4e05c7864031e68fe364a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12173
x-xss-protection: 0

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
782 B 38ms
37ms Ping
application/json 162.19.96.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.35 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy03.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.omelete.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 30ms
29ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1827228218&t=pageview&_s=1&dl=https%3A%2F%2Fwww.omelete.com.br%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Omelete&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1538809192&gjid=2082770492&cid=1230367790.1704728043&tid=UA-1826697-1&_gid=967392222.1704728045&_r=1&_slc=1&cd5=main&z=1729842581

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.omelete.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 29ms
28ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1826697-1&cid=1230367790.1704728043&jid=1538809192&gjid=2082770492&_gid=967392222.1704728045&_u=YADAAEAAAAAAACAAI~&z=1158331845

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.omelete.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 80ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 15:34:05 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 45ms
44ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1826697-1&cid=1230367790.1704728043&jid=1538809192&_u=YADAAEAAAAAAACAAI~&z=1451998943

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1826697-1&cid=1230367790.1704728043&jid=1538809192&_u=YADAAEAAAAAAACAAI~&z=1451998943

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 20ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1022132447830898&ev=PageView&dl=https%3A%2F%2Fwww.omelete.com.br%2F&rl=&if=false&ts=1704728045137&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.2.1704728043013.1828020652&ler=empty&it=1704728042854&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 Jan 2024 15:34:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B8BB 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.omelete.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 14:08:44 GMT
expires: Tue, 07 Jan 2025 14:08:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E67B 829 B
560 B 30ms
30ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ea91a1c266e5d8673a6636bc48927e5e222ac94e38f009a1fcfa08d3631118b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v1jLyEQjX51TzbkgxyTMlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.omelete.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-v1jLyEQjX51TzbkgxyTMlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:05 GMT
expires: Mon, 08 Jan 2024 15:34:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1BED 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.omelete.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:04 GMT
expires: Tue, 07 Jan 2025 15:34:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 28ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WQ33SP58YS&gtm=45je4130v877053132z8867967661&_p=1704728042585&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1230367790.1704728043&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1704728042&sct=1&seg=0&dl=https%3A%2F%2Fwww.omelete.com.br%2F&dt=Home%20%7C%20Omelete&en=collect_dimensions&ep.page_author_name=null&ep.page_content_type=null&ep.page_date=null&ep.page_theme=null&ep.page_section=null&_et=1006&tfd=3804
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WQ33SP58YS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.omelete.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C56A 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.omelete.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:04 GMT
expires: Tue, 07 Jan 2025 15:34:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E5D9 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.omelete.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:04 GMT
expires: Tue, 07 Jan 2025 15:34:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B76 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.omelete.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:04 GMT
expires: Tue, 07 Jan 2025 15:34:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D01 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.omelete.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:04 GMT
expires: Tue, 07 Jan 2025 15:34:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9457 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.omelete.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:04 GMT
expires: Tue, 07 Jan 2025 15:34:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5083 624 B
307 B 61ms
61ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUudCHA9QE-HyrerOD5Qaj1q-Ce227w4gyt6R8DudD2-fyHGA4cxSNalKfZl8zpu032qMTiCvQ_AOwJwnDrQU5HM9hjdFc5BlzZDinros11UE3IJIdUWx0ToYUYTjyRdMzAEsFZaf--AMTRnZcAMOndkHh2C_uKt5hEnNgr5kXko0XM5_A

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1BED 111 KB
39 KB 106ms
18ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Origin: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 21:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Jan 2024 21:44:20 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame 1BED 7 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:37:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 1BED 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:42:56 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1BED 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 1BED 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 12:23:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 408B 1 KB
643 B 23ms
23ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 09 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 1BED 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:12:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BED 42 B
63 B 60ms
60ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQDqEjL0FBaexZv-IlhmAzXK_-4de6cwQ1zjeM4BDp7_zAEiJx1HkoGNsNQY_SCbXYz5PVgrOmNX1Em6uzUz9lXTvshvuMxcMizBGqxTw5SDbOgGQ

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1BED 0
0 30ms
30ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkD7e6NS86Wl1naXI6GC-D7xIMecCCg4YiDXzkUV5lneAeXQRA-mto0UmGNUHPqXPbWRDtR9h43nXFWsqksr1-l8MfcA
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BED 204 KB
65 KB 112ms
52ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:34:05 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C658 640 B
308 B 63ms
63ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNVKMT2IWI_2JHsA7qaGUJ0CkyCyTf3vG9KNcplBiAZp8RfrPsKh7DP7squ-hf8kiJO-70smaVs6q-Lln03Smbx8XW7sErvijURa6Bo33BCyP-udroAZffNTtpmZMlOdAOlzbXlSu26Jha85yUzDS3U_ujDcJ_87Bh_HBNWiFcqyCgm6swc

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C56A 111 KB
39 KB 122ms
54ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Origin: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 21:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Jan 2024 21:44:20 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame C56A 7 KB
3 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:37:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame C56A 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:42:56 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C56A 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame C56A 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 12:23:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B630 1 KB
643 B 24ms
23ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 09 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame C56A 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:12:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C56A 42 B
63 B 63ms
61ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMA0BuuTFMKnHIz7G6Qpuf8Mbhi6stxYzbk3IokHREFJsSVRC7Nws41IKD1_MEhh0G1xaFuHb7b7zNswJ_GT_0tRIZ8-jRDhxmnvilm1fSKro2l6Q

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C56A 0
0 33ms
30ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQELjvvO8n0nmxlIPX2TvBjutSAKBCkFB1X-GuVbZasXlauWpIIxVerHTM3InKdCsku7jEM6Jv3xzpVftwlSMlOjoEhQ
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C56A 204 KB
64 KB 166ms
124ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:34:05 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DBC5 624 B
285 B 69ms
60ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNV15OtEKTzC8qeYnF_uwdIjy2UjlUbzCY-MiBNbKer8GZm5Zp_jWml4vCCC1MlRMAqM7WFR8P0CCQM46a-0AQhOUntplW5pzN6xT2VsVZbgB-dkEaB8f-4vrQ_umHD3c1N74_3hNZbs13gBzjD28SWo6qI2_vIHWW5CBqFRo2bl9tZiYJg

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E5D9 111 KB
39 KB 100ms
40ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Origin: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 21:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Jan 2024 21:44:20 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame E5D9 7 KB
3 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:37:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame E5D9 23 KB
9 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:42:56 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E5D9 41 KB
14 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame E5D9 3 KB
1 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 12:23:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D4F3 1 KB
643 B 24ms
22ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 09 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame E5D9 20 KB
8 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:12:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5D9 42 B
63 B 57ms
55ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_vWAl2P1q7PxG3miR9Y_RaYHQLuBRD7bLekr6AuqGds-53VXHLtzNyBZWNnDdBGBn8JCfHcMjvFUlWajgbrRXqGd00scf4WLqfECELogZEzDibv4

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E5D9 0
0 40ms
38ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2lrIe5EvpGGOb3thKlPY6JbH4bynWIdbwcABCGoZwvPtJlDEesXf2kYMT3Elrvz9aJ-r3XBC3rU9v43BdAUtfGlkaIQ
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5D9 204 KB
64 KB 126ms
93ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:34:05 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1B1A 640 B
305 B 62ms
62ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEPWIy-AEGNih9foBMAE&v=APEucNV8cbqwtztQ0Egctg748Ekl4OyM8jvoID99gULYWwgWeVwCZGivC9twi89B1BvijID7iKPuqwZEm5krO-xPffl2ILKsSGphwe__UKicuHHvJ8dmrapnd4G7pzunPH19GsOkDWezkJTgmxn6CYsCpftaVsoMCXi1GLfbblxH9Pwi46_MjTM

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 1B76 23 KB
9 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:42:56 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame 1B76 7 KB
3 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:37:58 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1B76 0
0 119ms
66ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstTS3rUKU48LRJIBLUj1FIf0K8u8jSbVRc4NGAX-hejPxJ16mGMVkfNJoAVxsyFeOUoWO5LTNcqQMUiMK8Afy1OcuEzaBZ2Thul5kFQVHbijx5igXNcue-f-jC_xo-pa_BQw8kcB3AFWDsTa5boQcBXozefSyUCAYAWIyDunLWEEKrR9zQehtJI86Vj3car_Sp_R0SPr2BMdjVbejUgakvdmlZSqBZR_Xj60iNOC3q4DLjAD4Ia6mKi3sasU-VsxbFS5Xj3LkVSHiQYNt-tOOgZmzG4UGnCIUw0Bwi07wmIM7h1aH-kvR8ew1kM2Qmt-nqwiegH3sXJiENW2oh7lpp8cpCoIVKgwcTnKPIiVByBqGWD3H0xU7sIy8juO-VUUik4z1WVt1-O5W10y1Oxj5J-UrTUOLatr67-uRHTANnx-Jj7X6cPQS8fr64NwKh30Mu15eab3ASD_ydPBKAXO4BaSxPJv27v0uxhHNZep9UoEomKzgkWdX2fWhsGCBOEo2QqtjDSd-jTqPBfJPMUZp3JvHnb6X_yFd-kd4PCiPMPEiSla11ntdxvm7H0BbV8T0w-D5KuIfwkQOKmDZJotV4LREjBVHHe_MkpbttwoZ15HrIe32_e6BgJJ2U15zwaIcoGn9NKfcYtC821Tjbc2kQPQyeikuysvosFpFByjb_ppkU47ywKevu-t3QqL4peZ3Yc3XmuqizSNFry5vPje9fCRB1JTVyXmim1Gvi0Doqd-Mz4RogN-mD0qSRsVHlAOFBnPobUWuTPx8Zrw4KlzheVfU7hXCtnQczFgRwrlvOGvKQOecMsxL-p0N6UUXDkU4YCz0FhoSa_XsS-Gf-_-jhjWQ_m79VDxuEJ9fUQO-lMqF9HGtXCf9KpgpvyJKbhZpFAm4oc3TXjQXV10QVz4_32QICuKY2C4xSlLqHHnX-CdFLVEGjqyI1Qx2vnQuWj_lSw0ZZJ0-sVZr-HqY4yONUgy29T3Tul_4rhZXldxalEOQWm2SK02iiuzHroulAT378sRwy2w_DvVvlbU8SjBb3vpX9w4RUPrWrFDeApHZH2ANBuF8h7u9p6ckIctevSg1b2588BFIl4F-c9QjAoZOC0CkCEFOaqNeG0PpEJLEIcRPaUyZ5hVjAdJ1Ficgj8uM5P6rIiWvR_cIfcDg8VypoqgQWs21rdAJL6X5RvsacI4bHWQFXBSzsETv--PlJP5e_wLnO270GrDyLQM9Q5G9aFZSu-ToKNILCCvDcGSV_OFvlgiKgEAxc5mNRuRd2qMxANwYgZvKR7i1HhLNIt4SqEhdj-4f6B4V-8eLCLLksKQrvn2rK42cv26O2W0XrTU1NNhDZ6p7MEaLI-7GMrZtvNe1WN65Ro70fKnafVxYZrqbbGGEI7n5Ar3P6G9xDNt5KIh16yXuhitPeBDhbGPXYhWYns7SAteiaj6NXfVo7dCoGoLIuQAa01mprGQTeKm-cggbOognv-n6TZK2nMeLAU9lgQ_Z4dG4pM4Jx1XZLDjCyqJ-J29ylVRZE&sai=AMfl-YQGiAYkD2wNxcFijWVBFiS432ITYNxPRQmP7e8qQyq-dPt6D-zOV_xfWjqD6IyXzmutB7HU3coat6wMJWOWg__S2qc03sY34hvGO7QvrWGtiJk10DfXqZy-AX1TNpxg36e5Bg3f1ccUu7UA0b4Eaxf3-kircWxHEB3AIwNnIksaQ5YQbZMoPc-0qsEyq8ef6L5waT5kG8IzYEePB2oXekkTIdWaZuUz6b4E0Cn6slgOTC1hJ8odmDDvokPdjuzZWFnzcv5O0avhUH6sI6yutiv5bXYfVnlhawq9Wq95SGV0PTKfe6qGXY9_ijH_AwhPulTu7lqvEeM8utVsPLa6k2YSDXdZUvy_tPGph0LODfgt1yM4IvN4a1Z-02yoLFurMRal8AVVyA0YiogmaddfiQHUhOuaADOMUvCUoNNFPZHH19tkKa3rMNs&sig=Cg0ArKJSzM19mKsf0xLPEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZWljYS1jYW1lcmEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20240103.42068&arae=0&ftch=1&adurl=

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B76 41 KB
14 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 1B76 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 12:23:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B3EA 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 09 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 1B76 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:12:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B76 42 B
63 B 57ms
57ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ApgkOVzghCWG3bYOMq-vnj2UaJC08OKHCHMDKhvX8pt1N-zISQ5jgx0MAjpGTSn3kfEiTR8PWjq5ZlMOD7kK2PcfoBUKou8a-5iUCPs0WTRZdhJlA

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1B76 0
0 40ms
38ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQYO2rGNxv5hYR1-OFLtWJ2gO07GEh4qWAgYXRi13C7UN2PGHOFQEqftZgXhUKyiSm7epqPooDjnHnK6Oc7uxZnCpJew
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B76 204 KB
64 KB 161ms
137ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:34:05 GMT

GET
H2 200 2212300329896745122
s0.2mdn.net/simgad/ Frame 1B76 168 KB
168 KB 91ms
44ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2212300329896745122

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d0656d441b3f89bca9b47d53f7d5ff82324290779a2aeae4d6f759577b874c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 18:44:01 GMT
date: Fri, 05 Jan 2024 18:44:01 GMT
x-content-type-options: nosniff
age: 247804
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171600
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 09:31:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8FBB 466 B
235 B 66ms
62ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLLC3d4BMAE&v=APEucNVhYmm_pO_SQlc3hjrlrkibFSBpNcMRQgV9WXYLMbLsY0fMVYAVeILFDT1xTU7KMxNrgah_vpXHm68ZzwfTgOjWX7lkkARYaGV1KBco9K0HB9BD0J5gFXqqAZF7Wu_SJAa_Zt6WkBqvn6kF6unrd_HujrTPWPWZ622-R8WIEs2NerrW7Qw

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6D01 89 KB
31 KB 88ms
84ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:34:05 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D01 42 B
63 B 58ms
55ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CzfhvfkHHQb2Q5SOL41qj2tqHqZx_wk79jnh4wkANp_NrmE3eWJ7vFvFMO10Dpc2NJiW5VT7VYEkdGGi5kXwaWRQAKfyGBnQsqKOvg1Jb5Oy_jrqI

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 6D01 3 KB
1 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 12:23:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 6D01 20 KB
8 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:12:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6D01 0
0 39ms
36ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTe7mp7cryh1GJjuMIDBwzSWrTiG90z96WgPJa2fGKIvIZm5tUtceSRvSkf64e63DXaLEscrJ5ng4FYy7-xfWakfR5xkg
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D01 204 KB
64 KB 149ms
125ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:34:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 35ED 640 B
262 B 70ms
66ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYi-3DggIwAQ&v=APEucNUbe_sm37T_kWw37YbxrX6DaQXqoNfWpQe_8Xl5jLSm3e4gk2cL5q4cqTrxryrzegCSNm78UYKgnKKHzLADGB28BGtKXAvRlZkkg3Ki3JGYi984ERj3-QHC4wxf_6DirbaYdRmErVGGUPwbfK8Jh5CkR7hiePZcrys-ya73BUgkUJSLSKc

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:34:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 9457 23 KB
9 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:42:56 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame 9457 7 KB
3 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:37:58 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 9457 0
0 111ms
65ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssdIN8AaCJtyWE_-EhhT5bS4Zk24lwPwhKr57Qy470Eo2O3GCOiESAsTtYrVQBizn1-K7uXSQ9PlPTpzMIzHqws_uRR-49NN4flO20eh4jA2AhnYWtaoQEHICxdCHfLCT1Z1c-P51ifqVh5DxskNusEamQjnihoUL_TosTET5xicRfDp9lzLz-BPVA85Uw4vVcTe3fGoDZExNCUoDCB-NSRAZNl-8g3LQDFeU-7VSXQShMgpFHbz122-5Z1OYKZ70Lcz3YWdLCLjqIwo5H4_wljMArkGZWE5sSNMrIdnWKbhcqhnzozzfDo2kC9EqriBj4fCWZZjEtK3UHc3BRaoUGGRCsv6vIJuCcS2G_-aixT0f2mTIcyMdaOh1JciRftBYGYpsx_CZL1tCtxRhbOcu8nmzb_4hgd8Qxi964KJFYTP7OP0UZ_ElomDBumk_Oc5BS3ntad0AeuYdM0J6XMcCCk_ztr499I2jwnJutgcyEh4zU5aW3euZBFlan27h-OzM2mb5vLmyXmIEB_2hcSbps9GW2PVQBO8H_4betXcBxgiK0k2nnCGLj1H9PTeCRKU3CeUxm8NiSIW7BlWncWNvdIZTJjU9L5IUB2XKIqWa-EhEJEeSpzTlWkH__yJSVkGILiYpj2ypf_JX4Q4zfp9QxwBksRsWcFOI5VF8_rh6N2oWyzywVTe2giw07xmzHWW7_efyjDI2itznRGA-I8VhDcugDmlhtOzbsBsCaw6A5o_FsiZDV55iVKzsjcfM9YcV4iKGqw5HCsztSioxnObe0UyRlOm-4vcR1Mn8sPTN5shCSYHzBNRmGUHZ3nCHmN1lVPPG_70rJOtXvQP2W4yJbel5ortvOmXHI51t23Do9p0Q0tca0apydugvUkix2OzB-TDRlr-PmtwLfBL5rgspD9A1tFOLH2anPmstWoEj_lYzQmCSmBWj9P491W62kbJCNulZdWOO9jwspoiQmnD48vjRy1dWhcXFzj4XKNNet4SVA4BcgsIhmIQKUjnPVEgTsCQimzt7-s5ynFQmY2JHRWlLrGhiqorfdh1fja8KpWtkm2XFzdsfueo6VNhKnenK5TiG5gpO2PkYeJRy2_2xyzMvTjEMF1aUGmHVQHq2ifwp37bswFDosEgIiLaG4m3Z8bFPqkDhqP28I2eHKI1NWmtDnI7ZxFiCzc9UvtOU722ZlFwRZsMmAB-vhYsC3KuMNcCMZRkVLaNCSSgyB0KHolbkNtDpCuOTtLlyT7kLaZ7PMgiVzB3mCJXoUHXRFgMcKq5W_C3gThOmYqTFfdBzBTWCFEKJ0EhXP2Oh9iwntvFRTcTCprZgwmGEwyHC1Uv9PdiDA2OxeXqC-znf3rnjmphmV0UxA2F4IzNO7qOdMWMIf5WvVSizjypYXsvI934PXUHEaH_6CvrHxQvitXVm2RIQ0jk28vxMGMrjdgKtPswrk8W_ez_I7Fuev9N3Po48AIZwYdIb0HIqjWkGSeKe2RhQK1c4BFBdPdlc7n1wRe2To0JETZ63A4&sai=AMfl-YQuAcXn-mnhlx1VdNZDeoYNqHTVDxm7i-Z_lNQwv8qrW_y7jUzz7wT8ctGQiBEyd44j7vPdUcNDwRGCsW7WxoQnjz6CqHbWXY4bwafO0svvAbZiQqcMv06jPhy0tbKjPOn06fBIL5DAwouMq_8MRT2jWRlesEl3WguviqlGZtKJ6ERMVb4Cx-_NSz8_4GXN9qT5YoOpjOxtNqCPrFC9LGCw7XA3H9dGyiZzukl-7NV9Cz-xxj4jNl5m5F6cgY6eFpXTytsTfcF6B6806anG_4QeG6OSftBJPNtFMxrOS_iNPAih0T7IHlR8nQMB_SEyWPZdc5ORB9l0ORotMcf_yEte6h3LyetOcI33GCbKy_XbdPx2Qc_vHLhON8oh0uR7A29-Bfwlc77uaWrO07YKe3G5kE2G2egxHdpWmZGSl1kcLC3hYc1bU4A&sig=Cg0ArKJSzNGZzQCO_W17EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zcGFyaGFuZHkuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240103.79047&arae=0&ftch=1&adurl=

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9457 41 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 9457 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 12:23:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9C73 1 KB
643 B 28ms
28ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 09 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 9457 20 KB
8 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:12:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9457 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BW0A2UqhourKuQVFX387nOxzsAU7jz2DR706cr60TNhfAPPWaByHHHQ9bmN2jAFnjjbigTxl6MRbjVZ37u570GXa9XlhmRHPfjyXQvJ7ADOvDpnEY

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9457 0
0 36ms
36ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDgF5deixqgFAvY_SVGz2WKGw4LgaR_Eo8vDhHeYHhWH1D5Xj5AL83NAZIX1IbS_z3bnhY_S2a6ZXCqOYPPM_DWEMj8w
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9457 204 KB
64 KB 160ms
144ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:34:05 GMT

GET
H2 200 6717667867514003647
s0.2mdn.net/simgad/ Frame 9457 77 KB
77 KB 62ms
23ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6717667867514003647

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f96d5fcca3c9b5a3c11d3ec60bfdf0e152e4825b566537e083839a492709506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 02 Jan 2025 16:32:03 GMT
date: Wed, 03 Jan 2024 16:32:03 GMT
x-content-type-options: nosniff
age: 428522
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78563
x-xss-protection: 0
last-modified: Wed, 27 Dec 2023 16:21:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E67B 0
0 61ms
55ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=470536533999614&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B8BB 39 KB
15 KB 28ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 14:08:44 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5083
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1&C=1

43 B
769 B

80ms
80ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUudCHA9QE-HyrerOD5Qaj1q-Ce227w4gyt6R8DudD2-fyHGA4cxSNalKfZl8zpu032qMTiCvQ_AOwJwnDrQU5HM9hjdFc5BlzZDinros11UE3IJIdUWx0ToYUYTjyRdMzAEsFZaf--AMTRnZcAMOndkHh2C_uKt5hEnNgr5kXko0XM5_A
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNZnVE%2Bj06EF%2BBowU7lrrEuUJCb9d8BnQJiR8ZYNbIxubVKtoYGXLUReJ3SAjyPsKw5a7t0vAu7ERreofdgxHUwufHKUD6hmMXsTndn%2FzDK9D6ht2gv1KsR13oHRx0ASs8hi7JbJp%2Bhzeg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 842580acfafc2675-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyd0TBCiLwu%2BBvxMolcGexhreh3iiTPOpePzMFSi6AKLNos9Rjz40Vm%2FRsFK3TsmDtsdqIHdJMgrh95zNeSuCbag%2FRa6gJ%2BEk8G0%2Bhi36B9Bvdt3KZ5cBi%2BKAYfHLNY4eUXTjO%2FLa8HuXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1&C=1
cache-control: no-cache
cf-ray: 842580ac6b4a450a-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5083
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZwV7SLwBtvPfBlGz4u9NgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1

43 B
738 B

64ms
64ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUudCHA9QE-HyrerOD5Qaj1q-Ce227w4gyt6R8DudD2-fyHGA4cxSNalKfZl8zpu032qMTiCvQ_AOwJwnDrQU5HM9hjdFc5BlzZDinros11UE3IJIdUWx0ToYUYTjyRdMzAEsFZaf--AMTRnZcAMOndkHh2C_uKt5hEnNgr5kXko0XM5_A
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9lKhvHZdf1WQooKKi1koss74L7qKlqv5kgAk4RkPuq4NPhBN0aw%2FMTgPlAPVyjVnjnBvrRY%2FbxorzhXqFDUqmTmIWnu3m37tmgM%2BnHSFFO%2FEbZFWlvIaCPi2%2FDDOm0%2FJElBIJlcmfCKJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 842580ad3ba12675-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 5083
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE-7_YuGoGpr33MCvKsSQQg&google_cver=1

43 B
1016 B

26ms
26ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE-7_YuGoGpr33MCvKsSQQg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUudCHA9QE-HyrerOD5Qaj1q-Ce227w4gyt6R8DudD2-fyHGA4cxSNalKfZl8zpu032qMTiCvQ_AOwJwnDrQU5HM9hjdFc5BlzZDinros11UE3IJIdUWx0ToYUYTjyRdMzAEsFZaf--AMTRnZcAMOndkHh2C_uKt5hEnNgr5kXko0XM5_A

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
an-x-request-uuid: 8551da6f-b341-4a38-b48d-6f24879e9a91
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.165; 84.19.175.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE-7_YuGoGpr33MCvKsSQQg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5083
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0ODA2NTYwNzY2ODE3OTEyMg%3D%3D

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0ODA2NTYwNzY2ODE3OTEyMg%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
an-x-request-uuid: b0aaa596-6ba3-4958-acb8-d787cbe18f71
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0ODA2NTYwNzY2ODE3OTEyMg%3D%3D
x-proxy-origin: 84.19.175.165; 84.19.175.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 408B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_push=AXcoOmR8On8rIVcav7LWrGr-fdhao3XjyjISRbg-g-M4UNil1LR51fYyqn...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_push=AXcoOmR8On8rIVcav7LWrGr-fdhao3XjyjISRbg-g-M4UNil1LR51fYyqnpKf5QWo2_44iH8QzreJQj3gSquKb0f4VGZ3ejFkjU2

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220026-FRA
pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1704728045.449632,VS0,VE98
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_push=AXcoOmR8On8rIVcav7LWrGr-fdhao3XjyjISRbg-g-M4UNil1LR51fYyqnpKf5QWo2_44iH8QzreJQj3gSquKb0f4VGZ3ejFkjU2
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 408B
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKQkpTcNgqOGdT4HL9Uq_3Y&google_cver=1&google_push=AXcoOmS-SOkYca4FfVob49FJgkuurtkWEF2ShkjQgldYYSs60PNPRoTiQgKw63u-kC99KHmjb0Pmx6MLy5TQPukx7QCGi-2SIZu0
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EDCF97B43B0D4F4287C16D621E11A14C&google_push=AXcoOmS-SOkYca4FfVob49FJgkuurtkWEF2ShkjQgldYYSs60PNPRoTiQgKw63u-kC99KHmjb0Pmx6MLy5TQPuk...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EDCF97B43B0D4F4287C16D621E11A14C&google_push=AXcoOmS-SOkYca4FfVob49FJgkuurtkWEF2ShkjQgldYYSs60PNPRoTiQgKw63u-kC99KHmjb0Pmx6MLy5TQPukx7QCGi-2SIZu0

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 08 Jan 2024 15:34:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EDCF97B43B0D4F4287C16D621E11A14C&google_push=AXcoOmS-SOkYca4FfVob49FJgkuurtkWEF2ShkjQgldYYSs60PNPRoTiQgKw63u-kC99KHmjb0Pmx6MLy5TQPukx7QCGi-2SIZu0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 07 Jan 2024 15:34:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 408B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDkp8eIDmcpJt7kBP-fo6ao&google_cver=1&google_push=AXcoOmTJZy56gtuq_K9HVjGVZW7P87pw-pY4Cr_A52X7sURIfdxxoVcJBZ8ScrTAdVZThJOcj-5PPje0R5jAx-FHs_HD0XZ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTJZy56gtuq_K9HVjGVZW7P87pw-pY4Cr_A52X7sURIfdxxoVcJBZ8ScrTAdVZThJOcj-5PPje0R5jAx-FHs_HD0XZNzgg&google_hm=eS0udkc2MTJsRTJwRnBNNHJ...

170 B
188 B

31ms
29ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTJZy56gtuq_K9HVjGVZW7P87pw-pY4Cr_A52X7sURIfdxxoVcJBZ8ScrTAdVZThJOcj-5PPje0R5jAx-FHs_HD0XZNzgg&google_hm=eS0udkc2MTJsRTJwRnBNNHJhSi5vMUY4bkxLSEhjYUhZUH5B

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 08 Jan 2024 15:34:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTJZy56gtuq_K9HVjGVZW7P87pw-pY4Cr_A52X7sURIfdxxoVcJBZ8ScrTAdVZThJOcj-5PPje0R5jAx-FHs_HD0XZNzgg&google_hm=eS0udkc2MTJsRTJwRnBNNHJhSi5vMUY4bkxLSEhjYUhZUH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 408B
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEEpNpQOTDzJoNPepVVTrsoo&google_cver=1&google_push=AXcoOmTjc816w-9qYKbepHJS37_qV0_CuwKrSYsSZlP8vcGjcHq9-ARKQRx28St_d9bqOQWQbFWtddS4Be9H-j_GxHrlsYe...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEpNpQOTDzJoNPepVVTrsoo&google_cver=1&google_push=AXcoOmTjc816w-9qYKbepHJS37_qV0_CuwKrSYsSZlP8vcGjcHq9-ARKQRx28St_d9bqOQWQbFWtddS4Be9H-j_GxHrls...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTjc816w-9qYKbepHJS37_qV0_CuwKrSYsSZlP8vcGjcHq9-ARKQRx28St_d9bqOQWQbFWtddS4Be9H-j_GxHrlsYeE4RE5

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTjc816w-9qYKbepHJS37_qV0_CuwKrSYsSZlP8vcGjcHq9-ARKQRx28St_d9bqOQWQbFWtddS4Be9H-j_GxHrlsYeE4RE5

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTjc816w-9qYKbepHJS37_qV0_CuwKrSYsSZlP8vcGjcHq9-ARKQRx28St_d9bqOQWQbFWtddS4Be9H-j_GxHrlsYeE4RE5
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 408B 43 B
362 B 653ms
267ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQrTLDuCyRppuVD9maIX7DG_th3UbzZsfshtpeO0qWGAD03t7uIL-UPew9fpEovpningHfdrwFl-QkvzMIutEH007G7namn&google_gid=CAESEARGEyrUHU0ZvYI7cM0h9nI&google_cver=1

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:04 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 211747
expires: Mon, 08 Jan 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 408B
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENlv-eraKLhMf9Tvh2mc300&google_cver=1&google_push=AXcoOmQvcDI1JihH3e0pVyTKVsUUALM0uxh6vUpxLJ3an6IThqdvt7Q5RF1hHrR2W6y21050wimfg6dna4hK...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQvcDI1JihH3e0pVyTKVsUUALM0uxh6vUpxLJ3an6IThqdvt7Q5RF1hHrR2W6y21050wimfg6dna4hKsiVPZ2Yje33fWzo

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQvcDI1JihH3e0pVyTKVsUUALM0uxh6vUpxLJ3an6IThqdvt7Q5RF1hHrR2W6y21050wimfg6dna4hKsiVPZ2Yje33fWzo

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQvcDI1JihH3e0pVyTKVsUUALM0uxh6vUpxLJ3an6IThqdvt7Q5RF1hHrR2W6y21050wimfg6dna4hKsiVPZ2Yje33fWzo
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 408B
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELpy0Jf9gU8sCxN1vhS822A&google_cver=1&google_push=AXcoOmRGGCv3OeEJ5In03ffq-zBgC8RTtT1oY91tbpZa0zPUvI7l3MAs_PMRw86toSptFGYRs9Lkh1hIXH_CXOypq6SVHn3uVb0
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRGGCv3OeEJ5In03ffq-zBgC8RTtT1oY91tbpZa0zPUvI7l3MAs_PMRw86toSptFGYRs9Lkh1hIXH_CXOypq6SVHn3uVb0...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYwNDUyMTk2Nzc5MDA3MDIwNDMx&google_push=AXcoOmRGGCv3OeEJ5In03ffq-zBgC8RTtT1oY91tbpZa0zPUvI7l3MAs_PMRw86t...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYwNDUyMTk2Nzc5MDA3MDIwNDMx&google_push=AXcoOmRGGCv3OeEJ5In03ffq-zBgC8RTtT1oY91tbpZa0zPUvI7l3MAs_PMRw86toSptFGYRs9Lkh1hIXH_CXOypq6SVHn3uVb0

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYwNDUyMTk2Nzc5MDA3MDIwNDMx&google_push=AXcoOmRGGCv3OeEJ5In03ffq-zBgC8RTtT1oY91tbpZa0zPUvI7l3MAs_PMRw86toSptFGYRs9Lkh1hIXH_CXOypq6SVHn3uVb0
date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 408B 0
50 B 43ms
26ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lfk0Qymsqn3lNRaPOuywsfbHIRvKeXGs-34hnY0NUUOmDVpJq2tr253AGiAzP-wFWlHStL

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 1BED 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e8e1b0a50cc234f74113697100ff7859b1f67a98cef4938f5605de9fc3f7e02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E9AB 38 KB
13 KB 29ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 539327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 09:45:18 GMT
expires: Wed, 01 Jan 2025 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B630
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMCkUUBy7_KCVZFwGzdTiao&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMCkUUBy7_KCVZFwGzdTiao&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NU9YSHV6MEUxUm1SREQ1&google_gid=CAESEMCkUUBy7_KCVZFwGzdTiao&google_cver=1&google_push=AXcoOmR9VB6B32hrsETgXScY6rchlboebAaCEFDfjElLs0o...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NU9YSHV6MEUxUm1SREQ1&google_gid=CAESEMCkUUBy7_KCVZFwGzdTiao&google_cver=1&google_push=AXcoOmR9VB6B32hrsETgXScY6rchlboebAaCEFDfjElLs0ozNvkjxzynxeUaWWIZJrgdDxFtrAbLGzEDpOeT5PdjBR6Dyonj4w

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 15:34:04 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NU9YSHV6MEUxUm1SREQ1&google_gid=CAESEMCkUUBy7_KCVZFwGzdTiao&google_cver=1&google_push=AXcoOmR9VB6B32hrsETgXScY6rchlboebAaCEFDfjElLs0ozNvkjxzynxeUaWWIZJrgdDxFtrAbLGzEDpOeT5PdjBR6Dyonj4w
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B630
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEF0yaApO-9zkVHJaRisAw2k&google_cver=1&google_push=AXcoOmTSRxZYF2BkabnGTRKfL6FEkxgxsLAh1y7ZQ-uWSJwIfzIWgXAY4qY5g5Bu7y80uH1oAlaOQeBQ_VM4v7yW...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dsoDugSzS1MkmhWqHGdXlw&google_push=AXcoOmTSRxZYF2BkabnGTRKfL6FEkxgxsLAh1y7ZQ-uWSJwIfzIWgXAY4qY5g5Bu7y80uH1oAlaOQeBQ_VM4v7yWC8ZNcmuKNZ4

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dsoDugSzS1MkmhWqHGdXlw&google_push=AXcoOmTSRxZYF2BkabnGTRKfL6FEkxgxsLAh1y7ZQ-uWSJwIfzIWgXAY4qY5g5Bu7y80uH1oAlaOQeBQ_VM4v7yWC8ZNcmuKNZ4

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 08 Jan 2024 15:34:05 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dsoDugSzS1MkmhWqHGdXlw&google_push=AXcoOmTSRxZYF2BkabnGTRKfL6FEkxgxsLAh1y7ZQ-uWSJwIfzIWgXAY4qY5g5Bu7y80uH1oAlaOQeBQ_VM4v7yWC8ZNcmuKNZ4
x-host: tde-deliveryengine-production-5db7bf8975-xdvkc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B630
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDkp8eIDmcpJt7kBP-fo6ao&google_cver=1&google_push=AXcoOmQmLJTp_EBhlmUC431Mc-sZopurPglHvrYn-hl7cd2El1HCy89HTMTDlWF9AOJHkKc7Bd7lFrBQ6nJ8DIjY5b4XF2n...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQmLJTp_EBhlmUC431Mc-sZopurPglHvrYn-hl7cd2El1HCy89HTMTDlWF9AOJHkKc7Bd7lFrBQ6nJ8DIjY5b4XF2nM8qg&google_hm=eS0udkc2MTJsRTJwRnBNNHJ...

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQmLJTp_EBhlmUC431Mc-sZopurPglHvrYn-hl7cd2El1HCy89HTMTDlWF9AOJHkKc7Bd7lFrBQ6nJ8DIjY5b4XF2nM8qg&google_hm=eS0udkc2MTJsRTJwRnBNNHJhSi5vMUY4bkxLSEhjYUhZUH5B

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 08 Jan 2024 15:34:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQmLJTp_EBhlmUC431Mc-sZopurPglHvrYn-hl7cd2El1HCy89HTMTDlWF9AOJHkKc7Bd7lFrBQ6nJ8DIjY5b4XF2nM8qg&google_hm=eS0udkc2MTJsRTJwRnBNNHJhSi5vMUY4bkxLSEhjYUhZUH5B
content-length: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B630 0
166 B 134ms
39ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC4hvHnQXFH_OhanO-hVLpc&google_cver=1&google_push=AXcoOmT0PbK06xXVlwjSTHpCGNtpZWrFvY9ambybtWNx_PhnFOjk_zzzsYbdzbQVQodIlyYq9H1fkMte9E8x5akH98saKUi8Vyc
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 08 Jan 2024 15:34:04 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B630
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKaqq-PSs3wAKOWAh-6iN58&google_cver=1&google_push=AXcoOmRa4DJT56Qua7UUwYLeHwjzfqEd5lBpBciBRPBaYgZicfzXV8A1GTw5xpK_LWEnmcL7J6T...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI1MzI5M1ctQi1CMVVB&google_push=AXcoOmRa4DJT56Qua7UUwYLeHwjzfqEd5lBpBciBRPBaYgZicfzXV8A1GTw5xpK_LWEnmcL7J6TtAUCpt_W-5wFCVOyGuR64-W0

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI1MzI5M1ctQi1CMVVB&google_push=AXcoOmRa4DJT56Qua7UUwYLeHwjzfqEd5lBpBciBRPBaYgZicfzXV8A1GTw5xpK_LWEnmcL7J6TtAUCpt_W-5wFCVOyGuR64-W0

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI1MzI5M1ctQi1CMVVB&google_push=AXcoOmRa4DJT56Qua7UUwYLeHwjzfqEd5lBpBciBRPBaYgZicfzXV8A1GTw5xpK_LWEnmcL7J6TtAUCpt_W-5wFCVOyGuR64-W0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B630
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENlv-eraKLhMf9Tvh2mc300&google_cver=1&google_push=AXcoOmQopY-VTU42Hf-EP5xZNkMANZiqI_Pb9XUskytTpaaQviEaulptAXHXEU_V-VE0H2_bSevHtdYjOXvG...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQopY-VTU42Hf-EP5xZNkMANZiqI_Pb9XUskytTpaaQviEaulptAXHXEU_V-VE0H2_bSevHtdYjOXvGF3KF5ahtK7TGAsQ

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQopY-VTU42Hf-EP5xZNkMANZiqI_Pb9XUskytTpaaQviEaulptAXHXEU_V-VE0H2_bSevHtdYjOXvGF3KF5ahtK7TGAsQ

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQopY-VTU42Hf-EP5xZNkMANZiqI_Pb9XUskytTpaaQviEaulptAXHXEU_V-VE0H2_bSevHtdYjOXvGF3KF5ahtK7TGAsQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame B630 43 B
146 B 73ms
21ms Image
image/gif 3.122.48.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGAxfSObbWTeIKa7MUf0mL4&google_cver=1&google_push=AXcoOmTlPizzN1HO34MIKIGXp1ByZBzVUp5aq3XsHrNtTFYn4o0OhVtXBVDa7EOvfFxcLosmy4HezKBG9awmnF0bItD4EkjvqzFr
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.48.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-48-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B630 0
40 B 39ms
30ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J48ns3xm9DHb5jYAQnr4SGirDnf4rVG4PVBfMn4EHHZXfq5H_6psm-hYDtHYV2iR6nYFcT9g

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2D2B 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 539327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 09:45:18 GMT
expires: Wed, 01 Jan 2025 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C56A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9fd3f8d9f03861382664ad153bfb600aced64024d36133b414297b2d4732383

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C658
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6OvUe9LcvZUxMUDdNUGoo&google_cver=1

43 B
97 B

53ms
35ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6OvUe9LcvZUxMUDdNUGoo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNVKMT2IWI_2JHsA7qaGUJ0CkyCyTf3vG9KNcplBiAZp8RfrPsKh7DP7squ-hf8kiJO-70smaVs6q-Lln03Smbx8XW7sErvijURa6Bo33BCyP-udroAZffNTtpmZMlOdAOlzbXlSu26Jha85yUzDS3U_ujDcJ_87Bh_HBNWiFcqyCgm6swc
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6OvUe9LcvZUxMUDdNUGoo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame C658 43 B
111 B 85ms
34ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNVKMT2IWI_2JHsA7qaGUJ0CkyCyTf3vG9KNcplBiAZp8RfrPsKh7DP7squ-hf8kiJO-70smaVs6q-Lln03Smbx8XW7sErvijURa6Bo33BCyP-udroAZffNTtpmZMlOdAOlzbXlSu26Jha85yUzDS3U_ujDcJ_87Bh_HBNWiFcqyCgm6swc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame C658
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOywS0LVWvn83q1V26PGJrQ&google_cver=1

23 B
163 B

50ms
48ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOywS0LVWvn83q1V26PGJrQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNVKMT2IWI_2JHsA7qaGUJ0CkyCyTf3vG9KNcplBiAZp8RfrPsKh7DP7squ-hf8kiJO-70smaVs6q-Lln03Smbx8XW7sErvijURa6Bo33BCyP-udroAZffNTtpmZMlOdAOlzbXlSu26Jha85yUzDS3U_ujDcJ_87Bh_HBNWiFcqyCgm6swc
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 08 Jan 2024 15:34:05 GMT
pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEOywS0LVWvn83q1V26PGJrQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame C658 23 B
163 B 81ms
48ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNVKMT2IWI_2JHsA7qaGUJ0CkyCyTf3vG9KNcplBiAZp8RfrPsKh7DP7squ-hf8kiJO-70smaVs6q-Lln03Smbx8XW7sErvijURa6Bo33BCyP-udroAZffNTtpmZMlOdAOlzbXlSu26Jha85yUzDS3U_ujDcJ_87Bh_HBNWiFcqyCgm6swc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 08 Jan 2024 15:34:05 GMT
pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame D4F3 0
104 B 243ms
109ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEH96GguFpl_DTKMgA7QjfLo&google_cver=1&google_push=AXcoOmSnnOuBKfKB1xhm9qT4QsNcgoaFwt5bOttBcrAHRBK5-p_R62LPc-5MNukhK5pK4ba-DhceNRnCn_T3z7tJGHFHM4dlCu6b
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4F3
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECwrOyPGmbyhDXRhOg3IQM8&google_cver=1&google_push=AXcoOmR1L8XJ5TVnV0I3z6q6boc-2ygCxwmcCLSqqrS4btf8OQAZ4t1PrfutZF7v--e1qxnQ5mlTNciJT4N...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR1L8XJ5TVnV0I3z6q6boc-2ygCxwmcCLSqqrS4btf8OQAZ4t1PrfutZF7v--e1qxnQ5mlTNciJT4N2RKLU1z4ksPTyStD4&google_hm=1VbbR9maQD-nLtHIVZtybKU

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR1L8XJ5TVnV0I3z6q6boc-2ygCxwmcCLSqqrS4btf8OQAZ4t1PrfutZF7v--e1qxnQ5mlTNciJT4N2RKLU1z4ksPTyStD4&google_hm=1VbbR9maQD-nLtHIVZtybKU

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:04 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR1L8XJ5TVnV0I3z6q6boc-2ygCxwmcCLSqqrS4btf8OQAZ4t1PrfutZF7v--e1qxnQ5mlTNciJT4N2RKLU1z4ksPTyStD4&google_hm=1VbbR9maQD-nLtHIVZtybKU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame D4F3 43 B
145 B 22ms
21ms Image
image/gif 3.122.48.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM9qEKKhIN-SA1s4JmPqTpc&google_cver=1&google_push=AXcoOmSCAbe6nqH1I8TONqCJPvzCcHcZT0X5B0Axf7z9_iUErKxEPXJxRmpIQ7qgmICFZeAaq7BrwvKKC5sLnNQ0M087QfRcFO4
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.48.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-48-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame D4F3 43 B
362 B 567ms
310ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT4CWLHlPu8-Eb9e0P8iurnp1l-Zxpg6ClPb4jzWKsdeRSSACxoZdESkp4Gei78qBrjW1haS1ttj_tbSpe-K4QCK6aOMOo&google_gid=CAESEARGEyrUHU0ZvYI7cM0h9nI&google_cver=1

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:04 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 277150
expires: Mon, 08 Jan 2024 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame D4F3 43 B
236 B 74ms
28ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHx2E_Eq_7ddA0J5UfQIuRo&google_cver=1&google_push=AXcoOmTGihaKZ-COah4U1YRUTlCU-L1ULvJCt0PasAJ9J_gn1O5bkXgVO8eYbWmFfj95X2u5UOy2mnmVZz7bxK2PZ2xkKknbaXI
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4F3
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGQRjhhLOkam6kssjFh14yk&google_cver=1&google_push=AXcoOmQWSNNEY5GsTmH1WCpAHUxrho_F7FDQOP3EEVZDGkMALj0cpsYDPUp6CfyberjC-hhxm6M0m57-lJtrqJOKt...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGQRjhhLOkam6kssjFh14yk&google_cver=1&google_push=AXcoOmQWSNNEY5GsTmH1WCpAHUxrho_F7FDQOP3EEVZDGkMALj0cpsYDPUp6CfyberjC-hhxm6M0m57-lJtrqJOKt...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQWSNNEY5GsTmH1WCpAHUxrho_F7FDQOP3EEVZDGkMALj0cpsYDPUp6CfyberjC-hhxm6M0m57-lJtrqJOKtLSJY61BGeY&google_hm=H9SmAGZHqMHyPs4gS72m2wUt

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQWSNNEY5GsTmH1WCpAHUxrho_F7FDQOP3EEVZDGkMALj0cpsYDPUp6CfyberjC-hhxm6M0m57-lJtrqJOKtLSJY61BGeY&google_hm=H9SmAGZHqMHyPs4gS72m2wUt

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQWSNNEY5GsTmH1WCpAHUxrho_F7FDQOP3EEVZDGkMALj0cpsYDPUp6CfyberjC-hhxm6M0m57-lJtrqJOKtLSJY61BGeY&google_hm=H9SmAGZHqMHyPs4gS72m2wUt
access-control-allow-origin: *
date: Mon, 08 Jan 2024 15:34:05 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2

200

report
sync.teads.tv/um/ Frame D4F3
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBgMvsTn9gYN...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSNJSKXk7aHmy3u2PyEKZ3xrNwyccBIgq_RVN8BDuaweJWe7fVu4ayDSW0gO9UwZTuXsBHUe7QpkkwnYfq9qjuNJnK5yk7BIw
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

48ms
48ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 08 Jan 2024 15:34:05 GMT
pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D4F3 0
12 B 29ms
29ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IS9A6-GZbb0cs6qNY9X4DOyUkhtqTFJgDwMygaN3HLgMzpGbgGSYffPcd81zeLFevlqNdUqA

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame DBC5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1

43 B
341 B

61ms
61ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNV15OtEKTzC8qeYnF_uwdIjy2UjlUbzCY-MiBNbKer8GZm5Zp_jWml4vCCC1MlRMAqM7WFR8P0CCQM46a-0AQhOUntplW5pzN6xT2VsVZbgB-dkEaB8f-4vrQ_umHD3c1N74_3hNZbs13gBzjD28SWo6qI2_vIHWW5CBqFRo2bl9tZiYJg
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fy5J%2F4hNSws%2FOPIu7jZBFhWwanm9PSwcAzBfUpQ9QUPOZBoJzUX7f2CkptcF385%2BJ%2BD9%2BnvlHcBw51v2nlDYcOcN%2Ba90c3RWpHCpYOmwQ0UTOvLgtYhDo4JLCVUWRfZs7aW8izEKpaam5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 842580acabdd450a-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DBC5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZwV7RgvHfPUPZblWppg1QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1

43 B
738 B

63ms
63ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNV15OtEKTzC8qeYnF_uwdIjy2UjlUbzCY-MiBNbKer8GZm5Zp_jWml4vCCC1MlRMAqM7WFR8P0CCQM46a-0AQhOUntplW5pzN6xT2VsVZbgB-dkEaB8f-4vrQ_umHD3c1N74_3hNZbs13gBzjD28SWo6qI2_vIHWW5CBqFRo2bl9tZiYJg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aou%2B9hlvw7hwhgBYWyYMJgbRTTNn7Erdb%2FcYScTUIMFbNOYrm77QZw%2F5EFdP5piUyxkBStwxGd8f%2FWVE1b%2FGPa8nq%2BOWrSSPhQRhTWQrnPotZFSCehKfVbgv0Hjaa9RsnrvXvoOmXkYxfw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 842580adbc7d2675-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZStK6RQmvS0kZUMc4g2Ds&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame DBC5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE-7_YuGoGpr33MCvKsSQQg&google_cver=1

43 B
1018 B

27ms
27ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE-7_YuGoGpr33MCvKsSQQg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNV15OtEKTzC8qeYnF_uwdIjy2UjlUbzCY-MiBNbKer8GZm5Zp_jWml4vCCC1MlRMAqM7WFR8P0CCQM46a-0AQhOUntplW5pzN6xT2VsVZbgB-dkEaB8f-4vrQ_umHD3c1N74_3hNZbs13gBzjD28SWo6qI2_vIHWW5CBqFRo2bl9tZiYJg

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
an-x-request-uuid: 3462fb0d-464a-4170-a60a-1aad4b9b8a35
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.165; 84.19.175.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE-7_YuGoGpr33MCvKsSQQg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBC5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0ODA2NTYwNzY2ODE3OTEyMg%3D%3D

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0ODA2NTYwNzY2ODE3OTEyMg%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
an-x-request-uuid: f226e20b-c5f3-4f2b-9ee8-9ad8bbaa1fc7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0ODA2NTYwNzY2ODE3OTEyMg%3D%3D
x-proxy-origin: 84.19.175.165; 84.19.175.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1B1A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6OvUe9LcvZUxMUDdNUGoo&google_cver=1

43 B
105 B

50ms
34ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6OvUe9LcvZUxMUDdNUGoo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEPWIy-AEGNih9foBMAE&v=APEucNV8cbqwtztQ0Egctg748Ekl4OyM8jvoID99gULYWwgWeVwCZGivC9twi89B1BvijID7iKPuqwZEm5krO-xPffl2ILKsSGphwe__UKicuHHvJ8dmrapnd4G7pzunPH19GsOkDWezkJTgmxn6CYsCpftaVsoMCXi1GLfbblxH9Pwi46_MjTM
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6OvUe9LcvZUxMUDdNUGoo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 1B1A 43 B
111 B 78ms
32ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEPWIy-AEGNih9foBMAE&v=APEucNV8cbqwtztQ0Egctg748Ekl4OyM8jvoID99gULYWwgWeVwCZGivC9twi89B1BvijID7iKPuqwZEm5krO-xPffl2ILKsSGphwe__UKicuHHvJ8dmrapnd4G7pzunPH19GsOkDWezkJTgmxn6CYsCpftaVsoMCXi1GLfbblxH9Pwi46_MjTM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 1B1A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOywS0LVWvn83q1V26PGJrQ&google_cver=1

23 B
163 B

50ms
49ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOywS0LVWvn83q1V26PGJrQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEPWIy-AEGNih9foBMAE&v=APEucNV8cbqwtztQ0Egctg748Ekl4OyM8jvoID99gULYWwgWeVwCZGivC9twi89B1BvijID7iKPuqwZEm5krO-xPffl2ILKsSGphwe__UKicuHHvJ8dmrapnd4G7pzunPH19GsOkDWezkJTgmxn6CYsCpftaVsoMCXi1GLfbblxH9Pwi46_MjTM
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 08 Jan 2024 15:34:05 GMT
pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEOywS0LVWvn83q1V26PGJrQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 1B1A 23 B
163 B 77ms
47ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEPWIy-AEGNih9foBMAE&v=APEucNV8cbqwtztQ0Egctg748Ekl4OyM8jvoID99gULYWwgWeVwCZGivC9twi89B1BvijID7iKPuqwZEm5krO-xPffl2ILKsSGphwe__UKicuHHvJ8dmrapnd4G7pzunPH19GsOkDWezkJTgmxn6CYsCpftaVsoMCXi1GLfbblxH9Pwi46_MjTM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 08 Jan 2024 15:34:05 GMT
pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET

partner
sync.search.spotxchange.com/ Frame 8FBB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGQVJL7i0Q9MconX4S-QKpU&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 8FBB 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame 8FBB 0
38 B 25ms
24ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLLC3d4BMAE&v=APEucNVhYmm_pO_SQlc3hjrlrkibFSBpNcMRQgV9WXYLMbLsY0fMVYAVeILFDT1xTU7KMxNrgah_vpXHm68ZzwfTgOjWX7lkkARYaGV1KBco9K0HB9BD0J5gFXqqAZF7Wu_SJAa_Zt6WkBqvn6kF6unrd_HujrTPWPWZ622-R8WIEs2NerrW7Qw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 35ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6OvUe9LcvZUxMUDdNUGoo&google_cver=1

43 B
97 B

32ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6OvUe9LcvZUxMUDdNUGoo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYi-3DggIwAQ&v=APEucNUbe_sm37T_kWw37YbxrX6DaQXqoNfWpQe_8Xl5jLSm3e4gk2cL5q4cqTrxryrzegCSNm78UYKgnKKHzLADGB28BGtKXAvRlZkkg3Ki3JGYi984ERj3-QHC4wxf_6DirbaYdRmErVGGUPwbfK8Jh5CkR7hiePZcrys-ya73BUgkUJSLSKc
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6OvUe9LcvZUxMUDdNUGoo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 35ED 43 B
295 B 73ms
31ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYi-3DggIwAQ&v=APEucNUbe_sm37T_kWw37YbxrX6DaQXqoNfWpQe_8Xl5jLSm3e4gk2cL5q4cqTrxryrzegCSNm78UYKgnKKHzLADGB28BGtKXAvRlZkkg3Ki3JGYi984ERj3-QHC4wxf_6DirbaYdRmErVGGUPwbfK8Jh5CkR7hiePZcrys-ya73BUgkUJSLSKc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 35ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOywS0LVWvn83q1V26PGJrQ&google_cver=1

23 B
163 B

43ms
43ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOywS0LVWvn83q1V26PGJrQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYi-3DggIwAQ&v=APEucNUbe_sm37T_kWw37YbxrX6DaQXqoNfWpQe_8Xl5jLSm3e4gk2cL5q4cqTrxryrzegCSNm78UYKgnKKHzLADGB28BGtKXAvRlZkkg3Ki3JGYi984ERj3-QHC4wxf_6DirbaYdRmErVGGUPwbfK8Jh5CkR7hiePZcrys-ya73BUgkUJSLSKc
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 08 Jan 2024 15:34:05 GMT
pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEOywS0LVWvn83q1V26PGJrQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 35ED 23 B
163 B 68ms
44ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYi-3DggIwAQ&v=APEucNUbe_sm37T_kWw37YbxrX6DaQXqoNfWpQe_8Xl5jLSm3e4gk2cL5q4cqTrxryrzegCSNm78UYKgnKKHzLADGB28BGtKXAvRlZkkg3Ki3JGYi984ERj3-QHC4wxf_6DirbaYdRmErVGGUPwbfK8Jh5CkR7hiePZcrys-ya73BUgkUJSLSKc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 08 Jan 2024 15:34:05 GMT
pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
782 B 37ms
34ms Ping
application/json 162.19.96.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.35 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy03.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.omelete.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 9457 0
0 63ms
60ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssdIN8AaCJtyWE_-EhhT5bS4Zk24lwPwhKr57Qy470Eo2O3GCOiESAsTtYrVQBizn1-K7uXSQ9PlPTpzMIzHqws_uRR-49NN4flO20eh4jA2AhnYWtaoQEHICxdCHfLCT1Z1c-P51ifqVh5DxskNusEamQjnihoUL_TosTET5xicRfDp9lzLz-BPVA85Uw4vVcTe3fGoDZExNCUoDCB-NSRAZNl-8g3LQDFeU-7VSXQShMgpFHbz122-5Z1OYKZ70Lcz3YWdLCLjqIwo5H4_wljMArkGZWE5sSNMrIdnWKbhcqhnzozzfDo2kC9EqriBj4fCWZZjEtK3UHc3BRaoUGGRCsv6vIJuCcS2G_-aixT0f2mTIcyMdaOh1JciRftBYGYpsx_CZL1tCtxRhbOcu8nmzb_4hgd8Qxi964KJFYTP7OP0UZ_ElomDBumk_Oc5BS3ntad0AeuYdM0J6XMcCCk_ztr499I2jwnJutgcyEh4zU5aW3euZBFlan27h-OzM2mb5vLmyXmIEB_2hcSbps9GW2PVQBO8H_4betXcBxgiK0k2nnCGLj1H9PTeCRKU3CeUxm8NiSIW7BlWncWNvdIZTJjU9L5IUB2XKIqWa-EhEJEeSpzTlWkH__yJSVkGILiYpj2ypf_JX4Q4zfp9QxwBksRsWcFOI5VF8_rh6N2oWyzywVTe2giw07xmzHWW7_efyjDI2itznRGA-I8VhDcugDmlhtOzbsBsCaw6A5o_FsiZDV55iVKzsjcfM9YcV4iKGqw5HCsztSioxnObe0UyRlOm-4vcR1Mn8sPTN5shCSYHzBNRmGUHZ3nCHmN1lVPPG_70rJOtXvQP2W4yJbel5ortvOmXHI51t23Do9p0Q0tca0apydugvUkix2OzB-TDRlr-PmtwLfBL5rgspD9A1tFOLH2anPmstWoEj_lYzQmCSmBWj9P491W62kbJCNulZdWOO9jwspoiQmnD48vjRy1dWhcXFzj4XKNNet4SVA4BcgsIhmIQKUjnPVEgTsCQimzt7-s5ynFQmY2JHRWlLrGhiqorfdh1fja8KpWtkm2XFzdsfueo6VNhKnenK5TiG5gpO2PkYeJRy2_2xyzMvTjEMF1aUGmHVQHq2ifwp37bswFDosEgIiLaG4m3Z8bFPqkDhqP28I2eHKI1NWmtDnI7ZxFiCzc9UvtOU722ZlFwRZsMmAB-vhYsC3KuMNcCMZRkVLaNCSSgyB0KHolbkNtDpCuOTtLlyT7kLaZ7PMgiVzB3mCJXoUHXRFgMcKq5W_C3gThOmYqTFfdBzBTWCFEKJ0EhXP2Oh9iwntvFRTcTCprZgwmGEwyHC1Uv9PdiDA2OxeXqC-znf3rnjmphmV0UxA2F4IzNO7qOdMWMIf5WvVSizjypYXsvI934PXUHEaH_6CvrHxQvitXVm2RIQ0jk28vxMGMrjdgKtPswrk8W_ez_I7Fuev9N3Po48AIZwYdIb0HIqjWkGSeKe2RhQK1c4BFBdPdlc7n1wRe2To0JETZ63A4&sai=AMfl-YQuAcXn-mnhlx1VdNZDeoYNqHTVDxm7i-Z_lNQwv8qrW_y7jUzz7wT8ctGQiBEyd44j7vPdUcNDwRGCsW7WxoQnjz6CqHbWXY4bwafO0svvAbZiQqcMv06jPhy0tbKjPOn06fBIL5DAwouMq_8MRT2jWRlesEl3WguviqlGZtKJ6ERMVb4Cx-_NSz8_4GXN9qT5YoOpjOxtNqCPrFC9LGCw7XA3H9dGyiZzukl-7NV9Cz-xxj4jNl5m5F6cgY6eFpXTytsTfcF6B6806anG_4QeG6OSftBJPNtFMxrOS_iNPAih0T7IHlR8nQMB_SEyWPZdc5ORB9l0ORotMcf_yEte6h3LyetOcI33GCbKy_XbdPx2Qc_vHLhON8oh0uR7A29-Bfwlc77uaWrO07YKe3G5kE2G2egxHdpWmZGSl1kcLC3hYc1bU4A&sig=Cg0ArKJSzNGZzQCO_W17EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zcGFyaGFuZHkuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=163&vt=11&dtpt=162&dett=2&cstd=0&cisv=r20240103.79047&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1B76 0
0 61ms
59ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstTS3rUKU48LRJIBLUj1FIf0K8u8jSbVRc4NGAX-hejPxJ16mGMVkfNJoAVxsyFeOUoWO5LTNcqQMUiMK8Afy1OcuEzaBZ2Thul5kFQVHbijx5igXNcue-f-jC_xo-pa_BQw8kcB3AFWDsTa5boQcBXozefSyUCAYAWIyDunLWEEKrR9zQehtJI86Vj3car_Sp_R0SPr2BMdjVbejUgakvdmlZSqBZR_Xj60iNOC3q4DLjAD4Ia6mKi3sasU-VsxbFS5Xj3LkVSHiQYNt-tOOgZmzG4UGnCIUw0Bwi07wmIM7h1aH-kvR8ew1kM2Qmt-nqwiegH3sXJiENW2oh7lpp8cpCoIVKgwcTnKPIiVByBqGWD3H0xU7sIy8juO-VUUik4z1WVt1-O5W10y1Oxj5J-UrTUOLatr67-uRHTANnx-Jj7X6cPQS8fr64NwKh30Mu15eab3ASD_ydPBKAXO4BaSxPJv27v0uxhHNZep9UoEomKzgkWdX2fWhsGCBOEo2QqtjDSd-jTqPBfJPMUZp3JvHnb6X_yFd-kd4PCiPMPEiSla11ntdxvm7H0BbV8T0w-D5KuIfwkQOKmDZJotV4LREjBVHHe_MkpbttwoZ15HrIe32_e6BgJJ2U15zwaIcoGn9NKfcYtC821Tjbc2kQPQyeikuysvosFpFByjb_ppkU47ywKevu-t3QqL4peZ3Yc3XmuqizSNFry5vPje9fCRB1JTVyXmim1Gvi0Doqd-Mz4RogN-mD0qSRsVHlAOFBnPobUWuTPx8Zrw4KlzheVfU7hXCtnQczFgRwrlvOGvKQOecMsxL-p0N6UUXDkU4YCz0FhoSa_XsS-Gf-_-jhjWQ_m79VDxuEJ9fUQO-lMqF9HGtXCf9KpgpvyJKbhZpFAm4oc3TXjQXV10QVz4_32QICuKY2C4xSlLqHHnX-CdFLVEGjqyI1Qx2vnQuWj_lSw0ZZJ0-sVZr-HqY4yONUgy29T3Tul_4rhZXldxalEOQWm2SK02iiuzHroulAT378sRwy2w_DvVvlbU8SjBb3vpX9w4RUPrWrFDeApHZH2ANBuF8h7u9p6ckIctevSg1b2588BFIl4F-c9QjAoZOC0CkCEFOaqNeG0PpEJLEIcRPaUyZ5hVjAdJ1Ficgj8uM5P6rIiWvR_cIfcDg8VypoqgQWs21rdAJL6X5RvsacI4bHWQFXBSzsETv--PlJP5e_wLnO270GrDyLQM9Q5G9aFZSu-ToKNILCCvDcGSV_OFvlgiKgEAxc5mNRuRd2qMxANwYgZvKR7i1HhLNIt4SqEhdj-4f6B4V-8eLCLLksKQrvn2rK42cv26O2W0XrTU1NNhDZ6p7MEaLI-7GMrZtvNe1WN65Ro70fKnafVxYZrqbbGGEI7n5Ar3P6G9xDNt5KIh16yXuhitPeBDhbGPXYhWYns7SAteiaj6NXfVo7dCoGoLIuQAa01mprGQTeKm-cggbOognv-n6TZK2nMeLAU9lgQ_Z4dG4pM4Jx1XZLDjCyqJ-J29ylVRZE&sai=AMfl-YQGiAYkD2wNxcFijWVBFiS432ITYNxPRQmP7e8qQyq-dPt6D-zOV_xfWjqD6IyXzmutB7HU3coat6wMJWOWg__S2qc03sY34hvGO7QvrWGtiJk10DfXqZy-AX1TNpxg36e5Bg3f1ccUu7UA0b4Eaxf3-kircWxHEB3AIwNnIksaQ5YQbZMoPc-0qsEyq8ef6L5waT5kG8IzYEePB2oXekkTIdWaZuUz6b4E0Cn6slgOTC1hJ8odmDDvokPdjuzZWFnzcv5O0avhUH6sI6yutiv5bXYfVnlhawq9Wq95SGV0PTKfe6qGXY9_ijH_AwhPulTu7lqvEeM8utVsPLa6k2YSDXdZUvy_tPGph0LODfgt1yM4IvN4a1Z-02yoLFurMRal8AVVyA0YiogmaddfiQHUhOuaADOMUvCUoNNFPZHH19tkKa3rMNs&sig=Cg0ArKJSzM19mKsf0xLPEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZWljYS1jYW1lcmEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=173&vt=11&dtpt=173&dett=2&cstd=0&cisv=r20240103.42068&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6665 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 539327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 09:45:18 GMT
expires: Wed, 01 Jan 2025 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3EA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_push=AXcoOmTIE1f-iqdDJFyQdd7C-k6MxFEAb3oJ20qydw8co5jTahaZRiE-7h...

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_push=AXcoOmTIE1f-iqdDJFyQdd7C-k6MxFEAb3oJ20qydw8co5jTahaZRiE-7hxckWez0YQ7C0zhvnRVTFwmk_9aTObYn7NFZtv7FWMXyA

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220026-FRA
pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1704728046.545921,VS0,VE99
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_push=AXcoOmTIE1f-iqdDJFyQdd7C-k6MxFEAb3oJ20qydw8co5jTahaZRiE-7hxckWez0YQ7C0zhvnRVTFwmk_9aTObYn7NFZtv7FWMXyA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3EA
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDkp8eIDmcpJt7kBP-fo6ao&google_cver=1&google_push=AXcoOmTc8ahN-3orfm0NLmLtIjdTRAf3ymeDVcaIQZtpFojziixiQ0TE9SoTnFTHn9DG9BvVjAuCz7ey6jDlFQb5X4-iqBT...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTc8ahN-3orfm0NLmLtIjdTRAf3ymeDVcaIQZtpFojziixiQ0TE9SoTnFTHn9DG9BvVjAuCz7ey6jDlFQb5X4-iqBTheQEF&google_hm=eS0udkc2MTJsRTJwRnBNNH...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTc8ahN-3orfm0NLmLtIjdTRAf3ymeDVcaIQZtpFojziixiQ0TE9SoTnFTHn9DG9BvVjAuCz7ey6jDlFQb5X4-iqBTheQEF&google_hm=eS0udkc2MTJsRTJwRnBNNHJhSi5vMUY4bkxLSEhjYUhZUH5B

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 08 Jan 2024 15:34:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTc8ahN-3orfm0NLmLtIjdTRAf3ymeDVcaIQZtpFojziixiQ0TE9SoTnFTHn9DG9BvVjAuCz7ey6jDlFQb5X4-iqBTheQEF&google_hm=eS0udkc2MTJsRTJwRnBNNHJhSi5vMUY4bkxLSEhjYUhZUH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B3EA 43 B
363 B 497ms
267ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQCvaKNlyIeyfHplXrdz77PbguMieSqgwIiY__1la7LU2YIQ7i939olfEIf-v9hjz-WjxpMTRoR907xwj59L1CQFZhW22lTtQ&google_gid=CAESEARGEyrUHU0ZvYI7cM0h9nI&google_cver=1

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 165329
expires: Mon, 08 Jan 2024 00:00:00 GMT

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame B3EA 0
236 B 131ms
60ms Image
text/plain 2600:9000:237d:2800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKP-FQzqbEKlvt_t6j6o53k&google_cver=1&google_push=AXcoOmT6nPbYCVDB1NWjlESAYTuxGO90WYu7z5geAvnsH6ixiFmVlVQmlIUPy8WOSaa1hhnH8K9sTgEnNw8WUd35kjoEu2QEhhhR
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:2800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: no-cache, must-revalidate
via: 1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
x-amz-cf-id: XsTXeBpFTwO5eEyRqHhj0h1bZLr5qaC1hCPEjb3rFB3wrVrXl32ivQ==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3EA
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENlv-eraKLhMf9Tvh2mc300&google_cver=1&google_push=AXcoOmSNLTMHD83yjkiS2Sdqg5KM39o3mQVMZniQ8q6HhR0WJwXgvX8syxS5redS7rgrpaLsu5C237SGdvG7...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSNLTMHD83yjkiS2Sdqg5KM39o3mQVMZniQ8q6HhR0WJwXgvX8syxS5redS7rgrpaLsu5C237SGdvG73zn4YOo-OF47uzd9XQ

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSNLTMHD83yjkiS2Sdqg5KM39o3mQVMZniQ8q6HhR0WJwXgvX8syxS5redS7rgrpaLsu5C237SGdvG73zn4YOo-OF47uzd9XQ

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSNLTMHD83yjkiS2Sdqg5KM39o3mQVMZniQ8q6HhR0WJwXgvX8syxS5redS7rgrpaLsu5C237SGdvG73zn4YOo-OF47uzd9XQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3EA
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELpy0Jf9gU8sCxN1vhS822A&google_cver=1&google_push=AXcoOmT_EixH6g-fJb5rVt9oJa-Y5-mS8gFfe-36hjptbskoZwYK-ZP9M8WsLQ1r3rzJhF8cB_xuI3uQhzZYg2id88ANsyU3ks9a
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYwNDUyMTk2Nzc5MDA3MDIwNDMx&google_push=AXcoOmT_EixH6g-fJb5rVt9oJa-Y5-mS8gFfe-36hjptbskoZwYK-ZP9M8WsLQ1r...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYwNDUyMTk2Nzc5MDA3MDIwNDMx&google_push=AXcoOmT_EixH6g-fJb5rVt9oJa-Y5-mS8gFfe-36hjptbskoZwYK-ZP9M8WsLQ1r3rzJhF8cB_xuI3uQhzZYg2id88ANsyU3ks9a

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYwNDUyMTk2Nzc5MDA3MDIwNDMx&google_push=AXcoOmT_EixH6g-fJb5rVt9oJa-Y5-mS8gFfe-36hjptbskoZwYK-ZP9M8WsLQ1r3rzJhF8cB_xuI3uQhzZYg2id88ANsyU3ks9a
date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame B3EA 0
75 B 164ms
40ms Image
text/plain 81.17.55.108
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBpuDRKDuwc1VJARx4oAzCw&google_cver=1&google_push=AXcoOmSRoU625ZOxY8gwWnYoGWrkxCy15XHhjMojxAFvJPa3XeylWNrsB-d9VWqGH-NNk9ZLewJfFArNn_QOO7fSW-1-CMNi6VBx1Q
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.108 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:04 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B3EA 0
12 B 29ms
28ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JSAuId-UNCGCvpvIWBvh5hjs36_5VPMubnmqVCTNyFpa7_FrP0u2V1dMVYQFtY7uBh0wsV

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D01 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8355525773014&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D01 0
20 B 59ms
59ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8355525773014&version=m202309260101&ct=77&x=1&cor=5298470497536883000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6D01 34 KB
19 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCxg0PCw3ek3j3Ho1b97thIJemNAy2Xw_pGaSKOt5iMrG4Shuda343giEN-LR2_7CU-UUcstAfpCNyp5GMJs-oDHcVrmg29z3j5L2Sy1pWhHuCgHE5PBIVHLf5zt1OglvBc2KepqqVoByXyxsUWEN-OwYFrM_Ph1UrlcoSwMIxJi4_PbI&cry=1&dbm_d=AKAmf-C_zunZZH6h3IgzMNfyG49eRVEyqfvQ4zZldV75OIo8ClHrhmQyI6BniOA-qOm3I36b0GvNyiOoGU1EhC9cQWbzm9R3AOniDWpH5jondyMazyoRPfc8sJJZVr3y1IaTTY8aP1GQwmH1m1Q6eGEQa2ICGIb-xXr3ig-FzE5-50hetTyQb0xsff7j_buTzMcOYPTzqReQYjsxQi8OKF0sbSLy5cOQBO40AvegUzYFAy8KEGlWv0fHaX4Sy8YTYcili9qY-eOZqhpPPTUZn30_7GV0Q96SVhWidkhm7pa_60d1YOjnuqqcSw0AVcrRFLHBz9G7CTfGMLiyBx3c__oYaldcNf-2WJtI8uhXxI4-cus9_wa1RJrxfJa70j4suqzICC5wFenoxkKxHKM99r7xIhZL_BKn9838MhBlBhBqywReoZXCEDJyix7KhJWNXBP2LrPs3JGrIzUHQMrk29XOValklxjV66mvdJx9Q7YGsCZAf387lwrj5tySKFzjVDKWRBT7iFAlLlVNkGp8mADZGUnEfsDMeqGQZBGoxUGmI0Z6_2brgaJD4eobM2w3_w82_QuugDmv6XUCpcoTWwQgVN9R1jSTMuslyZin4-zrfukE4-6Z6_97GfpDaqc6K5xFSspQQch1wLSPxmADGN-o9jDJuCRoT3eg-KWsLipuqmTK7zeKCUJuJOUZwiTMyBCPgNA_VeS86l7i_YmzzWS3FN9NNf0W6iVTLguYhfhNFZ1ar5MXelzaP7TkPUek1dH-BQBlMsnEMd5b3CRJ1gGk4ZNLLQzqbT84_wgYH0cTXG1bgI-v4XDci3WpeA8OrBXFaJduIjNbxPnD6S1VFiFewml05vICAaOMQYkse71XbVieLcIx50yXaMG-uX_jCT-9LbdmuZY4Ou3SoNnu-Vx7H5TUK8Ehu3x9k-Vf9MVqPPwtb3AwSKCHXlXHqiypSXaQGwBgyYPtQT5wt864yzr9SgfwXK_r01XBhXArwSjQVMimRnsT8CnWYHLgknwBg0C-nYhTzxSt7-AM77qDRiyBdTPJCbYcjIoA_-wDkvONb2QH3YG8BtpG-D8KCmA_Vyt5PSFOmSU_f9H5jY9Z3ySHZrg9w9BAQ5IX5WGzIB24810_VGD_gcNFYXFBgOOOWjidGp2So216NCTPa7PkEhNaqKO2Y_QJB_LKFnIZAlYjGlICyafthP2oU3XSEAlK5OeFhvQ-e_YZq7b-Q9B491qm_-zL7UVSFjmOCI8ydIBv0oUZZS8nWelf8f3kD_5Hp1gpQUjRBdQMCgYB5ws8pRGcH-yPI694Hjqnjs6gdaCF9bwdbypTj4iRbmwtYrdUijPOsdeAFn4ixnzR2Cx4u1nu9rjhRbvTSJysBfIeCkd1bdrdgz4mkIut_bCiZtjvEdILdd8ZxZ8o6qLkVCSVKHR1Ab_nVYHXJzU7XABf55KQQVwEY4cCZz1ghbwXP82jaSVOJftwC7RBbx4Kx3naSi5KC4MZi0HfBWIFK8OyafDSpNjzWS6KV7MAu3BopGTmHRJ1ecoXNSeYrhGaJiXboBqZGq-njx265VpB5l8n1-0bwF1nodkNF6g-hiMn-qA1nULldpeVMBw_zO2vYs-bAhxZALnFteG0eEQA5A7wTF_bqjKkuc4EPYkO9tePrqwsF7Cqg1SRDutszc8KepjQIOnYFRVW6NJjfvSEAcTvJfah_aTN-nloxbxKzGL8FtrYl8P4PnTFMUNRuEHqSR24QrtIpLyjp0pxEh0r8jqeatHOQLMkpK2tIFkoKF3hd5FCj-ZnLO1q_s5THepFIBKvY0pMDT4idh22pYc5IBAPKjRTzIsr2sH5eY2fjSuI-NCiyIxWvYCoBhpy9Hqu5xSjvv5TACy-ym2Ow3k-fRB9-y4KS0R16mVT7sIZJJeLtLQiRGiQjn54tMMl7bkUeSeGTpdxamBLpT4HRrzfRnxfIlRVkWknn9RJw4vuAAtxp_O-wyjOm4axl3yammSgbf-a8kUDu0MolDpa3bfGxVH5t7Q56d6QNJEYHNHGQcaqKCQiYHaUCl1SHkPtGNuWFK7uNU26t9WMUPqmcBVZUEBz14Ox3jrmKEG52as16HfS_Vb1XXyJRzO_tz254_tqjET52uOeBu_Ryjq7ChhmoibAxsNyqauKwg-0vd6oATICtevu6NrFf5HO9sfewEBROmMkr6JstFDYpzZvF_8GCfDpVgTIVZplRqp7dClAsTKqj0qUlMFrsG1-d_UVs5bxT9hSDa5rWqaV0ppT9GHwHYUjwvnAQ98ccJbBJARgeDsaE6WbjvOPevnDh65EdSWF8JQd1-ooY2vSiIbQpyCtxACRCqO_oCZWu3YlVUbSRy5VmTjTn6g_F2t8fBFL954mNvDL9bN0KvzOQr2ussF-IUyFAaIB-4kBqElAq-iQ70Wp_BCM7VPWsdbdNpK0UwBsLXkS6uk5S5h9_Q1-8IOFpxzYPZs3gjTzHL3PISBDoCY-Tg8v2BIKIH4P-Stm1kS1_cj-yNnGFCmApzoyx09kIjq8gQdrXk4FNxXBPr6Uz1Z9_HJf0XZa_7FXUPce6c0A5WUwX0nklejoaQCH8Tai1_mgeTDnMvuDft7L-0g4rXAiZ2A_8_9qpxN9f2QfW5onAZhZrqsg9piEkjb53VSOcgLBGDt9fRjzE33_gRzZ2AlD1r7BVLRoW3nwpzwAuBS1kVfs0Zv3sKO9yxmoQNvfbYQKOAM60BFTBVA4pFLf_0h_Ji-NfrlByvQ0KJACrDrjH8_v71ePTRjQcTaUD6sBNbnGsMLrObaKtNMlRruN0IzJK81cNw4HG75kYRAZ0UtlcooEKGzINscXx73TfJfLiD5WMk66nHbsjJjW19rumzgzOPWf-7CQp5kuhLlV5LmeByQyIROt1SnPsxLFy2GPxCojHx3vfZAr3SrHxfXCfNGSF53iPfJPg3ZiDAC5SvuTYlr32Kt9tX0eTHc-62vOzLEYpSJOsXDymzaCHleUTSx4M4qBxsWU8tX7I3mXt3TUEuSnaGi-3Tikcz9velMYMhKvfEPJvJ0GmxlAbE0xi3Fe56Ynb_2XXc4lN7bD-sT2sJ-VCJZnPe4_WB6LPIyw20rCA2EuXxV_2ZR0PNC3ntU1FKTFL1Xhiml19YctttInbuTT3xQjJ0c2waHN4gjO2-lnyBn8TtwIFvq-jXjZM512LIEHCxTCbleISLeRktnenF5fvNgy07qw3RBXzvwI5u6OYbNKFNmd5PPp8lHCfuYnsziIdSBWAWcdt5F7SmEYwUXxq3NhNrdjcndHV4o0E7-cLnAd2U0qUjXjTDsGqMC86y9QZrpajFsalXYnDG7cjSPGoYtZUw7SVnj9e0RO0Nlra0k0Ea869r1AhwuM4nKSPmfMrbleomYxE200LBAto0FEOVBFb2OwFnRTN4uo7pwWEH0mWvD_9oS7hCzqP780J2HPLk30Xx3Q6HB58eo_LCMilQ78tXTf7W66RBzA9wZkASgKatpxlTow3eejzfHzpclvyt6mYErXAfqekNxbMKsReBZCXQDvSNhQTILWgteNSM2I6uLevRPu78Rn92odIBjP9cIQ5DBo0wFk729yW2IfAsCaiqIJrfS8gn2Q9hqoKy2Pz_EO-AfE92nMQXezmrAfF722DzV4cMtCg7NM9WyqG6687hhDeZNQrPDHEzv4JAfmHMmdWO21w5Izyj6DY2TKYdPsfKUTRveXuLMcA06YGico70sGdsYFWPbZJcLAVXjuQtIfUZ0inIX0O1YqPHQoZXrhJ2MHkC9LClngMhBC2vEROltG17Pwjj0208-otlTe7hA1UVIRdWBqctBipG_gexlgEaJmgP54baWKYE3PlD9hpRgnu8GkY0oVz93-dx5UADGpDoufITgtVXo9HWWGL6UQsMZGKoyTDDXnPCTX-S9x6Bziwwwcct3AYZBX-Eqdf1cXGIt2o8kynYhuwvShZnE5CyycE1Yfbd7DydTqAdavqwZncEn76A&cid=CAQSPAAvHhf_TPd7Rwz9kzGolpf4R7-Wv2xX0Lwp7umdSRrfg87er1qR3i_QF32gNcm_bIls5RSrF-I2suIMYxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.omelete.com.br%2F&ds=l&xdt=1&iif=1&cor=5298470497536883000&adk=1033480540&idt=94&cac=0&dtd=35

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d786bbb6a12fc01d79f92e24da0aaf595071a129c5bda5619ce6ee1abbbbf97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19532
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E5D9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30ad59ac1b6c17a171fe8a5b8625c43a42b8178babffeb1a8da6dfc67397d67a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9463 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 539327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 09:45:18 GMT
expires: Wed, 01 Jan 2025 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9C73
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPHQK7iXcgi-Umkz7VozmNM&google_cver=1&google_push=AXcoOmS1MVF19E9CYoS-3G6WEWmFf5xHtqy0aV9kxaks-0BHgJKBABKtEVeCgxeYVRC4_ZmyAqPCetoL2KOwmhBGPJgxSRjuPNU
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAxNTU5MDk0NDU1ODM5NDk4OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPHQK7iXcgi-Umkz7VozmNM&google_cver=1

43 B
398 B

80ms
18ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPHQK7iXcgi-Umkz7VozmNM&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 08 Jan 2024 15:34:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPHQK7iXcgi-Umkz7VozmNM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C73
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKQkpTcNgqOGdT4HL9Uq_3Y&google_cver=1&google_push=AXcoOmTxrU56czE2K6Uo0KOB0oD5I-dR14OcIHxI6JDdm56C5DbNCoezo8dYFexqz5M2ff1HCoxQNxVUxrZPXMm0AppQkuLwVt9K
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EDCF97B43B0D4F4287C16D621E11A14C&google_push=AXcoOmTxrU56czE2K6Uo0KOB0oD5I-dR14OcIHxI6JDdm56C5DbNCoezo8dYFexqz5M2ff1HCoxQNxVUxrZPXMm...

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EDCF97B43B0D4F4287C16D621E11A14C&google_push=AXcoOmTxrU56czE2K6Uo0KOB0oD5I-dR14OcIHxI6JDdm56C5DbNCoezo8dYFexqz5M2ff1HCoxQNxVUxrZPXMm0AppQkuLwVt9K

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 08 Jan 2024 15:34:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EDCF97B43B0D4F4287C16D621E11A14C&google_push=AXcoOmTxrU56czE2K6Uo0KOB0oD5I-dR14OcIHxI6JDdm56C5DbNCoezo8dYFexqz5M2ff1HCoxQNxVUxrZPXMm0AppQkuLwVt9K
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 07 Jan 2024 15:34:05 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 9C73 43 B
145 B 23ms
22ms Image
image/gif 3.122.48.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM9qEKKhIN-SA1s4JmPqTpc&google_cver=1&google_push=AXcoOmTJmF8CCAmkQ7G0_kYEwktZ56zZRuJlNTIjlHhAQgRLYix93GzcVS72vaKhq7YTRrCYKeDPrGHoNaRSa2ata4SNKveiiZhU
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.48.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-48-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C73
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAH-NN_G8aCEZkQ1g6t0DBw&google_cver=1&google_push=AXcoOmRo5mGy1ej1fs_Z0yK_GNK8-tTECeI0A-iPddxYBYkryLa5j-5YUKOgFgt0PS0uMfH5KxkM09ZF...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAH-NN_G8aCEZkQ1g6t0DBw&google_cver=1&google_push=AXcoOmRo5mGy1ej1fs_Z0yK_GNK8-tTECeI0A-iPddxYBYkryLa5j-5YUKOgFgt0PS0uMfH5Kxk...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg5ODE5Mzk4NTU0NDI1MTA3MQ&google_push=AXcoOmRo5mGy1ej1fs_Z0yK_GNK8-tTECeI0A-iPddxYBYkryLa5j-5YUKOgFgt0PS0uMfH5KxkM09...

170 B
188 B

39ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg5ODE5Mzk4NTU0NDI1MTA3MQ&google_push=AXcoOmRo5mGy1ej1fs_Z0yK_GNK8-tTECeI0A-iPddxYBYkryLa5j-5YUKOgFgt0PS0uMfH5KxkM09ZFjQ-Fbpc0tahKCYQbdBZp

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg5ODE5Mzk4NTU0NDI1MTA3MQ&google_push=AXcoOmRo5mGy1ej1fs_Z0yK_GNK8-tTECeI0A-iPddxYBYkryLa5j-5YUKOgFgt0PS0uMfH5KxkM09ZFjQ-Fbpc0tahKCYQbdBZp
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C73
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAH-NN_G8aCEZkQ1g6t0DBw&google_cver=1&google_push=AXcoOmSX6jXSbbqb1pd7H2CqX_DMS7vFcu4IrgTEJuIwx3xJIc8O2YexPetF7JtCQ4-hwpmQPhHnjO9N...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAH-NN_G8aCEZkQ1g6t0DBw&google_cver=1&google_push=AXcoOmSX6jXSbbqb1pd7H2CqX_DMS7vFcu4IrgTEJuIwx3xJIc8O2YexPetF7JtCQ4-hwpmQPhH...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI5OTY1NTkwOTk2MDU0MjU4Nw&google_push=AXcoOmSX6jXSbbqb1pd7H2CqX_DMS7vFcu4IrgTEJuIwx3xJIc8O2YexPetF7JtCQ4-hwpmQPhHnjO...

170 B
188 B

37ms
36ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI5OTY1NTkwOTk2MDU0MjU4Nw&google_push=AXcoOmSX6jXSbbqb1pd7H2CqX_DMS7vFcu4IrgTEJuIwx3xJIc8O2YexPetF7JtCQ4-hwpmQPhHnjO9NI6T9lQeUtN4ugxXHBFiT

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI5OTY1NTkwOTk2MDU0MjU4Nw&google_push=AXcoOmSX6jXSbbqb1pd7H2CqX_DMS7vFcu4IrgTEJuIwx3xJIc8O2YexPetF7JtCQ4-hwpmQPhHnjO9NI6T9lQeUtN4ugxXHBFiT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 9C73 0
75 B 81ms
31ms Image
text/plain 81.17.55.108
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBpuDRKDuwc1VJARx4oAzCw&google_cver=1&google_push=AXcoOmRs8arAHMsqg-nHfFRtWrldUa9D20mqzArGQ4SHMxxC7Y6xm1e2mEDksscOcrTO0xAHhYbr3hMdTioxKkCroCsuNN_04eHI
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.108 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C73
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=51f5af31-cda3-41b3-9f75-688af5821c0b&google_cver=1&google_gid=CAESEDuT13nHMKWvJsxJIgZrWhE&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=51f5af31-cda3-41b3-9f75-688af5821c0b&google_cver=1&google_gid=CAESEDuT13nHMKWvJsxJIgZrWhE&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQOqdvQ1nHz7nmui1ZLEQoLn_Tse_u01wdxShytgzw2AB31mgL-034JJZLQzz9BRRSxgpcOZsSZp3oLrXsy2Xdn69IcHZmrhQ&gdpr=${GDPR}

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=51f5af31-cda3-41b3-9f75-688af5821c0b&google_cver=1&google_gid=CAESEDuT13nHMKWvJsxJIgZrWhE&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQOqdvQ1nHz7nmui1ZLEQoLn_Tse_u01wdxShytgzw2AB31mgL-034JJZLQzz9BRRSxgpcOZsSZp3oLrXsy2Xdn69IcHZmrhQ&gdpr=${GDPR}
date: Mon, 08 Jan 2024 15:34:05 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9C73 0
12 B 28ms
28ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JE_ZyuJmMCmciyWBc6Piuq0LIcBtC75o3hJXcYVOv76qRllZrKyWasnjw9q9DaswUPpXiqzg

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 1B76 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0eb62db9d48737c03c767826fc60114198c1712837f00f00e5c3f4064a6b4b0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2491 38 KB
13 KB 19ms
19ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 539327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 09:45:18 GMT
expires: Wed, 01 Jan 2025 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9457 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 596ab355e9193db50235aed1a1f61c0aa5c121c2271f42b7651ca60c32e30696

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/15813293033853550592/ Frame 528D 92 KB
19 KB 20ms
20ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47ad00b9bc01773119411f1fa0598d0ecaec56e2e36eae06682114a0e57e88a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 527940
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19030
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 12:55:05 GMT
expires: Wed, 01 Jan 2025 12:55:05 GMT
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 1BED 0
0 68ms
68ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsugrGBUtgYR8tTesDO-mK2qFxFB5A1NYVIDdCKnJfiKN6nsAJCUphPQTbjqUG57BPF68dTHoNQzd7lthooUaNfre3bh3AoyIMYBfhaYnh_IyJjh1fDyHGJNsZlMPft1wceOgBbu9uWye7bbG2WmdzGKlcjUwyx5kylIlAdoDEvNt9g0_cZWA-yZRcHARgJwjdEXzkE5DA11LdNbg3k_b1IeuFgSkQhTkGBrKgZktll-dwaD5tITvZ21UwEukMojrGKvUvV4yUyT_o-8tl_--sDqMz6WY4NBvHSJILrm1ElUIduDvsJdDvvabvpihjYyyeMhGZ4EMd68ZoVqaSkVre0mKLmYkKIbVaEhHFmFzX8mOMey3pVMCzr9gvPMebmlnq5n83WltVjONlpf6d2io0HFh6qAdKQU995YJwI6cdbOsXHXqXoxtOZ5Ip5xGME7v2Z3b7DohwyhufhE19d9kP6MUBNZM85MXW7hCDaIph-QyQa_hUbG3lAf-Vy1GuczczkfduzsMmLkYxW9vwK80-CJxWhN3xvimTpm2GHNzip_xDWRCdtGAis9AsGQHDhm5SNG3nDXvwZsvh9g2nb9KsOnEfgkyGEiYAGhmOQW8ATx1TNGuo5c5q16fmdiypfjBLOuavofWQ5lWT-0P9HkM8o027T1wYXTqrB7F14SO7DZ01u8dpRecfF66R3K74fKrTaNFDiRAWdIDbCoOYftUWlKLYSQjFOOAMFgIJUVvwLtoHQextWinDP86TyNFEXPIXLbctbE5MulJefGt9u-SEv-ss4yt8qCtNL1N3zpz9ytzNwJ4nUk3MCm9eYXAYXOsj6n088V9_t1D1V04THbUwyEOTJUTnlqB4cbK2iz-ZpmCB9bDJpuuNLE8s4EH2ZFwfy9WcvTZAZLdsjbTXeCgiB22piSxmQUVNqGrbnWqId_sr0KqmniZ2Q3O6hlRZ9CBPA6R5wfGmEFFMryttKk2Q_0G-1eWmeWOltosPRRdsKR6sqlhvCzodUA4ggnYV_snK7H5SfoShjAN_2MgFSkd2bhKrVF_RWpeBZ8lcMITNc2eov6y04Gd7zLr1_Uh5Y8StlykSzVw5N2oFheSexNwZipc1I8NsBiNRrLwp4wVavdfpyfqi-2jdLb9-YRGDHD8on-7VJRjsqx8yA0Jo_AzWgJ2P1JqH_NvXXrNOmDabTiCEwT_WL9_IRCUlDSN3zIDKQSrvNxlJZPxrIQWhKUMZdoJPG1KQPheQeONeLKtG6V-hAL-Gdf11r4dKJ1QKsAvfQ2ebUYv9Gy3w6qUyCmdEhABRAEoq3bDM9cDzFvLJh1VVz1ZzLBxOt6w5NFXa_v9uyLk-Mdy0519Itgu0EZZkuBkPv8CMPqCI98InQ11rBIHH0Wum5EKNgyeG--s9HKR5NygqRM4PwVIOndoxwZw0gU9h2lAeN5R0g8p8K0wFwAVAnT1UxPxUkiXjnKVSO3HT7kS5Du&sai=AMfl-YRLzg8gCj-ZhfxVDptnoR1CzsEz1_QXMyIxq5Vq45v3uAZfsxOp8CcOa4qJYxCXALortxOvN3u4ty_uzjHncxosI9UgbTuzdbehIj26YYNBrQcei0hev9cCT67rQH2h2hsxjIQKZJs9EldMktQb40dHQPxUTFq_3gIcTGabOn8R6w6BO9cSh2bMbPPD01uiq_VYrlc9tvXt8y0r2XdRzuepixD7BFCbeDgb3VKU3tnmO7UEmhVRX5o2kCbFHcr77bGug_Ne86FIXEja2c3RmbNCDbgWuujRycT1t_pFIF9h5wwShrOsHxBWMy_-_pB8d8OTpU2_PoehsMfZ2dpJZm_BgYXhW5WT9lHz7iF8mt7IygWKvgF7GdPZF-rIK3eayYSQHg1FMRCpkDtvMpP7v64UofaGneWhGsBp58UPjy3N&sig=Cg0ArKJSzIj7K8BPMLxDEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=387&cbvp=1&cstd=385&cisv=r20240103.90554&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/13341115905589903360/ Frame C04B 86 KB
18 KB 20ms
20ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2bc2cc1e49f8673220bafe0fd0a4a378db0a24baef5608ee88f513b4b5aadb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 527940
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18720
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 12:55:05 GMT
expires: Wed, 01 Jan 2025 12:55:05 GMT
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame C56A 0
0 66ms
66ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstV9sqvsLKZALCqFE8nZv5pwb2Uyf3pXQ0lSG28sjYL05R_GarNMATeSVXQukGyeDTuRCfl1lFhSU258s8DAy9H67BYjlbBJVt_dCPy2Nq8TEDsv8Gv4xtHawVyGdetSlxrVKPnPs6DdFzvvXTZ9Nw5vv3ufB2wNGL9aKdVKspEdmZAxcoSX-SSficn2Iw3z5VnzoxjIW5q4O9rFPai_0U0aFSEJc1PeX-FpsMLTz6QR05IZVOaTUwJCj-PrBTdtTBdznldwW0UZk_TCJTQS_57eFHyV-trD2myFgCJaWIskI03Vw8HUezQOjTfBuWUpOgD3itZ6UYpZibQj9pRbI2A4mKycoFA3M-hOQp5oP_TvEJnGynIQDG7I35UsAFUJIhT-OFc9UROM0aQH0h8eO8ivaL4i7qhzPPOL0V6CWDqOXYiRcQLGhdb-5M1dxSZ74XoAZzIufvcublh0SLbCVI_T4tun05KWSBQxXFJq1JQOV5jwnz3Y4TSpJ-xz0XhJRDaYgsZsEtgKGM7p8yLo1NQM22MRkdx_5PCrUudCJEzKZHqxHYO0r9V49h0GECE8LmLQWHch8b273knUQbR_CX5moxrsm0THxZzGct69lkCALlsK7yv-ym2YCqPH8Hj3V9oTiJkaHXk1sN-dt23EthYKYEJQGMy2HN0hG4Ur1gRThV-SThIMWA2qRf8Acay_s-KnTtQdW_hjJqS7-6JbZIksjQOTZcUytTjCP_EsjE1-l6XjvV_9NDybGrQneSbrrQmpac4l1IGYoWpADuC3EhdkdkIfXNQiysP_ojOzLbWcKGNvNxMjbn5QXhjvXXzXB4Nn41sW3UPUYpC04lrtTJHo2EnL37mN60OQXLGlcQAheGa7cuSX9m6kslsa3Hc6YhZw4rtxn0SrfhjLUFCvdLY_bB4Lx2GZ7w5M7Irfomq4b1S4qjjoKfsrjRs-atQBz-GOFFK06aYs4nm5k_jOkxvWWuRh_RlewoaNWQ2y1aPPpLbbLdSoCwH9j-Ex5zjT34_tf0hZpmIlV7J9NPqcsJAfRQQ3nyZCJKkpBBvwo5ajrNQ3BzEUAqrxD1xMgUZmKhfJZmLOIeeKxTiRJBq4ME8EsO49zYMRculJDY-jHR8b_nqbD3sFyZagOdC61MGh6RkEwI7mCr7MCvGFgSEUw6f5ymZRfxCEZ_ZfZTs0JW5m2IINDDAeZSLCbwt9TW5BoXd0QVmlFk17egc0tXzOsTEBWZOzCmA-Vfk5yxn4HgenGu3aMRjJpMRpVXE-fFA_S_FErGqFfDHWm6mYxNajYMP66KQ7ViV19xU8ZOCX-bjQ5rLWP-3BFGvtL1vLKub9EaYwGpf1hk69zHZENHPcRdL4p2wXNP-eHgJx9dq6lzXwbD8lH895cQDuXv9GPIISfSlb_PMNmgW9X-RjRddHuatfVf1AVdLAvOjm2GuKnnEuL7mjo_RJAO9Tej6_4UgrAy_q9eP&sai=AMfl-YTxYrtBBb_suhpPmFKWK0lgXBOaN8D3dunV8BjtXJN3XJNh88nU9vTsHmN5D2WbifF6XF5lSWo_25XQJuQomyXW2b0GszoAeJGCeyWF1AkyABfFf1QO4MB7Hn3WJ9WwrH5N1RifGJbS3vhY3h230uNEl4dJUmWipU60e5JC7au3YLJ4v9eOmNHjHAIoVaKfPjwVE1c42VBNuI5i0_NZKaOnGVanfsKXH2e4UEt4oQ_ewtR8jmXW263GaIHssvj-l380C-fingcm5IBmjjyhhTjiWL7z7DXnCbjvuiGNbHjkhTmfCHpN7p6PivgjL32OKgc0JxKwbDQaIuiXx2HUIefZTqVkMOKGDnc4FeP2qycvu9IRQjx9hjiPx06qQlddg7Hy_ovrx8ly9iFhPmOB7dKLBFr1ovAac5bYWUmXeXvL&sig=Cg0ArKJSzEj186e6ViTbEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=371&cbvp=1&cstd=370&cisv=r20240103.62832&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/16193090738366447616/ Frame 0245 87 KB
18 KB 21ms
21ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8527f1710f77619ef0427292672a746994c3d64943dbdc9102d019536490653c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 527940
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18597
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 12:55:05 GMT
expires: Wed, 01 Jan 2025 12:55:05 GMT
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame E5D9 0
0 68ms
67ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu5i33gWmQdl5DjV3aql4sZ0UMoRgCialupjQFzyy2opEus_v1Foh9keAkdaDbqPE6E8Cr_u9ImUfuJ8OjR5s6uP0yPry1NkxXf0GaZTOQQL5yTTHbe4446B68tsUrjjQHP42o4Ohd29AaaVHch9OzHedqy-gB8uL6MlyRrG8mIb80yOBXfGIONMb3_sMAxMtzhuQSChcMG-DmlMR_1RDlYc7am1T7MlitCDxGU3gLGnH53sF1QU5mDF2eUy3bXrXWoySOgzYOjA2yfrcaq1TG3QMj75p-2w4eQbSbgQWJg1Enb3y4EPj3R10cg_DO4_YBTrm2ivGs7NsGb5Zx_WmM8rGOJgeerQk3OaWYqls8nMbKV9i94SBj9zqMaO1IJ3-gP4UEO7XZd4S1X9ByogWvK-9DDscogwtAhF4u3CaUJk3TiRl1GGf6SK7b90bd9vp5Q8tFTgw9fPmEJirwxHowoGnbH3Vp2Zh-ep3RFmhHWFDSazf1gyKjXIDobxwn4MXA2HiGSfd-Gux2dP0WdueNHm_EId_9I1F1HjmTsf0mXHhSoW5a75xuSfUmegb2_9NhWWfOYBQ2Kpmq1uYOZ4qEFB5VtMiKJEua2EDWoLR-2uEkELXGaeFrCFsn_va0ucK9k_PYW_cLefY3xQScQS2WLAd6tZqN90ECkfOMWC0Ooh5DEIK4jThgdSF9StRjwWCbCk48_mh0QH1VNDZ61F00jyRzvzZeLKp6jWZYtOmnCoZja1ct-taJvbTtk9A5RpBZvmM-twtLmo7mtcJgXKJsTguA2b2GK6JXqUqChGdPA4BIOgHb1PAFQkf9bKr1PZ7L9sGYiKc53X2TEBEpFZKn0aqVLjgnq32M0pLx0Y7P7Wm7ZVyX8TIBUSWJuNcmLRV2lycV6aT3ZWYYB80e17ovuBdwtFZJ8l3LJZ6uRCBGJGQ3FWQ1w7jXFpENq4oZkGCKrzCZ35tRD8Jo0PDp3BRxHh59LaCRds7DyEzaujwwksBt_nXSx-yVIY40C-bWvuB_fvJzbhni9N4B3PVwyeWcIrIihkd-fMdgkM8eRi_RIr1wPVB-5IBWM1F5hG1u-4PuW0YHRAZtqBzwFeunIt45YuTh5aRzjDDtGE6gGTyRrUoJJBafH-0kwEO-ndlvvioFINr46Ra4JQANV_SSWZCvtviycs-hHcSXaruBWWnHhgaMAkL7l0vg9P6keIPe_BDxQifawqPD9hFHzvWVTzVKBGpy6CFHbbiBi5mRXjNOXruJMu1ROZmaRqxWCvFESuy-jRjFtjXAXie7_NOUbt_zy0JaQgTuU-a2JkyyR_p9PElr3iHHPiL9PCwL6SHeO-HXRf9ar6uTeDvPA_68VRH33D9LWD7kD8N7EuqRpw9er6kPFFrEAJkLVr9rStwvViW7fOCEdXi3NV8VQiN5wnjiQs7lvyAAJVjeNJ0p-fQys5GfPWKrnCt4HzANVtWUfwm14UO4&sai=AMfl-YRp7Io9cJARCrpckwXBTJUNfOOznltOCMFUKb28fAnOMZj7wHZmv_rg-IrNH8jIqjvFGU2uWjrIgr0v2mMY4oCjmQKBYhS_gTah52I-PTTDUanjHRHpPI33d6WYT6QYqAvCH2sPB4qJVh76Ymb9kDfdzUNzSrSBOhrfJ9s8eO0YzwP3KZd8RJM2vkRs64z0xEV8lgEgeT7OKki4D0NCZr21dY71qxhEY-KVy3-b930UjBwO3M1cobyMbvOrA-LW1qEdZuFkZdhYJH2slOfr0SgSJ0O635vehoRJ6J_tG-r3yW3ZfbGsZQTOd4hWK-6SJkJ_Pm_atpKRb2cZDRCBZfMA7o6_s4MXG-ugpPL952c_9edHkBFcg2N4yEMOl5utsoyws5_YoLDu02fWO54EoFsRJPoDSi1DP8_GvdSssb-e&sig=Cg0ArKJSzDW_RW39m89vEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=364&cbvp=1&cstd=364&cisv=r20240103.47151&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E9AB 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 14:08:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 6D01 31 KB
12 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCxg0PCw3ek3j3Ho1b97thIJemNAy2Xw_pGaSKOt5iMrG4Shuda343giEN-LR2_7CU-UUcstAfpCNyp5GMJs-oDHcVrmg29z3j5L2Sy1pWhHuCgHE5PBIVHLf5zt1OglvBc2KepqqVoByXyxsUWEN-OwYFrM_Ph1UrlcoSwMIxJi4_PbI&cry=1&dbm_d=AKAmf-C_zunZZH6h3IgzMNfyG49eRVEyqfvQ4zZldV75OIo8ClHrhmQyI6BniOA-qOm3I36b0GvNyiOoGU1EhC9cQWbzm9R3AOniDWpH5jondyMazyoRPfc8sJJZVr3y1IaTTY8aP1GQwmH1m1Q6eGEQa2ICGIb-xXr3ig-FzE5-50hetTyQb0xsff7j_buTzMcOYPTzqReQYjsxQi8OKF0sbSLy5cOQBO40AvegUzYFAy8KEGlWv0fHaX4Sy8YTYcili9qY-eOZqhpPPTUZn30_7GV0Q96SVhWidkhm7pa_60d1YOjnuqqcSw0AVcrRFLHBz9G7CTfGMLiyBx3c__oYaldcNf-2WJtI8uhXxI4-cus9_wa1RJrxfJa70j4suqzICC5wFenoxkKxHKM99r7xIhZL_BKn9838MhBlBhBqywReoZXCEDJyix7KhJWNXBP2LrPs3JGrIzUHQMrk29XOValklxjV66mvdJx9Q7YGsCZAf387lwrj5tySKFzjVDKWRBT7iFAlLlVNkGp8mADZGUnEfsDMeqGQZBGoxUGmI0Z6_2brgaJD4eobM2w3_w82_QuugDmv6XUCpcoTWwQgVN9R1jSTMuslyZin4-zrfukE4-6Z6_97GfpDaqc6K5xFSspQQch1wLSPxmADGN-o9jDJuCRoT3eg-KWsLipuqmTK7zeKCUJuJOUZwiTMyBCPgNA_VeS86l7i_YmzzWS3FN9NNf0W6iVTLguYhfhNFZ1ar5MXelzaP7TkPUek1dH-BQBlMsnEMd5b3CRJ1gGk4ZNLLQzqbT84_wgYH0cTXG1bgI-v4XDci3WpeA8OrBXFaJduIjNbxPnD6S1VFiFewml05vICAaOMQYkse71XbVieLcIx50yXaMG-uX_jCT-9LbdmuZY4Ou3SoNnu-Vx7H5TUK8Ehu3x9k-Vf9MVqPPwtb3AwSKCHXlXHqiypSXaQGwBgyYPtQT5wt864yzr9SgfwXK_r01XBhXArwSjQVMimRnsT8CnWYHLgknwBg0C-nYhTzxSt7-AM77qDRiyBdTPJCbYcjIoA_-wDkvONb2QH3YG8BtpG-D8KCmA_Vyt5PSFOmSU_f9H5jY9Z3ySHZrg9w9BAQ5IX5WGzIB24810_VGD_gcNFYXFBgOOOWjidGp2So216NCTPa7PkEhNaqKO2Y_QJB_LKFnIZAlYjGlICyafthP2oU3XSEAlK5OeFhvQ-e_YZq7b-Q9B491qm_-zL7UVSFjmOCI8ydIBv0oUZZS8nWelf8f3kD_5Hp1gpQUjRBdQMCgYB5ws8pRGcH-yPI694Hjqnjs6gdaCF9bwdbypTj4iRbmwtYrdUijPOsdeAFn4ixnzR2Cx4u1nu9rjhRbvTSJysBfIeCkd1bdrdgz4mkIut_bCiZtjvEdILdd8ZxZ8o6qLkVCSVKHR1Ab_nVYHXJzU7XABf55KQQVwEY4cCZz1ghbwXP82jaSVOJftwC7RBbx4Kx3naSi5KC4MZi0HfBWIFK8OyafDSpNjzWS6KV7MAu3BopGTmHRJ1ecoXNSeYrhGaJiXboBqZGq-njx265VpB5l8n1-0bwF1nodkNF6g-hiMn-qA1nULldpeVMBw_zO2vYs-bAhxZALnFteG0eEQA5A7wTF_bqjKkuc4EPYkO9tePrqwsF7Cqg1SRDutszc8KepjQIOnYFRVW6NJjfvSEAcTvJfah_aTN-nloxbxKzGL8FtrYl8P4PnTFMUNRuEHqSR24QrtIpLyjp0pxEh0r8jqeatHOQLMkpK2tIFkoKF3hd5FCj-ZnLO1q_s5THepFIBKvY0pMDT4idh22pYc5IBAPKjRTzIsr2sH5eY2fjSuI-NCiyIxWvYCoBhpy9Hqu5xSjvv5TACy-ym2Ow3k-fRB9-y4KS0R16mVT7sIZJJeLtLQiRGiQjn54tMMl7bkUeSeGTpdxamBLpT4HRrzfRnxfIlRVkWknn9RJw4vuAAtxp_O-wyjOm4axl3yammSgbf-a8kUDu0MolDpa3bfGxVH5t7Q56d6QNJEYHNHGQcaqKCQiYHaUCl1SHkPtGNuWFK7uNU26t9WMUPqmcBVZUEBz14Ox3jrmKEG52as16HfS_Vb1XXyJRzO_tz254_tqjET52uOeBu_Ryjq7ChhmoibAxsNyqauKwg-0vd6oATICtevu6NrFf5HO9sfewEBROmMkr6JstFDYpzZvF_8GCfDpVgTIVZplRqp7dClAsTKqj0qUlMFrsG1-d_UVs5bxT9hSDa5rWqaV0ppT9GHwHYUjwvnAQ98ccJbBJARgeDsaE6WbjvOPevnDh65EdSWF8JQd1-ooY2vSiIbQpyCtxACRCqO_oCZWu3YlVUbSRy5VmTjTn6g_F2t8fBFL954mNvDL9bN0KvzOQr2ussF-IUyFAaIB-4kBqElAq-iQ70Wp_BCM7VPWsdbdNpK0UwBsLXkS6uk5S5h9_Q1-8IOFpxzYPZs3gjTzHL3PISBDoCY-Tg8v2BIKIH4P-Stm1kS1_cj-yNnGFCmApzoyx09kIjq8gQdrXk4FNxXBPr6Uz1Z9_HJf0XZa_7FXUPce6c0A5WUwX0nklejoaQCH8Tai1_mgeTDnMvuDft7L-0g4rXAiZ2A_8_9qpxN9f2QfW5onAZhZrqsg9piEkjb53VSOcgLBGDt9fRjzE33_gRzZ2AlD1r7BVLRoW3nwpzwAuBS1kVfs0Zv3sKO9yxmoQNvfbYQKOAM60BFTBVA4pFLf_0h_Ji-NfrlByvQ0KJACrDrjH8_v71ePTRjQcTaUD6sBNbnGsMLrObaKtNMlRruN0IzJK81cNw4HG75kYRAZ0UtlcooEKGzINscXx73TfJfLiD5WMk66nHbsjJjW19rumzgzOPWf-7CQp5kuhLlV5LmeByQyIROt1SnPsxLFy2GPxCojHx3vfZAr3SrHxfXCfNGSF53iPfJPg3ZiDAC5SvuTYlr32Kt9tX0eTHc-62vOzLEYpSJOsXDymzaCHleUTSx4M4qBxsWU8tX7I3mXt3TUEuSnaGi-3Tikcz9velMYMhKvfEPJvJ0GmxlAbE0xi3Fe56Ynb_2XXc4lN7bD-sT2sJ-VCJZnPe4_WB6LPIyw20rCA2EuXxV_2ZR0PNC3ntU1FKTFL1Xhiml19YctttInbuTT3xQjJ0c2waHN4gjO2-lnyBn8TtwIFvq-jXjZM512LIEHCxTCbleISLeRktnenF5fvNgy07qw3RBXzvwI5u6OYbNKFNmd5PPp8lHCfuYnsziIdSBWAWcdt5F7SmEYwUXxq3NhNrdjcndHV4o0E7-cLnAd2U0qUjXjTDsGqMC86y9QZrpajFsalXYnDG7cjSPGoYtZUw7SVnj9e0RO0Nlra0k0Ea869r1AhwuM4nKSPmfMrbleomYxE200LBAto0FEOVBFb2OwFnRTN4uo7pwWEH0mWvD_9oS7hCzqP780J2HPLk30Xx3Q6HB58eo_LCMilQ78tXTf7W66RBzA9wZkASgKatpxlTow3eejzfHzpclvyt6mYErXAfqekNxbMKsReBZCXQDvSNhQTILWgteNSM2I6uLevRPu78Rn92odIBjP9cIQ5DBo0wFk729yW2IfAsCaiqIJrfS8gn2Q9hqoKy2Pz_EO-AfE92nMQXezmrAfF722DzV4cMtCg7NM9WyqG6687hhDeZNQrPDHEzv4JAfmHMmdWO21w5Izyj6DY2TKYdPsfKUTRveXuLMcA06YGico70sGdsYFWPbZJcLAVXjuQtIfUZ0inIX0O1YqPHQoZXrhJ2MHkC9LClngMhBC2vEROltG17Pwjj0208-otlTe7hA1UVIRdWBqctBipG_gexlgEaJmgP54baWKYE3PlD9hpRgnu8GkY0oVz93-dx5UADGpDoufITgtVXo9HWWGL6UQsMZGKoyTDDXnPCTX-S9x6Bziwwwcct3AYZBX-Eqdf1cXGIt2o8kynYhuwvShZnE5CyycE1Yfbd7DydTqAdavqwZncEn76A&cid=CAQSPAAvHhf_TPd7Rwz9kzGolpf4R7-Wv2xX0Lwp7umdSRrfg87er1qR3i_QF32gNcm_bIls5RSrF-I2suIMYxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.omelete.com.br%2F&ds=l&xdt=1&iif=1&cor=5298470497536883000&adk=1033480540&idt=94&cac=0&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:55:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 12:55:23 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D01 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:05:08 GMT

GET
H3 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDcyODA0NTYwMjQxNQogIHNlcnZlcl9pcDogMTM5ODAzNzQ3CiAgcHJvY2Vzc19pZDogMjYwMDYyMzA5Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame 6D01 0
22 B 66ms
64ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDcyODA0NTYwMjQxNQogIHNlcnZlcl9pcDogMTM5ODAzNzQ3CiAgcHJvY2Vzc19pZDogMjYwMDYyMzA5Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogNzE0NDE4ODAwNjMxMDI2NTI4MApkZWJ1Z19rZXk6IDE1MzYxODg5NDE4NzUyMDEyODYwCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0wOCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMyNzY4MTcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNTc2OTIyMzUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExMTE3OTk3NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjAzMTc3ODM1NjQKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0NjcwOTk5NTQKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8ucGwiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLml0IgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xcf7d6795d78f8baa0000000000000000","13":"0x52d28da589367130000000000000000","14":"0xae11168079f9e4310000000000000000","15":"0xcd7c2c52f3e79d030000000000000000"},"debug_key":"15361889418752012860","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"7144188006310265280"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D2B 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 14:08:44 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 528D 70 KB
25 KB 79ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3332127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25280
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-62c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nqpIkSY7c%2FPag0sIYtU5W0PxYS6cbteK8jggnvroLJsCGGZZeG4PBt%2BuT9G2meP2PV6VMUyGqXTOzywSyjFre4h6NqoqqXiFb8s%2FWK%2Fw%2BsvrXAkxc3X0F8eAcFrkm%2FITpXXU%2BS5pjEZj%2BCwB%2Br9fR3f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 842580ae7f4cbb9b-FRA
expires: Sat, 28 Dec 2024 15:34:05 GMT

GET
H2 200 CSSRulePlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 528D 2 KB
1 KB 82ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5910261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 821
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-335"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsUiJs5XOMaMbmPoDp%2BDP5K0uJ3wmZAQSgYJHneySJf8u5Ubhh8fPTdFVXa7XzfszVe44TiA9IVO7hj3SDQzzAGqNijcl6QxAilfAgWLVaQ6S4V3J3ARnraex%2FEc7uw7dgcjKAM9QSysQC36wuktUTBY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 842580ae7f4dbb9b-FRA
expires: Sat, 28 Dec 2024 15:34:05 GMT

GET
H3 200 f378cfc5.svg
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 5 KB
2 KB 24ms
23ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/f378cfc5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2433
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 13dc9848.svg
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 669 B
430 B 68ms
66ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/13dc9848.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 20:07:30 GMT
date: Fri, 05 Jan 2024 20:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242795
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4332eb45.svg
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 5 KB
2 KB 66ms
64ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/4332eb45.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 17:37:51 GMT
date: Thu, 04 Jan 2024 17:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2343
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 dd1b3636.jpg
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 62 KB
62 KB 52ms
50ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/dd1b3636.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8beecf77b495c3f976c2ed865e71c62bd49d5e5ad66bd7d9b786b1b912c4db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 06:06:43 GMT
date: Fri, 05 Jan 2024 06:06:43 GMT
x-content-type-options: nosniff
age: 293242
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63261
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 7ef33868.jpg
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 71 KB
71 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/7ef33868.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ace8af7558d18129ddd3d52a56d5a83e7e87aed65613183d2354ad52c1416c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 12:55:27 GMT
date: Fri, 05 Jan 2024 12:55:27 GMT
x-content-type-options: nosniff
age: 268718
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72795
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9a221e84.jpg
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 27 KB
27 KB 64ms
62ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/9a221e84.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b4e911a8e15e9aa70a90bbbfbc34374da4ebb41082b1b731c9939114ae2cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 14:30:19 GMT
date: Fri, 05 Jan 2024 14:30:19 GMT
x-content-type-options: nosniff
age: 263026
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27215
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 31152810.svg
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 302 B
263 B 41ms
40ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/31152810.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 63ca751c.png
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 2 KB
2 KB 69ms
67ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/63ca751c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1e5dfe98cc72943d3a0c3ec75a441dd9d2111c27db7cb5a9ac721ee7b60abfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 12:55:27 GMT
date: Fri, 05 Jan 2024 12:55:27 GMT
x-content-type-options: nosniff
age: 268718
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1940
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 72064023.png
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 3 KB
3 KB 42ms
40ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/72064023.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e1bd882478ea2d53cea87b43488a5bbf1bf8302f8a3de5a2baaccf9df96a9d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 17:45:14 GMT
date: Thu, 04 Jan 2024 17:45:14 GMT
x-content-type-options: nosniff
age: 337731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3357
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 47032ac1.png
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 2 KB
2 KB 43ms
42ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/47032ac1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a083268799415e307762cf70a7422166b40b50615c3c0083f5002e758286c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1747
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 58468943.png
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 3 KB
3 KB 39ms
38ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/58468943.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c450ebe740acbd203871abaf35582529164819738280817fa6722abbcbfd029e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 20:10:30 GMT
date: Fri, 05 Jan 2024 20:10:30 GMT
x-content-type-options: nosniff
age: 242615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3011
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 a6e304b2.png
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 1 KB
1 KB 69ms
68ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/a6e304b2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa6522e0ac537a9155811bafefeae7f345f8a112e3434695a6a6917b49f5e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 17:37:51 GMT
date: Thu, 04 Jan 2024 17:37:51 GMT
x-content-type-options: nosniff
age: 338174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1192
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 7e1c8366.png
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 3 KB
3 KB 29ms
27ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/7e1c8366.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60159e9de8ca359fa7bfe53d8f4b2bbba92ad4432a6569a5f74ea33d55be3f15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 07:31:19 GMT
date: Fri, 05 Jan 2024 07:31:19 GMT
x-content-type-options: nosniff
age: 288166
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2612
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 d3ce6798.svg
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 820 B
502 B 84ms
83ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/d3ce6798.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 470
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1147abdf.svg
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 769 B
431 B 82ms
81ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/1147abdf.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 fe4606b1.png
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 3 KB
3 KB 83ms
82ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/fe4606b1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ec08472d06b7e59c603fea9fd52905525f7b48da91cad9220ad38f65dbb36e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2689
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 67fbba47.png
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 4 KB
4 KB 75ms
74ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/67fbba47.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

654329aa8ed14513f33426fe24667fcd5e18db89bb84610a370d044d8b8b99d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4473
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 0f373144.png
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 1 KB
1 KB 74ms
73ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/0f373144.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c8840ccb.png
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 3 KB
3 KB 74ms
74ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/c8840ccb.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9a72c234.png
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 17 KB
17 KB 76ms
76ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/9a72c234.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09f9bcb4a752066ef29e95bc6656cb04e69b2fd64dd44a13bdb8da4eba419d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 20:28:38 GMT
date: Thu, 04 Jan 2024 20:28:38 GMT
x-content-type-options: nosniff
age: 327927
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17203
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 93ededab.png
s0.2mdn.net/sadbundle/15813293033853550592/images/ Frame 528D 46 KB
46 KB 69ms
68ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15813293033853550592/images/93ededab.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94cc35cd0cc08ed62ed5e48dc1b05055b3611e1df42d79203a569e0345b9b94d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15813293033853550592/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 11:31:47 GMT
date: Fri, 05 Jan 2024 11:31:47 GMT
x-content-type-options: nosniff
age: 273738
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47496
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame C04B 70 KB
25 KB 92ms
45ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3332127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25280
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-62c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPV6ylMVxjCuL15%2Fd2rGzx7j9IPC%2Fhr5lMVqGvHIiQg6dWxinrd0OFucgI6Lh8U6pAuJqTtcmFwJd3LG5dmXD4uDxtMLyyVYC09WLdO9gG6pD4A2TBucU%2FTagw8cJMlCQxxL88BVbrMsWN3k8z4WygzN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 842580ae7f50bb9b-FRA
expires: Sat, 28 Dec 2024 15:34:05 GMT

GET
H2 200 CSSRulePlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame C04B 2 KB
1 KB 73ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5910261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 821
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-335"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IypAe12Son%2F5tVmQO3XPOi6Rv%2BTZDbv46OyVu35HCLHvwkv%2Bsvhek2JbbQ%2BZwC9GV%2BxPzpVKSHObX6aNplCamkHQ4FD%2FkNVKIBFoN%2FP4gs27hL9PXmWkyr0QtNW4Pur5unIHqB2RqIZL4nHXrnIEXzc2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 842580ae7f53bb9b-FRA
expires: Sat, 28 Dec 2024 15:34:05 GMT

GET
H3 200 13dc9848.svg
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 669 B
433 B 99ms
97ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/13dc9848.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 7b5ac94e.jpg
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 126 KB
126 KB 88ms
86ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/7b5ac94e.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ecad1c325e26aab7e65be617979fa196ee5840e73c0a2f76829557934602954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129036
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 f0dc91f8.jpg
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 120 KB
120 KB 102ms
100ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/f0dc91f8.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb298849925f683a074bddf1074e358658b8c66987a85612b79791a6498e8f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 20:07:47 GMT
date: Fri, 05 Jan 2024 20:07:47 GMT
x-content-type-options: nosniff
age: 242778
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123337
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 f86eba20.jpg
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 158 KB
158 KB 96ms
94ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/f86eba20.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bf39d2a6064a154242a4193ae25028432995c31b4de27bf7dcdf39994f8083d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 14:20:06 GMT
date: Fri, 05 Jan 2024 14:20:06 GMT
x-content-type-options: nosniff
age: 263639
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162101
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4332eb45.svg
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 5 KB
2 KB 104ms
102ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/4332eb45.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 06:07:10 GMT
date: Fri, 05 Jan 2024 06:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2343
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 f378cfc5.svg
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 5 KB
2 KB 97ms
95ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/f378cfc5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2433
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 31152810.svg
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 302 B
266 B 98ms
96ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/31152810.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 62d82f29.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 2 KB
2 KB 100ms
98ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/62d82f29.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72c523f3a6bd2865cbc4d463d4fcfe473e91ca7c8407a47dea62c8d607c5500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2103
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4a23fd0f.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 4 KB
4 KB 100ms
98ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/4a23fd0f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c560955a3bd65bb3a5f1127b93d36593cdf850f71073bd4570f5bda9435e8bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 12:56:27 GMT
date: Fri, 05 Jan 2024 12:56:27 GMT
x-content-type-options: nosniff
age: 268658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3639
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 379b9609.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 3 KB
3 KB 86ms
85ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/379b9609.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7057c8d51f6e06a6c8be66aa0a89efb91068c81ee021d9a612e0975dc80a228e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2850
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 59df9dcc.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 5 KB
5 KB 85ms
83ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/59df9dcc.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7c1ca89f96c2ac6dac5a62b349fbec505318d4c694b60547c827f2b156b709c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4740
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 f06c15b4.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 2 KB
2 KB 94ms
92ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/f06c15b4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6a1cb7947bac55c1070534ac504f37532a1448413d0ed741726375e684d6c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 06:00:18 GMT
date: Fri, 05 Jan 2024 06:00:18 GMT
x-content-type-options: nosniff
age: 293627
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2069
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 f4b14c18.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 3 KB
3 KB 105ms
103ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/f4b14c18.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1f08163321a04295841c84ba02437a9ece98690ad1ea82e2c515e9228955ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 12:56:27 GMT
date: Fri, 05 Jan 2024 12:56:27 GMT
x-content-type-options: nosniff
age: 268658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3522
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 64b6de59.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 2 KB
2 KB 104ms
103ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/64b6de59.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52340560fda7c7ca6b4681939b010f3e4a0f8581550b6d35dd3219d3ac21d87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1618
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 e4de37cb.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 3 KB
3 KB 93ms
92ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/e4de37cb.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1926b35d9de9c65d719471d235e19a30885336681ede98311c3dd908d06f8e4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 11:31:47 GMT
date: Fri, 05 Jan 2024 11:31:47 GMT
x-content-type-options: nosniff
age: 273738
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3199
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 d3ce6798.svg
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 820 B
503 B 92ms
91ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/d3ce6798.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 470
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1147abdf.svg
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 769 B
438 B 91ms
90ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/1147abdf.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 06 Jan 2025 14:49:37 GMT
date: Sun, 07 Jan 2024 14:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89068
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 bf1bb6a1.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 4 KB
4 KB 82ms
81ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/bf1bb6a1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2e77febce01a1d98119cfb559ac60bdae1dd3597a3b5eec35173c79659d0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3945
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 692260a3.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 7 KB
7 KB 128ms
126ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/692260a3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e029604088b4b4d10e6f03361a7da5c18a1adeb1134e59d4e0f57fb566d0f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7014
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 0f373144.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 1 KB
1 KB 132ms
131ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/0f373144.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c8840ccb.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 3 KB
3 KB 83ms
82ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/c8840ccb.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1791c59e.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 8 KB
8 KB 131ms
130ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/1791c59e.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7bc63ea693701956f1e693a36ce1e0fc24287aeccd1efe0f96371582f3d58bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8014
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 68fa510d.png
s0.2mdn.net/sadbundle/13341115905589903360/images/ Frame C04B 18 KB
18 KB 131ms
130ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13341115905589903360/images/68fa510d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9876aee5e5417c163d9e7308bf64a54c7f6c5b9925bb667711cfe904fad2a22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13341115905589903360/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:05 GMT
date: Tue, 02 Jan 2024 12:55:05 GMT
x-content-type-options: nosniff
age: 527940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18723
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 0245 70 KB
25 KB 67ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3332127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25280
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-62c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cj6Kq1988MdFmVJ2xE8BB%2FwaRHraUq4bjJSOkXgj%2FGa935WbQnkO5QzjjUw%2FU95yPbUgdbm801L4i49aYx2rJv2FSl2atD46NQdVBRbits6dTIkGUACMdjp3GsRUDfgYITaT%2BuILRGdxhXArBSzmxN3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 842580ae7f56bb9b-FRA
expires: Sat, 28 Dec 2024 15:34:05 GMT

GET
H2 200 CSSRulePlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 0245 2 KB
1 KB 82ms
44ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5910261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 821
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-335"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSlArIuHl7O9djnpycL%2Fez%2F%2F1fZpcepHTdnO0ATC6w4jIu%2FgaHqIqLMfmcaQR7SF%2BMgQsvgPuPn9NbpEXYYecAR2nPXN5Ob%2FouxPk%2Fp4EO3jqGpIL1xUn335%2FZ2G%2FDhu4ReyDhNC%2Bt9nZ0gBtQdlgWHU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 842580ae7f55bb9b-FRA
expires: Sat, 28 Dec 2024 15:34:05 GMT

GET
H3 200 13dc9848.svg
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 669 B
440 B 118ms
118ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/13dc9848.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 170d11c3.jpg
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 34 KB
34 KB 111ms
105ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/170d11c3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e849c218934a5ba5248ccfc8596c3162689085fe880ff56c0ab60912a2ff55a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35100
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1598938f.jpeg
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 45 KB
45 KB 112ms
106ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/1598938f.jpeg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a6d2651f1e1fe0727fd3290c2598155a05d2b30ab867e41779454065ce01409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 10:08:28 GMT
date: Fri, 05 Jan 2024 10:08:28 GMT
x-content-type-options: nosniff
age: 278737
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46182
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 e9396c7b.jpg
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 43 KB
43 KB 105ms
99ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/e9396c7b.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1cedea9a6f9dae63eaa8dcd962dcb3d3835a9e5dce78daa2db47f9c8eb3ee56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43867
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4332eb45.svg
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 5 KB
2 KB 117ms
111ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/4332eb45.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 21:36:42 GMT
date: Fri, 05 Jan 2024 21:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2343
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 f378cfc5.svg
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 5 KB
2 KB 110ms
104ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/f378cfc5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2433
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 31152810.svg
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 302 B
274 B 109ms
103ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/31152810.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 06:00:16 GMT
date: Fri, 05 Jan 2024 06:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293629
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 aef85528.png
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 2 KB
3 KB 127ms
122ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/aef85528.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6e3fd75e470cd50759b897eab984da9b5cafeda028be8eba2e779e41df6d818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2559
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 083066d0.png
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 4 KB
4 KB 108ms
102ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/083066d0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

185ee6c604469276f38fddfd5ec30d536bc7d1ec539289d947184abc8e6226b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4267
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 24fd1775.png
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 2 KB
2 KB 104ms
99ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/24fd1775.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c55a711052b37e863c95b282351e168a8a252b23362e19876eef56d0f383ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2024
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 2fd19372.png
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 3 KB
3 KB 103ms
98ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/2fd19372.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc236616fa26a4da6ce999f7aa3b12df944bb6305523f8530ee3fa29448feae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 06:00:16 GMT
date: Fri, 05 Jan 2024 06:00:16 GMT
x-content-type-options: nosniff
age: 293629
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3517
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 5e0da0d6.png
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 2 KB
2 KB 102ms
97ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/5e0da0d6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f26944bb0a49105870ed138904641479bf78b09126c60f19be224f02c07eb89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sun, 05 Jan 2025 20:55:04 GMT
date: Sat, 06 Jan 2024 20:55:04 GMT
x-content-type-options: nosniff
age: 153541
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1579
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 a32ff691.png
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 3 KB
3 KB 101ms
96ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/a32ff691.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053fc6fcd14cf8117c1262ce3601b7922eab00187ee6a3ad05cf77ced1e144bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3153
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 d3ce6798.svg
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 820 B
510 B 100ms
95ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/d3ce6798.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 470
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1147abdf.svg
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 769 B
441 B 126ms
121ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/1147abdf.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 0f373144.png
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 1 KB
1 KB 125ms
120ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/0f373144.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c8840ccb.png
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 3 KB
3 KB 99ms
94ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/c8840ccb.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 27f12807.png
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 2 KB
3 KB 130ms
125ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/27f12807.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e9109051a8c42b9cd4d6217ebe0f904412ed10ff5c1c6b61f720a9936e7d8f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2531
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cfa19a80.png
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 5 KB
5 KB 97ms
92ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/cfa19a80.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b28b87b8b1818880ec42d1f17d37a2e525d2c2303e0e5a898b65a262ea254646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4608
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6a39fc2b.png
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 21 KB
21 KB 94ms
93ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/6a39fc2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3710e0f393e929ce3ef44553314e534b8804c68874b944bf41bad58b1bc6bc44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:55:06 GMT
date: Tue, 02 Jan 2024 12:55:06 GMT
x-content-type-options: nosniff
age: 527939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21198
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ea95bf93.png
s0.2mdn.net/sadbundle/16193090738366447616/images/ Frame 0245 43 KB
43 KB 126ms
124ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16193090738366447616/images/ea95bf93.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ecc9847cf91108f6fb4e5b87cd308c0f8613fd56ab4b27379d12e820bbd4a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16193090738366447616/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 23:18:02 GMT
date: Fri, 05 Jan 2024 23:18:02 GMT
x-content-type-options: nosniff
age: 231363
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44140
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 bg Show response
ads.revjet.com/ Frame 6D01 43 KB
18 KB 136ms
41ms Script
application/javascript 162.55.83.73
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 162.55.83.73 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.73.83.55.162.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Mon, 08 Jan 2024 15:34:05 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Mon, 08 Jan 2024 18:34:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9031 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 09 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6D01 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15892155df56a8c7a901d5f04f7c0d8735c12100b057cf0bda202f1aebf2c75f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6665 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 14:08:44 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9463 39 KB
15 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 14:08:44 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2491 39 KB
15 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 14:08:44 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 560C 38 KB
13 KB 35ms
29ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 539327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 09:45:18 GMT
expires: Wed, 01 Jan 2025 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B8BB 0
10 B 29ms
23ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hftFyg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9031 35 B
463 B 83ms
25ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDoGzpa1vGie3YeKNUUlNPY&google_cver=1&google_push=AXcoOmQKS4IvQXT2CJhJErkLi7yLPBX0JwCQWs53_BNih-7-8w2vNMnKRheh6H7hJWrGAECkvniWzmrJ-bybYFpVBBdAy22-n6OW

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9031
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wlp3VjdRQU01R1kzVWdBTQ==&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_cver=1&google_push=AXcoOmRZVeCD5zKT81efNb_xJrqNAuHH1a...

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wlp3VjdRQU01R1kzVWdBTQ==&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_cver=1&google_push=AXcoOmRZVeCD5zKT81efNb_xJrqNAuHH1axbZDmDVIjf3ngRC8Kpi_R_yLpyMOLYKs0KsVmYxRiMmr0UhmZbWNTENveshM76r-Hh

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220026-FRA
pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704728046.927781,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wlp3VjdRQU01R1kzVWdBTQ==&google_gid=CAESEEiNrstvg0_zGP7ilONADQQ&google_cver=1&google_push=AXcoOmRZVeCD5zKT81efNb_xJrqNAuHH1axbZDmDVIjf3ngRC8Kpi_R_yLpyMOLYKs0KsVmYxRiMmr0UhmZbWNTENveshM76r-Hh
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9031
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDkp8eIDmcpJt7kBP-fo6ao&google_cver=1&google_push=AXcoOmT8YKcxKiOzVuIm65k8zHQv2aMDNgXDWWdr-9ihrLN4xc_Q2vPqH7Ol2fhxNDd63wvpPkcOywutALHWpyI0jLPi-xQ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT8YKcxKiOzVuIm65k8zHQv2aMDNgXDWWdr-9ihrLN4xc_Q2vPqH7Ol2fhxNDd63wvpPkcOywutALHWpyI0jLPi-xQITDBN&google_hm=eS0udkc2MTJsRTJwRnBNNH...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT8YKcxKiOzVuIm65k8zHQv2aMDNgXDWWdr-9ihrLN4xc_Q2vPqH7Ol2fhxNDd63wvpPkcOywutALHWpyI0jLPi-xQITDBN&google_hm=eS0udkc2MTJsRTJwRnBNNHJhSi5vMUY4bkxLSEhjYUhZUH5B

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 08 Jan 2024 15:34:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT8YKcxKiOzVuIm65k8zHQv2aMDNgXDWWdr-9ihrLN4xc_Q2vPqH7Ol2fhxNDd63wvpPkcOywutALHWpyI0jLPi-xQITDBN&google_hm=eS0udkc2MTJsRTJwRnBNNHJhSi5vMUY4bkxLSEhjYUhZUH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9031
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIMjkX69mFPHYGQHjLnBbro&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIMjkX69mFPHYGQHjLnBbro&google_hm=ZZwV7SLwBtvPfBlGz4u9NgAAFF0AAAAB&google_nid=index&google_push=AXcoOmSqLiqZzSjJh-ceHmDaeDyBpDzhMeiUN...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIMjkX69mFPHYGQHjLnBbro&google_hm=ZZwV7SLwBtvPfBlGz4u9NgAAFF0AAAAB&google_nid=index&google_push=AXcoOmSqLiqZzSjJh-ceHmDaeDyBpDzhMeiUNYJ4vq86uv2YIcIRpFsn0d3HTgXA5mCSluZg1bhZuzfFgdwUmTd3GH4VWbtJ5u4

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BwNBY6YWzkpK84IFv22ysFWu4eJYA%2F7XM5HBZK%2FjfS0MevFIAnVl2LsQR6fDjTAVxhFGbOrJtKBVOhaSnijOu3%2B67XEMZTcwkfxXcL6boNYd%2FLswv8jZSneudXrEhIZYm%2FrwB1YuzffHA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIMjkX69mFPHYGQHjLnBbro&google_hm=ZZwV7SLwBtvPfBlGz4u9NgAAFF0AAAAB&google_nid=index&google_push=AXcoOmSqLiqZzSjJh-ceHmDaeDyBpDzhMeiUNYJ4vq86uv2YIcIRpFsn0d3HTgXA5mCSluZg1bhZuzfFgdwUmTd3GH4VWbtJ5u4
cache-control: no-cache
cf-ray: 842580af1a02450a-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9031
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGQRjhhLOkam6kssjFh14yk&google_cver=1&google_push=AXcoOmTc8Ts2IFkWszsvivljIsW1T0b9D8ZFCgaIGqAG2h8SMKxOzq7dAMyYJkio6wwIME0iZLAy_-gIEr0Dg5x9s...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTc8Ts2IFkWszsvivljIsW1T0b9D8ZFCgaIGqAG2h8SMKxOzq7dAMyYJkio6wwIME0iZLAy_-gIEr0Dg5x9ssASUkvEhkY&google_hm=H9SmAGZHqMHyPs4gS72m2wUt

170 B
188 B

39ms
39ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTc8Ts2IFkWszsvivljIsW1T0b9D8ZFCgaIGqAG2h8SMKxOzq7dAMyYJkio6wwIME0iZLAy_-gIEr0Dg5x9ssASUkvEhkY&google_hm=H9SmAGZHqMHyPs4gS72m2wUt

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTc8Ts2IFkWszsvivljIsW1T0b9D8ZFCgaIGqAG2h8SMKxOzq7dAMyYJkio6wwIME0iZLAy_-gIEr0Dg5x9ssASUkvEhkY&google_hm=H9SmAGZHqMHyPs4gS72m2wUt
access-control-allow-origin: *
date: Mon, 08 Jan 2024 15:34:05 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9031
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENlv-eraKLhMf9Tvh2mc300&google_cver=1&google_push=AXcoOmT2-0DW9nHbGyxoSmOi2aPQ2HeNjZA9mADA5ewJOddeDD3f7_Aq5LWIfNPmIWeOWI_yQYvFWX4JM0MN...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT2-0DW9nHbGyxoSmOi2aPQ2HeNjZA9mADA5ewJOddeDD3f7_Aq5LWIfNPmIWeOWI_yQYvFWX4JM0MNmsuYG9meiUBzA7wr

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT2-0DW9nHbGyxoSmOi2aPQ2HeNjZA9mADA5ewJOddeDD3f7_Aq5LWIfNPmIWeOWI_yQYvFWX4JM0MNmsuYG9meiUBzA7wr

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT2-0DW9nHbGyxoSmOi2aPQ2HeNjZA9mADA5ewJOddeDD3f7_Aq5LWIfNPmIWeOWI_yQYvFWX4JM0MNmsuYG9meiUBzA7wr
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9031
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQTrkhhG6jsvTw9T8wwOOLz5bwypmPOHh3I4jr9Yd69gcYtDxZnu91ZkXlqR5PJkjQcHElSjRr5Fr0grp8qewIAwenmEWQ&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-22e96ade-5b9a-488c-8a0e-14a0ab3dc6d7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQTrkhhG6jsvTw9T8wwO...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQTrkhhG6jsvTw9T8wwOOLz5bwypmPOHh3I4jr9Yd69gcYtDxZnu91ZkXlqR5PJkjQcHElSjRr5Fr0grp8qewIAwenmEWQ&google_hm=AyLpat5bmkiMig4UoKs9xtc

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQTrkhhG6jsvTw9T8wwOOLz5bwypmPOHh3I4jr9Yd69gcYtDxZnu91ZkXlqR5PJkjQcHElSjRr5Fr0grp8qewIAwenmEWQ&google_hm=AyLpat5bmkiMig4UoKs9xtc

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQTrkhhG6jsvTw9T8wwOOLz5bwypmPOHh3I4jr9Yd69gcYtDxZnu91ZkXlqR5PJkjQcHElSjRr5Fr0grp8qewIAwenmEWQ&google_hm=AyLpat5bmkiMig4UoKs9xtc
date: Mon, 08 Jan 2024 15:34:06 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX22e96ade5b9a488c8a0e14a0ab3dc6d7003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9031 0
12 B 33ms
27ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13In3knBXVZfhYPCE-sYLS07SMJ8UUqdYnzmCvIBZ1lSPzkknPWrlrBupE97sk0d4tlICXzv

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 1BED 0
0 61ms
60ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsugrGBUtgYR8tTesDO-mK2qFxFB5A1NYVIDdCKnJfiKN6nsAJCUphPQTbjqUG57BPF68dTHoNQzd7lthooUaNfre3bh3AoyIMYBfhaYnh_IyJjh1fDyHGJNsZlMPft1wceOgBbu9uWye7bbG2WmdzGKlcjUwyx5kylIlAdoDEvNt9g0_cZWA-yZRcHARgJwjdEXzkE5DA11LdNbg3k_b1IeuFgSkQhTkGBrKgZktll-dwaD5tITvZ21UwEukMojrGKvUvV4yUyT_o-8tl_--sDqMz6WY4NBvHSJILrm1ElUIduDvsJdDvvabvpihjYyyeMhGZ4EMd68ZoVqaSkVre0mKLmYkKIbVaEhHFmFzX8mOMey3pVMCzr9gvPMebmlnq5n83WltVjONlpf6d2io0HFh6qAdKQU995YJwI6cdbOsXHXqXoxtOZ5Ip5xGME7v2Z3b7DohwyhufhE19d9kP6MUBNZM85MXW7hCDaIph-QyQa_hUbG3lAf-Vy1GuczczkfduzsMmLkYxW9vwK80-CJxWhN3xvimTpm2GHNzip_xDWRCdtGAis9AsGQHDhm5SNG3nDXvwZsvh9g2nb9KsOnEfgkyGEiYAGhmOQW8ATx1TNGuo5c5q16fmdiypfjBLOuavofWQ5lWT-0P9HkM8o027T1wYXTqrB7F14SO7DZ01u8dpRecfF66R3K74fKrTaNFDiRAWdIDbCoOYftUWlKLYSQjFOOAMFgIJUVvwLtoHQextWinDP86TyNFEXPIXLbctbE5MulJefGt9u-SEv-ss4yt8qCtNL1N3zpz9ytzNwJ4nUk3MCm9eYXAYXOsj6n088V9_t1D1V04THbUwyEOTJUTnlqB4cbK2iz-ZpmCB9bDJpuuNLE8s4EH2ZFwfy9WcvTZAZLdsjbTXeCgiB22piSxmQUVNqGrbnWqId_sr0KqmniZ2Q3O6hlRZ9CBPA6R5wfGmEFFMryttKk2Q_0G-1eWmeWOltosPRRdsKR6sqlhvCzodUA4ggnYV_snK7H5SfoShjAN_2MgFSkd2bhKrVF_RWpeBZ8lcMITNc2eov6y04Gd7zLr1_Uh5Y8StlykSzVw5N2oFheSexNwZipc1I8NsBiNRrLwp4wVavdfpyfqi-2jdLb9-YRGDHD8on-7VJRjsqx8yA0Jo_AzWgJ2P1JqH_NvXXrNOmDabTiCEwT_WL9_IRCUlDSN3zIDKQSrvNxlJZPxrIQWhKUMZdoJPG1KQPheQeONeLKtG6V-hAL-Gdf11r4dKJ1QKsAvfQ2ebUYv9Gy3w6qUyCmdEhABRAEoq3bDM9cDzFvLJh1VVz1ZzLBxOt6w5NFXa_v9uyLk-Mdy0519Itgu0EZZkuBkPv8CMPqCI98InQ11rBIHH0Wum5EKNgyeG--s9HKR5NygqRM4PwVIOndoxwZw0gU9h2lAeN5R0g8p8K0wFwAVAnT1UxPxUkiXjnKVSO3HT7kS5Du&sai=AMfl-YRLzg8gCj-ZhfxVDptnoR1CzsEz1_QXMyIxq5Vq45v3uAZfsxOp8CcOa4qJYxCXALortxOvN3u4ty_uzjHncxosI9UgbTuzdbehIj26YYNBrQcei0hev9cCT67rQH2h2hsxjIQKZJs9EldMktQb40dHQPxUTFq_3gIcTGabOn8R6w6BO9cSh2bMbPPD01uiq_VYrlc9tvXt8y0r2XdRzuepixD7BFCbeDgb3VKU3tnmO7UEmhVRX5o2kCbFHcr77bGug_Ne86FIXEja2c3RmbNCDbgWuujRycT1t_pFIF9h5wwShrOsHxBWMy_-_pB8d8OTpU2_PoehsMfZ2dpJZm_BgYXhW5WT9lHz7iF8mt7IygWKvgF7GdPZF-rIK3eayYSQHg1FMRCpkDtvMpP7v64UofaGneWhGsBp58UPjy3N&sig=Cg0ArKJSzIj7K8BPMLxDEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=683&vt=11&dtpt=296&dett=3&cstd=385&cisv=r20240103.90554&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame E5D9 0
0 61ms
60ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu5i33gWmQdl5DjV3aql4sZ0UMoRgCialupjQFzyy2opEus_v1Foh9keAkdaDbqPE6E8Cr_u9ImUfuJ8OjR5s6uP0yPry1NkxXf0GaZTOQQL5yTTHbe4446B68tsUrjjQHP42o4Ohd29AaaVHch9OzHedqy-gB8uL6MlyRrG8mIb80yOBXfGIONMb3_sMAxMtzhuQSChcMG-DmlMR_1RDlYc7am1T7MlitCDxGU3gLGnH53sF1QU5mDF2eUy3bXrXWoySOgzYOjA2yfrcaq1TG3QMj75p-2w4eQbSbgQWJg1Enb3y4EPj3R10cg_DO4_YBTrm2ivGs7NsGb5Zx_WmM8rGOJgeerQk3OaWYqls8nMbKV9i94SBj9zqMaO1IJ3-gP4UEO7XZd4S1X9ByogWvK-9DDscogwtAhF4u3CaUJk3TiRl1GGf6SK7b90bd9vp5Q8tFTgw9fPmEJirwxHowoGnbH3Vp2Zh-ep3RFmhHWFDSazf1gyKjXIDobxwn4MXA2HiGSfd-Gux2dP0WdueNHm_EId_9I1F1HjmTsf0mXHhSoW5a75xuSfUmegb2_9NhWWfOYBQ2Kpmq1uYOZ4qEFB5VtMiKJEua2EDWoLR-2uEkELXGaeFrCFsn_va0ucK9k_PYW_cLefY3xQScQS2WLAd6tZqN90ECkfOMWC0Ooh5DEIK4jThgdSF9StRjwWCbCk48_mh0QH1VNDZ61F00jyRzvzZeLKp6jWZYtOmnCoZja1ct-taJvbTtk9A5RpBZvmM-twtLmo7mtcJgXKJsTguA2b2GK6JXqUqChGdPA4BIOgHb1PAFQkf9bKr1PZ7L9sGYiKc53X2TEBEpFZKn0aqVLjgnq32M0pLx0Y7P7Wm7ZVyX8TIBUSWJuNcmLRV2lycV6aT3ZWYYB80e17ovuBdwtFZJ8l3LJZ6uRCBGJGQ3FWQ1w7jXFpENq4oZkGCKrzCZ35tRD8Jo0PDp3BRxHh59LaCRds7DyEzaujwwksBt_nXSx-yVIY40C-bWvuB_fvJzbhni9N4B3PVwyeWcIrIihkd-fMdgkM8eRi_RIr1wPVB-5IBWM1F5hG1u-4PuW0YHRAZtqBzwFeunIt45YuTh5aRzjDDtGE6gGTyRrUoJJBafH-0kwEO-ndlvvioFINr46Ra4JQANV_SSWZCvtviycs-hHcSXaruBWWnHhgaMAkL7l0vg9P6keIPe_BDxQifawqPD9hFHzvWVTzVKBGpy6CFHbbiBi5mRXjNOXruJMu1ROZmaRqxWCvFESuy-jRjFtjXAXie7_NOUbt_zy0JaQgTuU-a2JkyyR_p9PElr3iHHPiL9PCwL6SHeO-HXRf9ar6uTeDvPA_68VRH33D9LWD7kD8N7EuqRpw9er6kPFFrEAJkLVr9rStwvViW7fOCEdXi3NV8VQiN5wnjiQs7lvyAAJVjeNJ0p-fQys5GfPWKrnCt4HzANVtWUfwm14UO4&sai=AMfl-YRp7Io9cJARCrpckwXBTJUNfOOznltOCMFUKb28fAnOMZj7wHZmv_rg-IrNH8jIqjvFGU2uWjrIgr0v2mMY4oCjmQKBYhS_gTah52I-PTTDUanjHRHpPI33d6WYT6QYqAvCH2sPB4qJVh76Ymb9kDfdzUNzSrSBOhrfJ9s8eO0YzwP3KZd8RJM2vkRs64z0xEV8lgEgeT7OKki4D0NCZr21dY71qxhEY-KVy3-b930UjBwO3M1cobyMbvOrA-LW1qEdZuFkZdhYJH2slOfr0SgSJ0O635vehoRJ6J_tG-r3yW3ZfbGsZQTOd4hWK-6SJkJ_Pm_atpKRb2cZDRCBZfMA7o6_s4MXG-ugpPL952c_9edHkBFcg2N4yEMOl5utsoyws5_YoLDu02fWO54EoFsRJPoDSi1DP8_GvdSssb-e&sig=Cg0ArKJSzDW_RW39m89vEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=708&vt=11&dtpt=344&dett=3&cstd=364&cisv=r20240103.47151&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame C56A 0
0 59ms
59ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstV9sqvsLKZALCqFE8nZv5pwb2Uyf3pXQ0lSG28sjYL05R_GarNMATeSVXQukGyeDTuRCfl1lFhSU258s8DAy9H67BYjlbBJVt_dCPy2Nq8TEDsv8Gv4xtHawVyGdetSlxrVKPnPs6DdFzvvXTZ9Nw5vv3ufB2wNGL9aKdVKspEdmZAxcoSX-SSficn2Iw3z5VnzoxjIW5q4O9rFPai_0U0aFSEJc1PeX-FpsMLTz6QR05IZVOaTUwJCj-PrBTdtTBdznldwW0UZk_TCJTQS_57eFHyV-trD2myFgCJaWIskI03Vw8HUezQOjTfBuWUpOgD3itZ6UYpZibQj9pRbI2A4mKycoFA3M-hOQp5oP_TvEJnGynIQDG7I35UsAFUJIhT-OFc9UROM0aQH0h8eO8ivaL4i7qhzPPOL0V6CWDqOXYiRcQLGhdb-5M1dxSZ74XoAZzIufvcublh0SLbCVI_T4tun05KWSBQxXFJq1JQOV5jwnz3Y4TSpJ-xz0XhJRDaYgsZsEtgKGM7p8yLo1NQM22MRkdx_5PCrUudCJEzKZHqxHYO0r9V49h0GECE8LmLQWHch8b273knUQbR_CX5moxrsm0THxZzGct69lkCALlsK7yv-ym2YCqPH8Hj3V9oTiJkaHXk1sN-dt23EthYKYEJQGMy2HN0hG4Ur1gRThV-SThIMWA2qRf8Acay_s-KnTtQdW_hjJqS7-6JbZIksjQOTZcUytTjCP_EsjE1-l6XjvV_9NDybGrQneSbrrQmpac4l1IGYoWpADuC3EhdkdkIfXNQiysP_ojOzLbWcKGNvNxMjbn5QXhjvXXzXB4Nn41sW3UPUYpC04lrtTJHo2EnL37mN60OQXLGlcQAheGa7cuSX9m6kslsa3Hc6YhZw4rtxn0SrfhjLUFCvdLY_bB4Lx2GZ7w5M7Irfomq4b1S4qjjoKfsrjRs-atQBz-GOFFK06aYs4nm5k_jOkxvWWuRh_RlewoaNWQ2y1aPPpLbbLdSoCwH9j-Ex5zjT34_tf0hZpmIlV7J9NPqcsJAfRQQ3nyZCJKkpBBvwo5ajrNQ3BzEUAqrxD1xMgUZmKhfJZmLOIeeKxTiRJBq4ME8EsO49zYMRculJDY-jHR8b_nqbD3sFyZagOdC61MGh6RkEwI7mCr7MCvGFgSEUw6f5ymZRfxCEZ_ZfZTs0JW5m2IINDDAeZSLCbwt9TW5BoXd0QVmlFk17egc0tXzOsTEBWZOzCmA-Vfk5yxn4HgenGu3aMRjJpMRpVXE-fFA_S_FErGqFfDHWm6mYxNajYMP66KQ7ViV19xU8ZOCX-bjQ5rLWP-3BFGvtL1vLKub9EaYwGpf1hk69zHZENHPcRdL4p2wXNP-eHgJx9dq6lzXwbD8lH895cQDuXv9GPIISfSlb_PMNmgW9X-RjRddHuatfVf1AVdLAvOjm2GuKnnEuL7mjo_RJAO9Tej6_4UgrAy_q9eP&sai=AMfl-YTxYrtBBb_suhpPmFKWK0lgXBOaN8D3dunV8BjtXJN3XJNh88nU9vTsHmN5D2WbifF6XF5lSWo_25XQJuQomyXW2b0GszoAeJGCeyWF1AkyABfFf1QO4MB7Hn3WJ9WwrH5N1RifGJbS3vhY3h230uNEl4dJUmWipU60e5JC7au3YLJ4v9eOmNHjHAIoVaKfPjwVE1c42VBNuI5i0_NZKaOnGVanfsKXH2e4UEt4oQ_ewtR8jmXW263GaIHssvj-l380C-fingcm5IBmjjyhhTjiWL7z7DXnCbjvuiGNbHjkhTmfCHpN7p6PivgjL32OKgc0JxKwbDQaIuiXx2HUIefZTqVkMOKGDnc4FeP2qycvu9IRQjx9hjiPx06qQlddg7Hy_ovrx8ly9iFhPmOB7dKLBFr1ovAac5bYWUmXeXvL&sig=Cg0ArKJSzEj186e6ViTbEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=719&vt=11&dtpt=348&dett=3&cstd=370&cisv=r20240103.62832&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.omelete.com.br
URL: https://www.omelete.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 piwik.php
analytics.ome.lt/ 43 B
138 B 135ms
134ms Image
image/gif 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.ome.lt/piwik.php?action_name=Home%20%7C%20Omelete&idsite=4&rec=1&r=183700&h=16&m=34&s=6&url=https%3A%2F%2Fwww.omelete.com.br%2F&_id=6553bdf5c9646b31&_idts=1704728046&_idvc=1&_idn=0&_refts=0&_viewts=1704728046&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=430&pv_id=cAklR4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
cache-control: no-store
server: nginx/1.10.3 (Ubuntu)
content-type: image/gif

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 6D01 20 KB
7 KB 111ms
23ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:31 GMT
server: ECS (frb/6762)
age: 159
etag: "64e381eb-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Mon, 08 Jan 2024 15:44:06 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame 04F2 2 KB
1 KB 106ms
21ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 144
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Mon, 08 Jan 2024 15:34:06 GMT
etag: "64e38310-744+gzip"
expires: Mon, 08 Jan 2024 15:44:06 GMT
last-modified: Mon, 21 Aug 2023 15:30:24 GMT
server: ECS (frb/668D)
vary: Accept-Encoding
x-cache: HIT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 560C 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 14:08:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E9AB 0
21 B 57ms
57ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B-dUX7BWcZZvLEsqL3gOT4opQAAAAADgB4AQC&bg=!NTalNnnNAAY3kmNgF5I7ADQBe5WfOKcCGRBfbF5Wel8TAQ1JbUiCh_A2egMShG8ISaGii26UL-aP90VXzUu7_fQOh5J0AgAAAShSAAAAAWgBB5kDFbjgfQODf51ZGlf6_E9CSFmsbQDMkh7UipZ_yyXOQy8RCui39kBGvLcjssmA58FxVvl-KKJ77soG693OuMO45z618qMK54qqovfRQLptVo94mozCGjGl8-hf92uNo7I8jfusF643UNgKuuFwPvEkr_88cQZtFy-q1z6haBxoNbdtdw9GmAvDWE0wd8VKUv0iioL1wKmaFlEHcHv6LOas7fdScIoKyJd0z1N3e3om7wrWvZlrWJWDLqUCL5J8AzEDNtfjOiAg7fLc9dkq50E8i5UA4rMQ3eBgdEqJr6WL4XUr7eFAAfm3K2ERkarJ_WdAf09QFpghDPYmfTF6x6PIJsVNZlVtPwOfvWYBmfbQxj2fkuTWIRe9lE2FZnedMiLKrTbC1GwHPSygo9bLVsoHT23TeMBkUX-hwaEVlvHUSlZnLhCBm32whGXz50nQATxKgjkI0C4giguOlcE8rYQ17DGmQQqpB9ZoJPt6BoCiHjxVSdnR2y3z7i31kHt2UuMQ_2bdSLUUnByt4fn1X3W4KughxafSPPGciF9dg1Qb7FvXEMyNNzQCKNAau35W7z4ZeQ7aXb14goaAR2Bhb_4qVfZJm392_DrJ4EPRVwcJ15j3PZBOvPUS3rfVG93zJO7n6eoddF0ThtEJ0tq12jMWKj5WmMuOqmC2Dnx_3ZMLLwAFjqugGDSST3hx4yi6Emqi1iJ43ptRJoT-L0Lf6LBpL3CmdqOI3sfqsZ8Nxd6VzTODtJVwPnzjQn6KyMX3p0Q5UXJLn-ZAml39Q5x21cwOR3vdSZ69tvgQ17FWeh3GSqX9Xj18KibrIRDqjXMsi5UV0O-KKrExybCr4t399CwpkFWnd9XCVNiqLA-0GMUzW-xgoy5rPKSdnxBJ17j_0VDb7V8mwliaSsrM5JJVuaoCGAQd1_I6_uJOelYFYW0JjGP4_8RVZ_I-il5lrBfMRmpuRmbX4Rp00bFENO3qv_gPZRfgymGnrbmF8POjNVASvpyQzoWnMMxC1SC2uVeWVz8cUCWoS7UiQb2nGCi4Cg4LpFmm_JJlpw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D2B 0
21 B 59ms
58ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B4JNh7BWcZZ7LEsqL3gOT4opQAAAAADgB4AQC&bg=!jo2ljcLNAAY3kmNgF5I7ADQBe5WfOA9qZbaWnyI01RQbkiLTVz9T8zlM3d2MHIi3Vf4VXO46b0jr7uJQsD01s46MizF7AgAAARhSAAAAAWgBB5kDEdM-ccN9EV6ECt5s0HHelskPTPg-kds49uhKeWIJwTKgND5EVmeVtBn8olMAoEtFG-6vZEa53TDAoR-2O8Y8wqr5teySRW_zWvEEtdd4E64g7ACwsJerFFGHe6yWvVzjvG4ovPZW2wTIwnp2hFZHN5SkYS77dzKjwhWTJLC8xyzs-44kXHNEBNo-5sTb7zmwKqJD9XBoKKB2mA-GmVI9MNCsEnme44DuyV30IW-0RdyWrmxPWmk43SXgbGhlOrbiTu9ugRfavtIkGnL6DV76-zPkGElYPjeh8FpD7ot2L6iz9XMZSc781TSY9X8JpLLt1E8dFAlaYXZNMbf0eg2s5CXr5Fqyp1tL35TbPdfLebtLiGOv5kJA2Cc0OpGrt3kgNFlgufyeYUZII5P4w58U2vv6zrZfaE3sCw9FWzq6UkcutTtXLLnT99KLXxPLOu9jGWVYt-fUCMXTafLhaR9c4TfX6h8dMhXVslP99Py7fjB6D0W0RpQfqu5ulL9AL0ypcys0I3Mt2SDF-jnd7dW9LNWNliC2tWuFfYVQ-7-zpJjiwPjHtMQU0ksEd29u2rkth1OVU3GgrWaUt_0oZou74au7sur7RdF_YAqaHI3H8xDH7se3gaDFaXjDpEIR3vEWhHI1BkG92mrZeieISlOcQ-POI5IgW_EXk1ahSJ9tYkehO8vLh-Y5nyUBv-YxnHUrpJHjTnEnE0CLwLPoPKr9gEnv7heuE5j268vDQ8V6Owhl-KOYaypb3JN7hF0y1KQpiL8q5COSdCK28S6uyqziAdVnWfoOEcUwGxzjsFD8FDl6XdICeEfEmPpwi3jSVvKPSdKRswNCEAwO-maRwR7dpPX5S8-13cLOqhJ5hLh3sGbihf4MzHvMTqXEYfZRlk6Bj3pN2kwcWBMJKttOpLHILoVz5R11qPHwfA6VsMqIeowbWr3JCfgGVql6osnzK8sOKrpxyWp7mjK5cn1mA_kTEOGqYfz5lsr0xur_jgBEEJIVpuH1rEhqXuIK2myEr_tMKjKiPXsgRDnnNsk13jgqYpcm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag236630 Show response
ads.revjet.com/ Frame 6D01 258 KB
42 KB 44ms
43ms Script
text/javascript 162.55.83.73
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236630?_plc_id=111757016&_key=e8d&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVPC17BWcZaTLEsqL3gOT4opQp8WAvHTS29yz-hC7-eyQggIQASC825U3YJW6lIKgB6ABuayQiynIAQmpAkoQbCp-V7I-qAMByAObBKoErAJP0CuSqmE1C0Met9wtm62wZbfLgOnQ8gtWv0r36ZYYYThV48gbjy-aklZevMQ0M0yK30Wj2A4RpnGWu1BOezFrJqmfA1x6A9sElAlZAd63HZkRAtjnrdB4QNO7DyiLQ9DL1OmVwQC6bHKW8sS-YOaR_kufareeXJTH3ehWQjbM7WhGFIik5OH32XZRWBhg4WcbwFCvzjSW3W_QZopwXq0JEb3tG4sWsqqsaR8kAbO55NSTBvexFe29zfbOMdk5MMVHMBMr1h0fysbjqDn3jxWzcWzm1C-lLGod7egtBMUsDbvvN1oN2sKTUlIsUSVw0AizRzXVqQ5Dwju4GdI3xhloKCfkF_7WjEtgDFoHxrxtMTciM7fSO-mxAVW2IB5mho2-6C5rzP6QA8lGq9LABJ2nq7mlBOAEA4gFjIyj2EuQBgGgBk2AB7nk4OoDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY6JWQ7I7OgwOACgOYCwHICwGADAGiDAwqCgoIrLqxAru7sQKqDQJEReINEwidlZHsjs6DAxXKhXcKHROxAgqwE9u8lxbYEw2IFAbYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_TPd7Rwz9kzGolpf4R7-Wv2xX0Lwp7umdSRrfg87er1qR3i_QF32gNcm_bIls5RSrF-I2suIMYxgB%26sig%3DAOD64_1HGHSYMIbO-8laQfJKGSdUp4pmhw%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BClyNYtAEA79ikNYTvnASZY6fHZTs4rYx5ZATJNAHPB3NwZIhfXSQhsBGf7oKcJxMZfSiGYTL8ng9N1r07jTleAuaZf5cveYYvf_H-uXzSW37_tZCYI6_p4txOoa9qLRkKex0TPCJELgTAaAJjR1h32R4aqmhGayXQbBXBTxW6W9Atbvk%26cry%3D1%26dbm_d%3DAKAmf-ALqjgalerGupwFcSRRba_8tgOa3kFbzoXUxK4mTw1DzmiG1V5jjOVufEx7EmNIjs9znwHIHAVs2xXeNUOLYPyMzlRNmX-Qx0txnvTqlkCfUaibvPOk67kYpql70hlXvBfbrFbQhY1mQLln_-skWpATRw_KV4ibiYi8F2ngk1__U29QscDf8pjHfgXeDuq3aNqW8gP0gdmd1OELve3NnhEQVXcDdW9kuJ-56uWy4MRPEnuoEO3kmwV5Ccwa377XiU7QY4bhNYQf3mLFMAhaMOrp46vSWp25sXRQOnbj4pI5iEXLLRtUX_VUxkRFNokr2w9arHQMhCzTXbcMYLbLcO96JFUFz7zYB7B7c6Nz8GnYIceMboUb0Cys7pEHtRsqDVr-7BwM5UFrfhtkBVK8F92IhF12IPBNi6cCbZPpLPAQEJ7igIKghbspqdPXNaopHXdtKmj-tOitcG3w3uqVhrCoAuS5fAcGEE3XtyLp1cdfnLyQLuStbsQtyD4iPBo57TLLYW6CUhgrnxBYTuSPfCBceaNpmiliWx9Qa1xE-UHK17FXGtknPi0Q9aWcnMQXaZ8W1M5q%26adurl%3D&dv360_cmp_id=20317783564&dv360_li_id=1013520331&dv360_crv_id=467099954&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fwww.omelete.com.br%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=2ad4594d4025c8b7cbde_1704728046208&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fwww.omelete.com.br&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1704728046216
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 162.55.83.73 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.73.83.55.162.clients.your-server.de
Software: nginx /
Resource Hash: 729b7483ca0d4ebed4308518d25a858d469fae295335f125a9290b3a557a56fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip56685
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9463 0
21 B 57ms
57ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdbML7BWcZaPLEsqL3gOT4opQAAAAADgB4AQC&bg=!enmleTbNAAY3kmNgF5I7ADQBe5WfOAQfpoi4C1S8tKDczMbei7tKrOQqZVWOLZq8lJ8lE6E7qN83Bn4ePBBrr-D-L81uAgAAANlSAAAAAWgBB5kDA8ywb944PYxKVP_5UpH6tiVlb82PpFowiXN1sEK_DOD5Boql5y1WIHOZgZJh5hiDn8iSDDoKbeW51r8NOfzzQEOGbVNmWJe1ivUd3qSgjPoP_n88lmzdaaw2bUTGgub7IOPneZbXTAMEwki66SuIwrftMWmCvvpybJxFQN5FHw2m4Fw9Oq2cBLOljT97WP0xaaqrOi7K1aVBI6Gz4ge-faYSHeAUZGIglr7vaM0-oZoULONYvGBp-DkuyTqMTtMzN4naFc7mbIl4BZJuRFPz_oAmPX6oNztV545h2sY0VsGCXjk7_dbO017zFVKJ18EYfxGi0rdUHZtD0U-wOjBVTmNBsuODAG-y39Bf3_k_h5Y4GupRagzttQAqqe7aO6_BuoQGU8fYSdL5feh40ebMUEUJVZ2sntLI_PwL0ASGzRm0ASZSCCnwHPMPUhzBGUWf9nbw2ToeLrgDVZBVNKjfT2vJQi7dp97QcUFujXV0bgWAM1ce68BHHx0iMVq6njSM-XiLg5tLxO6EHX29upzw-BsrWP39voazn2Tq_XPK3XdLCZhsfsVqzlTYV0TE4xD7kPswz5Lle_HpYMY2IQyIX8oABD33_a5EJ5jkcL3gEatDSOdLXmVzAijdHnNWqm0cJ3Lw-Tz2te7YHZDOwGvOiFU6tqNCiELxuAyWmBbH9nti--fiQoiEyTeJAD8IHKZphtwkgMo0EvHGYAYpB0fdPj4b9XA4-ZyRwmOYhxQHnXyv54ttApiYpXOlxqAiS3z6VPLd9YAIBBO7LccNI0nI0EUUqu03i8gTu-aXDmzZ0MgSk4rfXLgqvI5BCckmEASjmzOm5Nr9l7ZNpVyfBWOANOWthcpHiETaBrdGQ5ENyHxBNTk-kCK2qv9QtcPiDsN3fNYmSd_365kxzp31-oP6F-o_PBUPm6nPFS60p6gs08E0ad1QH8jysnPoQm5aGPEPubsO1YcIn3bg-5l2ZuLrfxDkPhqrp8hlSnYazQtjZ0ynlkWCqqDi7vGRjCCxoezPKfD_iw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6665 0
21 B 57ms
57ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BRvdC7BWcZaDLEsqL3gOT4opQAAAAADgB4AQC&bg=!DQ6lDkHNAAY3kmNgF5I7ADQBe5WfON4FJGKhT7WF6F4A4ddTZhkRnIYGMbWEByHgXqS0US_VjOGFlegzVkWm66Y-PE_fAgAAAQFSAAAAAWgBBwoAQxYRg6Xyo2JXkqKVm9WV3HEXxFu4trnoBNRE0xt1HebAcB3qJza_dC6NOWxUp5bnEvbW3LaXE7k6tXpkMgiiwvimUJKZAwmBcg_AwOfYB9NaGfmwxpM68_5dl74FnhposmLjf4PkiD-diWzCMPKZQCJFzVEryo-zsesjsR9D42dN3_qj0uBLdSORSfbL3Gumq-zuEWXaAM0rRxf6HdSAUjr6BpJwDLFbMwU_XQGKilQZGlue6A58pb0J96Xuq83v7x0OTUCM0hNtF6yh7aTFEIRxwCB19-DeYNpAW0LuT7pxyX4wh4f4ivG-085hytzIrBXxkzvIkArxRX9joZm0VzaA_9W9RMSVriacK2dsKhDBbSFtxCoHBwdplxGlAeLi8ZrsF1AmJBe5GTOyIbqbkVZuEMc5FK15MKeuaoQM1nmNOq6L4hkgf2uDtxtOdhZNXEizYR4aFUg96HZafBKfv2a3zMwwsoxV5ARiJLniZuIW4NxpvqJvg0XpcnE1Z_LzmOWq6WzY2I1XkkvPhi97XoumOd5Kh63UN18G-2Zu-P-V01_IEzCMIpyFhCTUguTRgs4dzr3AuHnYSGNcycrHQ1kRmXGvw-sgPMArI13L63H6xDwZSzicW8s5Klq5enO2UUEjmxme4mjYFkZB0EtzCsrN1ymg0qXr0u_WYdOyNiKC08s2EyIR3t42QfZw-xuRXuW_2eJiVqe4uAUlKKOhYs3KoLoK_YnrCoaNCykXCKcPs7YjSxm6mdKAjFLXTAtHN_qcuk2UjrolVw2x53CZrhaBotDIj001LiB_LVqwTytlqIf24r4YWGJMUWnlx1hs5eYT3GmGykOwsvVfkqR_uc27zKgVq_zQLF4hN4mCyopj83jjliliofngiP6mUSLrNDNZaxSW4l_rvbmz2ErexGAWB3a1Gt_l6eNYjR03eqECzCo2m_rNUkhyIzwJY07wRMCLD4cJII03-Cun4K4f2yPSUpw92FBvztKGczWAAMmN5BWaZMYT5sjEZdhhxsLRhjq_2frAEg21SLjWbZbc1BszoeLJF8oaSaUcnJNnKhoXXTro4JKwXZzrnKBY-_ULIo8FkDzZakzLlsFW_O-gf0b96joFn9y09RgGdqlDPk8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2491 0
21 B 58ms
57ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BFjFX7BWcZabLEsqL3gOT4opQAAAAADgB4AQC&bg=!TU6lTgHNAAY3kmNgF5I7ADQBe5WfOAPXE26ShqiUftk7J9QtaP-nkyM7Lr7nuJ5Zxvh1Qe3C9WaK80o8LH-RQ1fZajyFAgAAAOdSAAAAAmgBBwoAMkMpC_U7BO1avtlb0VUwlJWT4pGCdJekLKjX3ySrMvgqlcixVlcoQQ0XDJd-d7UdSecnmQMCAnWQ9dl66CHFTZgasMbABrV1oDVTo-GvE1HPg978kSULh868_8Iu4dRz7q0HXkOp61L2EwciPyiGeI9tSx4PX3-Wr9Ae_7dhNmjlF835Lcd0eu_jmKigFkguALR4NWOKU7Mm7fcgAAST3yc9rdjyQarrn5LT46ol-mylqDG_OZxXKunmCeN3v4oDNJkyZHWiT-grf-0qrojKoJvnCZ83agRjngm1YOZ8FapXe8Q5wVUZyYbQ_aLG8pg6wWkSVHRbw7gavCyMaxXWV6jvV0_gcYRjPGUa452NMOJdu-XiniH1ihuuALA796NwU4SCTDkVZ0qYUFdDELq1K-TEgN1PpmG-X4USlT7SW2cXtNV9NzzfJ7McOYidGojo7iMmqzjpfbI7RfOyQJ7AcRnVvNJFSa8X9WRpxrin89kgisYfBQqnhPSjoo2Rc6fxV_PnE1l__qHJeD-TlixQG6CASx7YX-nqvIcP4L1z27IqWuRjDSUFleMsrFRpCrLYgHtk9gyZNIgQgbfPDC-aYMl9po4pcuGRKBi9C652L8u_eY85O0aZJVYAVOzGjAyS14nqcKdJ8iw2RXSKm27wKzSfgqzxV9sugRFAOkwrDSaOKgoe6DtTXmCw_mKXg9CF8XPBa16KvhNigxCRFFtyQihxRYE3V9btPRE7jq6Hjqa-pxcQJRSWHZP1w2vJtKTUMK7RJ-adyQUOM2XaNGDInzW6hfZPpEEKPsX-Ww-0VGZxu0iIWBp9SDEOUgFL-kpgnLDoz6wI-LIWBl8NYrSKYKYpUH0_F-2_0uYipzKG1tucDfGklc3f_P7vDWN9k2_Day6BMMzU-wXBychcpIMX1G1u9y4HpySrTN-W-sURy71YVx_AS_xJkimiUcpCnXpuaxUHKW8gUA1MjJ-Y1xIwSP0WoNLMDucx7PV9VONVhtYSeMoE9xHP-5r3751SqLXZW7wzBOyCnWpCd6oXM2ELwZSROQTKP2Q4mztFii63jyQaZ-Q4fYrH98FMFliyZ23A0liIwCLFF-E

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 560C 0
21 B 57ms
57ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bqi1W7RWcZa_iJOP41PIP9LeJ2AkAAAAAOAHgBAI&bg=!nJ-ln9DNAAY3kmNgF5I7ADQBe5WfOGdegTRuZfccKaPk4xm7eWeDJF-DJIY_f6h-rxX5IN_BW7zeQKQun2A4IZlOigsXAgAAAHdSAAAAAmgBB5kDAMO2KnWBmi66ALSTnioAvjUV-npLGc2zyLr3lGdvPtnZciuALr4Pd74NQWB2-hLhGcnq6dbd0slp8iZukE9dNqs9W51GJ9JfrvugEqUFegp5PsXQbKJrOyM1APC5t44IlrTnjOsM5vthq6IyLvv-p9x_B49vxCi-LJTmNwU4Inssy3mJtWdrPS_4KLJAm-tzkaVp3lCliP2CTgcQQxoFF6mHulv8aS3UsqA65jZp0gQEz1bPBbu_QNM-94-RPSl-ZIqn9Tq8Md5KoQzk3sBlDLBYczFpTfyBEelDcRxsSB2rh6n4NeefbWEGU394ZLdGmOux7L3Roc6nNEkJQd3nuWa8-0c9zFfyBT6hOe7AqyhyDBBw5nPGNIe15HUbDOxFkpfGjsUAt0mMft2qreuZlHYZp258OSKQAiR7b1WpwxyLdFSza21ycpQP6zQdNo1b86aJGapWKVEOFVD6obTXujh_bIqCe-VovUGJAqUJ4tDU__tC0kHXaEt0C9yxMW-mTJROWrfnA-9xf0JkbNoLyasEOYbyZYVZ1uzsrN9ODrV-aDlAp37653l-rMlZfC8q1W-wniaCZKVFELU2YCv8WF8qf9ZKppuG6f_vMQHcuBA3oGvmDf9Wjk1COLMD_KeCD4xFYWTi_BRw_QrruUAQxA4wCWX63kB5v08HnfUeNMb_UlX-AM2uzrzX7UHjGuBq0vwBCp1NU5-1TKTXSVa7s1AMJaZyjZh2aIJfdiUeRJmowLAjZ8VXxMhnNNE1z9iCrjxK0aG_lynD5WLuh6YTF_i6PnRTkaqtFA62mWWuMywCe3ntflpALVzI6hnO9DIgsvWB3gtM2r0XB192k-OdaYQb-IovI461N-IcUPVi5OJboraY01irpY1tidKwNLF5HJnG4C5rv28MahwSW0y8jZHnqJavFY3jp38XeJWCG4yywrE0w_bkrU5WBOTSPMdSH_DTRDmADknWUJN8VcJLdzeihldeYDEHZyTFGec0LbE_muMox67Uvi-ISzsqBXrpGg

Requested by

Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements-2.12.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame D376 169 KB
50 KB 123ms
62ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: f6246ebe302e91d6fb04472e2b5e7aa5b75bf992fb24cbfa3a7c5b5a7bb6a037

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Origin: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
content-encoding: gzip
last-modified: Fri, 05 Jan 2024 21:15:30 GMT
server: ECS (frb/6738)
age: 3
etag: "65987172-2a507+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 51154
expires: Mon, 08 Jan 2024 15:44:06 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame D376 43 B
170 B 156ms
27ms Image
image/gif 167.235.39.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=c3c23eef34842e87d261cd5e11e7813b&__adt=8240603726154123328&__ade=1&vid=5110292572492114572
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.39.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.39.235.167.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame D376 56 KB
15 KB 21ms
21ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:32:04 GMT
server: ECS (frb/668C)
age: 418
etag: "6283ce04-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Mon, 08 Jan 2024 15:44:06 GMT

GET
H3

200

B29255022.357498595;dc_pre=CNrDju2OzoMDFUr0EQgdTF8FyQ;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704728046237
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame D376
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17047280...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_pre=CNrDju2OzoMDFUr0EQgdTF8FyQ;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_chil...

43 B
64 B

40ms
40ms

Image
image/gif

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_pre=CNrDju2OzoMDFUr0EQgdTF8FyQ;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704728046237

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_pre=CNrDju2OzoMDFUr0EQgdTF8FyQ;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704728046237
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D376 49 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame D376 470 KB
470 KB 93ms
42ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Origin: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 62587
x-amz-request-id: GABN8C1JH07G3AA9
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: KnF53sBDajW8BP6YJlSclskv8vfohBnpV+eDsdSiCbiuUffFL5lQZsbAsZkzHz+w+ZV1tCn0KqM=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (frb/6727)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 09 Jan 2024 15:34:06 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame D376 33 KB
33 KB 51ms
22ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Origin: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (frb/6772)
age: 119
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Mon, 08 Jan 2024 15:44:06 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame D376 13 KB
13 KB 52ms
23ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
Origin: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 78149
x-amz-request-id: 94X46PWZS8XZ0KPP
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: VphONd6jFYHlXw+yoEHlE4EjhNEbI+Zx2jrTcOPdC9qgexusbrnTIiclhpvmdjRJpTobcNu6AEw=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (frb/6795)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 09 Jan 2024 15:34:06 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame D376 286 B
564 B 21ms
21ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 64921
x-amz-request-id: S4REKEXJ8ENFCD8H
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: GIcyGCYtAMvuzI+ScgYRfUUulh1W9PD4529ddceIYM6KU9sIk/+Ru18VIWCoYbNmx2X7v0fbPj0=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (frb/674C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 09 Jan 2024 15:34:06 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame D376 43 B
169 B 27ms
27ms Image
image/gif 167.235.39.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=c3c23eef34842e87d261cd5e11e7813b&__adt=8240603726154123328&__ade=1&vid=5110292572492114572&__clstampdif=188&__stamp=1704728046477
Requested by: Host: ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
URL: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.39.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.39.235.167.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 120432238_uc
cdn.revjet.com/s3/csp/1702543557318/ Frame D376 22 KB
22 KB 21ms
21ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1702543557318/120432238_uc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: 50d8ff5096f0bf09f43658cc64e4f208495d36ea105e2fe75e94969f7cada11f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
x-amz-version-id: 6vLtXOr0mjes2dfvTanuxBW.E4rN3rOY
age: 59604
x-amz-request-id: FQ2H1MXN6H3V3HNS
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 22024
x-amz-id-2: vP+n5Q0Nu4pnpMbLPk2t0sLAI3VEL4q8U7eMv5h2D8SD7k1vvtbFBDItJwfyasWZ3hJdS4wd6Lo=
last-modified: Thu, 14 Dec 2023 08:45:59 GMT
server: ECS (frb/6762)
etag: "ad34f2d672b79dfdb72835928700350d"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 09 Jan 2024 15:34:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=470536533999614&bg=!rq2lreLNAAY3kmNgF5I7ADQBe5WfOFGeL1poDanHqV4L5F0pzw9X2YRw7lwvxPwpoF1FE0TOi7Gjqrt8UB5tFdnNpJJZAgAAAP5SAAAAAmgBBwoAq2ai64vFcshOvachc9aPBapteOBD0Zgv91Hucx8KL7FJW783KPpjJnP1sbjgxdngTBvTX-tjvLKdtqoCJEGjpq7YjQUYUmP4TohP8yOU9Mf9SI_RRLX6ssjpaPQGAvHFSstQU6PW9yqMLnfpHSqcMrwEmox7Q8uHG6QY8qPpeYjMBjWok2M95eN7UiVnzl1HA2bOape1zyJzAYUX0vqquzk2O-z1qjbkeTeXe5kCxYHhlgoRh-KMpg4i08YTQD-iIOCG4UlPQ5LQGqzl4W1_nxjFG4rNF2qnl9BmXJo9Rs4lWujWwyLdqHxdHSv9TL8d1Fhau7vlygIWjDgNourIsKBN-xs7_YVZQiFRmunyoL5cZ5vx926Ejh_XJ1DzDrZGPv2BwG2iFGR2wx8cSHBrAHzUNmocyF7oNKXj41cGpOhLsoJtYubzKidMEoszHBMPFRDKGcy75Nkjl_oH20EolxinEJ2MDTOSW788kdnYDC6fcvGvPZzqw2j0AZb9YN_KrfDC87wc7DXsX9dRGOEQb8S2w5eGBjX6YGw3VXZhmdTFacXx01VRfVRAtah60n5zWYnLxcuovA06WgfwzPfFwgxImbNfJOaqNEHUsmvqwOkZIDOOIKYQBWLkXrNBZ_6aGuCi1QCyPtBoyiv4Qm7Qo-mWRAbXzYx8598NcVRuhAvzIcjOLCBFdTtXregkCQrA_dAsGiv9bB6icWkZSOWnE0-LhakBJGGgp-TDmkypTvWe4MSRvGrVioXlxyyx6PA8t3fnuZ6PgSPnVKJth_vRx2jH06dVKaH34tHVFUkAEWTHoNDuY3Zq1p7eZKDgYa_Ce1Eb4GxouF8wAKo8RngvTFWRLF-ataZDdjVFWwyszRBrdEgdGzGGGqPx6lA08wL8zActjs9_JNHcF6b-tx_y0h4XbOtSjDMUxD3SmwXb-7Blh_V0wjVeoEAXSwxA-988mj5ejXTHskqr4S_4t9ef8cfH9qEPtibardCE4MWE_I-QQGlLw_bCWS327RXattFOCeijw1CCR8fmLpr6S95YuBoYK3w06bggRBcEzyUfHYTk4_eKhxr4wn3ng1O1BPdOz5c7jc4uHKqsDHMNMDU3Ktf3lvBXt1GITK6OAVHULNzA4Xb2BfOdI99SoZmBemABteAL8nPijOm8w99eBy0JT75O1-s
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame D376 632 B
652 B 24ms
24ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 64922
x-amz-request-id: T5SHNYX0G0B94BXG
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: KoSA5rsa7oI8oT+vfFSAXyax+ZXkuQY+A2Nj3HR3QXVxAF6bnoX+GoyAKEcLzJ2ruIJYIvjTu8M=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/674B)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 09 Jan 2024 15:34:06 GMT

GET
H2 200 Logo-Wordmark-noShadow.svg
cdn.revjet.com/s3/csp/1679927261226/ Frame D376 7 KB
4 KB 21ms
21ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1679927261226/Logo-Wordmark-noShadow.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: 27c91b042b50c145ccbe32c722d890e2e13b662302c269e1c990591348d98875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
content-encoding: gzip
x-amz-version-id: _LI8vXFq5W37Tvc9LZcnQweHjqGcRfe8
age: 62585
x-amz-request-id: EDQB6VMMZ4A6Y4XK
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3634
x-amz-id-2: OYWw2kULsZ2DzW8WnZ1B5ZyxHDp/f14ymB7hQV33UqvnThOjzLZ5U+FS4QG/EDWHW8RD6WMi0KI=
last-modified: Mon, 27 Mar 2023 14:27:43 GMT
server: ECS (frb/6738)
etag: "66704ffec01c0a05020997e7776a8b76+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 09 Jan 2024 15:34:06 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame D376 7 KB
4 KB 22ms
22ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:34:06 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 62587
x-amz-request-id: GABNY3KDDX187Y8J
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: U0r74q5sWLmmhmRpfxOLX4Kk0VkPkA/+xHFhO6kHA+bg79gt0PclDbvozTEUbDu4VhY1xpQP3kw=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (frb/67A8)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 09 Jan 2024 15:34:06 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E5D9 42 B
174 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYe2ds2RsqLWq2jOTFeBYzIqy5FqcUiMfRR0lzNjb4_QVNbHEBDq8JC6QmAiEw0jNyKJE40EU5TR1UxkvwwGlXukhi6CYyvfMm-ldXM8O2pfxXiVXLHjIDNE8NCNlWLHiD4SPQnvQxORqybH8Sb24kWSMS&sai=AMfl-YSwEWOZ2zCeTjMMX6a4ysKiPsoSfA0TlpxfHgip_NUls8WuiFDKrdE42TAZ8lIeS5LXs76Yh6iUvCoWctIxZcbUupfIIxfaykmlXtqmUFV5lI9dvhBjGoTMPFWw&sig=Cg0ArKJSzHm4irLi4YMGEAE&cid=CAQSPAAvHhf_TPd7Rwz9kzGolpf4R7-Wv2xX0Lwp7umdSRrfg87er1qR3i_QF32gNcm_bIls5RSrF-I2suIMYxgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=798987849&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704728045229&rpt=388&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B76 42 B
64 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteByDcrLjDR2kESmuKcp7UynMTisKPCmvZ4MpE7-O-JjGeTeUX78muUBBXKdXGalzUfo8AUFR5NEbHk-f_Bm29YlYQ3twAx3oPjT71NEGdNCARt6d_m6FOkpoPz-zzbIfgthFEKK4AC0UG_lv-w7_BhbNR&sai=AMfl-YQyQwoPpGGpAikiphYNuSA3u0k5QSLWB2LsoVhnBL9zwAcXxPZPtvuPuVr1U0m66JrFXvChrV_29lY1PPaGh0hTG-iWu_jbVOF2iqMpLAaPY_4gRsmyt8pH6ht9&sig=Cg0ArKJSzEUFU3SD95BZEAE&cid=CAQSPAAvHhf_TPd7Rwz9kzGolpf4R7-Wv2xX0Lwp7umdSRrfg87er1qR3i_QF32gNcm_bIls5RSrF-I2suIMYxgB&id=lidar2&mcvt=1000&p=118,315,368,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=753037025&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704728045253&rpt=434&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc88b2ff3aef45f7924109fdfc955699.jpg
img01.ztat.net/article/spp-media-p1/2f3246f97856483094b64ae1dd6133a9/ Frame D376 5 KB
6 KB 113ms
31ms Image
image/webp 2600:9000:26db:ac00:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/2f3246f97856483094b64ae1dd6133a9/cc88b2ff3aef45f7924109fdfc955699.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2cd48eca6bf2a731ef791eec093b18751bbc67a114520d2ab8c3a7bcb8958d16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 18:39:50 GMT
via: 1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
age: 507257
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5268
x-amz-expiration: expiry-date="Thu, 08 Feb 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Mon, 30 Oct 2023 02:26:46 GMT
server: AmazonS3
etag: "21f26214af6079dde1d961ed22e97b9c"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 4VoBWEjJ_0LsmlDiUGHpmBNM_Jg-PlAXVY4Flhe5SGxcsm_HHjNDOg==

GET
H2 200 0ad2a536a8fa406cb5d1678fe7c909ee.jpg
img01.ztat.net/article/spp-media-p1/f844894f440444948781b32857d7186f/ Frame D376 4 KB
4 KB 109ms
27ms Image
image/webp 2600:9000:26db:ac00:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/f844894f440444948781b32857d7186f/0ad2a536a8fa406cb5d1678fe7c909ee.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67517f7ad7321f0ce005403c798b4a5b116078bc118c4f6249678199da08e27a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 23:00:08 GMT
via: 1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
age: 664439
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3666
x-amz-expiration: expiry-date="Sat, 16 Mar 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Wed, 06 Dec 2023 11:47:17 GMT
server: AmazonS3
etag: "b11077b0897cc88ba98c61a3fe3c8647"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 21rqnOAHudBGI5kDj-qT5WOCjXb0TRMW1q0RQ_5I_4jqUHDraiNDsg==

GET
H2 200 166e091958ed40a8a9e8156825490754.jpg
img01.ztat.net/article/spp-media-p1/4b27f59eba1041c5adf09dd4755307d7/ Frame D376 33 KB
34 KB 129ms
47ms Image
image/webp 2600:9000:26db:ac00:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/4b27f59eba1041c5adf09dd4755307d7/166e091958ed40a8a9e8156825490754.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c2faa2032de93bbda2372bcf4b82590b65f3414363c83e2a6305aff96ca807e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 10:15:22 GMT
via: 1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
age: 796725
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 33844
x-amz-expiration: expiry-date="Mon, 29 Jan 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Fri, 20 Oct 2023 19:50:37 GMT
server: AmazonS3
etag: "1f8e745f28e6a49d396f88970f015e33"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: A586RLeRwe8EAZGSjwtqeZAZOX6Q7JhDCie2SjSdbKkY1fmWf5N97Q==

GET
H2 200 4d3103b1809f46ceb6588a8bac624a0f.jpg
img01.ztat.net/article/spp-media-p1/602781f66707457ab1fa70c3b8759fcf/ Frame D376 9 KB
9 KB 114ms
32ms Image
image/webp 2600:9000:26db:ac00:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/602781f66707457ab1fa70c3b8759fcf/4d3103b1809f46ceb6588a8bac624a0f.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02264627af70a960a4f4d8805beb9982b818f936dfd45fc9c28c3f0f5e2e6486

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 23:00:16 GMT
via: 1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
age: 664431
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8710
x-amz-expiration: expiry-date="Sat, 17 Feb 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Wed, 08 Nov 2023 08:10:26 GMT
server: AmazonS3
etag: "8991506a98d40cabebd82acbfebc9e12"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Pp7Ol7-Ph1WNZxnDkGtjO8lfieXzIaWkWnCaqYRi6I9TktyELAenlw==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6D01 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthOlAL0G9LiOwLptGQbNPmbPV76QxyWGpnqYApLwUj2-4dPvkmRdWjKTDjscYDk4oJvVWnt5QJJ8d-TdnWKb5wcM-moolJTIzw86fm_r9FNRcYyOU3HjvmldM3QoHZ68Pb65EmuT7s2rVN9UcfomVcaocG&sai=AMfl-YSbpg-IEkQKA9mD_S14N0-ms3tuLgzV7Qx4fP4fzN8F7-i73BEpjb87ui2Cstc-4ODiUzdQL_mC8L9g63pHhv_qtdZV9VDEpXGIjvEOqyLomket74KlPVV9ixef&sig=Cg0ArKJSzNQqa2t5KAhnEAE&cid=CAQSPAAvHhf_TPd7Rwz9kzGolpf4R7-Wv2xX0Lwp7umdSRrfg87er1qR3i_QF32gNcm_bIls5RSrF-I2suIMYxgB&id=lidar2&mcvt=1000&p=1072,1095,1322,1395&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=0.51&if=1&app=0&itpl=20&adk=3274805825&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704728045257&rpt=548&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.832/ 476 KB
141 KB 94ms
30ms Script
application/javascript 108.138.36.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.832/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/6847.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-100.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59eb4a6ccf7bd121968b601c22604aecb5cfb1d2027327467635a7a835ff741f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:10:30 GMT
content-encoding: gzip
via: 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
last-modified: Sun, 15 Oct 2023 15:13:28 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 3353018
etag: W/"cfd8cafee7bdad3e6a64412724ab79a0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: p9-DffRxszrUwDZThqNAGmS-80FpveVlUCYLhZrQCfn54gDTymLa1A==

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 52 B
605 B 565ms
144ms XHR
text/plain 35.208.216.174
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.omelete.com.br&l1=6847&l2=omelete.com.br&l3=DE&l4=desktop&l5=5.832&cb=0.3753743401462428
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omelete.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 15:34:07 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.omelete.com.br
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D01 0
21 B 55ms
55ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8355525773014&version=m202309260101&ct=77&x=1&cor=5298470497536883000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 29ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WQ33SP58YS&gtm=45je4130v877053132&_p=1704728042585&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1230367790.1704728043&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1704728042&sct=1&seg=0&dl=https%3A%2F%2Fwww.omelete.com.br%2F&dt=Home%20%7C%20Omelete&_s=3&tfd=8804
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WQ33SP58YS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.omelete.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:34:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.omelete.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGQVJL7i0Q9MconX4S-QKpU&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.omelete.com.br/	1970-01-20 19:41:44	Name: _gcl_au Value: 1.1.1930156319.1704728043
.tiktok.com/	1970-01-21 02:53:44	Name: _ttp Value: 2ag6ndI6ehD6K4bTKx4egSmMngC
.omelete.com.br/	1970-01-20 19:41:44	Name: _fbp Value: fb.2.1704728043013.1828020652
.twitter.com/	1970-01-21 03:08:08	Name: guest_id_marketing Value: v1%3A170472804296540447
.twitter.com/	1970-01-21 03:08:08	Name: guest_id_ads Value: v1%3A170472804296540447
.twitter.com/	1970-01-21 03:08:08	Name: personalization_id Value: "v1_DHt3sMxRYD5dNqd4mejwAg=="
.twitter.com/	1970-01-21 03:08:08	Name: guest_id Value: v1%3A170472804296540447
.t.co/	1970-01-21 03:08:08	Name: muc_ads Value: 51e267d8-eb34-41eb-8e47-d5620cbece20
.omelete.com.br/	1970-01-21 02:53:44	Name: _tt_enable_cookie Value: 1
.omelete.com.br/	1970-01-21 02:53:44	Name: _ttp Value: c2b57ouiKCCl6nkb1HgvAHUZQPy
.omelete.com.br/	1969-12-31 23:59:59	Name: ___nrbic Value: %7B%22previousVisit%22%3A1704728043%2C%22currentVisitStarted%22%3A1704728043%2C%22sessionId%22%3A%221a66e7d2-c719-49e0-986e-5dbeb2acefda%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.omelete.com.br/%22%2C%22referrer%22%3A%22%22%7D
.omelete.com.br/	1970-01-20 21:54:09	Name: ___nrbi Value: %7B%22firstVisit%22%3A1704728043%2C%22userId%22%3A%22e364668f-9b6b-43cd-ac62-78636e03c1ec%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1704728043%2C%22timesVisited%22%3A1%7D
.omelete.com.br/	1970-01-20 21:54:09	Name: compass_uid Value: e364668f-9b6b-43cd-ac62-78636e03c1ec
.navdmp.com/	1970-01-21 02:18:04	Name: ac3 Value: 1
events.newsroom.bi/	1970-01-20 21:51:20	Name: 2812_u Value: e364668f-9b6b-43cd-ac62-78636e03c1ec
events.newsroom.bi/	1969-12-31 23:59:59	Name: 2812_s Value: 1a66e7d2-c719-49e0-986e-5dbeb2acefda
events.newsroom.bi/	1970-01-20 18:15:20	Name: 2812_lv Value: null
events.newsroom.bi/	1970-01-20 18:15:20	Name: 2812_ut Value: 0
.adnxs.com/	1970-01-20 19:41:44	Name: icu Value: ChgI74h_EAoYASABKAEw7KvwrAY4AUABSAEQ7KvwrAYYAA..
.adnxs.com/	1970-01-20 19:41:44	Name: uuid2 Value: 4348065607668179122
.rubiconproject.com/	1970-01-21 02:17:44	Name: khaos Value: LR53293W-B-B1UA
.rubiconproject.com/	1970-01-21 02:17:44	Name: audit Value: 1\|naVuGyos1qoiR42wOMy7DObASkO6QPb7E03ikE5KqM3VMmsjGYmt+orZ4tX+TXLVHzla4D0YDt9OnI/8iLGYsOlPVT2H105sOiRrUEeqbF8hkTnGhAX54b7FQD2yB//h3OlDu/ORdD8=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: rqtgplZlha4
.youtube.com/	1970-01-20 21:51:20	Name: VISITOR_INFO1_LIVE Value: xTXppJPaugQ
.navdmp.com/	1970-01-21 03:08:08	Name: nid Value: 13f07d2474ec78d14fcd1c1af110\|1\|38
.omelete.com.br/	1970-01-21 02:17:44	Name: nvg88270 Value: 13f07d2474c449eba65967029810\|0_9
.yahoo.com/	1970-01-21 02:18:05	Name: A3 Value: d=AQABBOwVnGUCEOoyUzNLC1BOjjauMjUuWigFEgEBAQFnnWWlZeAXyiMA_eMAAA&S=AQAAAgRQMjAgg_JaBAFM56DCyY4
.mathtag.com/	1970-01-21 02:58:03	Name: uuid Value: 78c5659c-15ec-4e00-8873-45b61e04cdb9
www.omelete.com.br/	1970-01-20 19:41:44	Name: dinTrafficSource Value: eyJ1cmwiOiJodHRwczovL3d3dy5vbWVsZXRlLmNvbS5ici8iLCJyZWZlcmVyIjoiIn0=
.omelete.com.br/	1970-01-21 03:08:08	Name: _ga Value: GA1.3.1230367790.1704728043
.omelete.com.br/	1970-01-20 17:33:34	Name: _gid Value: GA1.3.967392222.1704728045
.omelete.com.br/	1970-01-20 17:32:08	Name: _gat Value: 1
.doubleclick.net/	1970-01-21 02:53:44	Name: IDE Value: AHWqTUk3k6rjPtxMFcQUeMcxSVWp9WlGdLrL1S3h7DWsL0Abax-hUw0cqfottgi6ABk
.omelete.com.br/	1970-01-21 02:53:44	Name: __gads Value: ID=eaa2baba3bd25af8:T=1704728044:RT=1704728044:S=ALNI_MZQ8MZIqZ_nNNvB5fcnbZkFwygDaQ
.omelete.com.br/	1970-01-21 02:53:44	Name: __gpi Value: UID=00000d3d697f09bf:T=1704728044:RT=1704728044:S=ALNI_MbYXuZ-6JX0WbbXeo6gDR5zy3y7pA
.omelete.com.br/	1970-01-21 03:08:08	Name: _ga_WQ33SP58YS Value: GS1.1.1704728042.1.0.1704728045.57.0.0
.3lift.com/	1970-01-20 19:41:44	Name: tluid Value: 360452196779007020431
.travelaudience.com/	1970-01-21 03:03:48	Name: _tracker Value: %7B%22UUID%22%3A%2276CA03BA-04B3-4B53-249A-15AA1C675797%22%7D
.simpli.fi/	1970-01-21 02:19:10	Name: suid Value: EDCF97B43B0D4F4287C16D621E11A14C
.w55c.net/	1970-01-21 03:03:48	Name: wfivefivec Value: 5OXHuz0E1RmRDD5
pixel.rubiconproject.com/	1970-01-20 19:41:44	Name: receive-cookie-deprecation Value: 1
.de17a.com/	1970-01-21 02:10:32	Name: guid Value: 1.1233407738056857117
.w55c.net/	1970-01-20 18:15:20	Name: matchgoogle Value: 5
.adnxs.com/	1970-01-20 19:41:44	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?hvPg<#!]tbPl1M>e)ZlrFUfJ+tGXxpC^)KH-[M+D.9)<J[^F0.YIL$?sb#r*R.7i^k3If)y3KL9D3I?+v^<>YM
.casalemedia.com/	1970-01-20 19:41:44	Name: CMPS Value: 5142
.ctnsnet.com/	1970-01-21 02:17:44	Name: cid_d556db47d99a403fa72ed1c8559b726c Value: 1
.ctnsnet.com/	1970-01-21 02:17:44	Name: gid_CAESECwrOyPGmbyhDXRhOg3IQM8 Value: 1
.adnxs.com/	1970-01-21 03:08:08	Name: XANDR_PANID Value: 9z-7uwusIUKA1GSe5pCpTMtTY3ugRHyOmJkwNUe_5v1mcDvMtF5xSyXQCK63WdLoATTzZXCuW-GPjkwuUgzJGQzfSCzNOhrQsSs5fA7MjuY.
.doubleclick.net/	1970-01-20 21:51:20	Name: APC Value: AfxxVi7Vjy1TZTqSxIO43TPUiidCc_IywLwxVTLWPVogIUhK-y2mEg
.everesttech.net/	1970-01-21 02:17:44	Name: everest_g_v2 Value: g_surferid~ZZwV7QAM5GY3UgAM
.lijit.com/	1970-01-21 02:17:44	Name: ljt_reader Value: H9SmAGZHqMHyPs4gS72m2wUt
.casalemedia.com/	1970-01-21 02:17:44	Name: CMID Value: ZZwV7SLwBtvPfBlGz4u9NgAA
.casalemedia.com/	1970-01-20 19:41:44	Name: CMPRO Value: 5213
.adform.net/	1970-01-20 18:16:46	Name: C Value: 1
.csync.loopme.me/	1970-01-20 19:43:10	Name: viewer_token Value: 51f5af31-cda3-41b3-9f75-688af5821c0b
.turn.com/	1970-01-20 21:51:20	Name: uid Value: 7015590944558394988
.adform.net/	1970-01-20 18:58:32	Name: uid Value: 5299655909960542587
.doubleclick.net/	1970-01-20 18:15:20	Name: ar_debug Value: 1
.quantserve.com/	1970-01-20 19:41:44	Name: d Value: EF8BCQHtKoEA
.quantserve.com/	1970-01-21 03:02:22	Name: mc Value: 659c15ed-eddcd-ffd0c-3c8af
www.omelete.com.br/	1970-01-21 02:58:03	Name: _pk_id.4.b386 Value: 6553bdf5c9646b31.1704728046.1.1704728046.1704728046.
www.omelete.com.br/	1970-01-20 17:32:09	Name: _pk_ses.4.b386 Value: 1
.1rx.io/	1970-01-21 02:17:44	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-22e96ade-5b9a-488c-8a0e-14a0ab3dc6d7-003%22%7D
.revjet.com/	1970-01-21 03:08:08	Name: trx Value: 5110292572492114572
.revjet.com/	1970-01-20 17:33:34	Name: ads Value: c3c23eef34842e87d261cd5e11e7813b
.targeting.unrulymedia.com/	1970-01-21 02:17:44	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-22e96ade-5b9a-488c-8a0e-14a0ab3dc6d7-003%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGQVJL7i0Q9MconX4S-QKpU&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ad9d48a27a7a9d531690759b626d0eb3.safeframe.googlesyndication.com
ads.revjet.com
ads.travelaudience.com
analytics.ome.lt
analytics.tiktok.com
analytics.twitter.com
ap.lijit.com
at.teads.tv
c.amazon-adsystem.com
c1.adform.net
cdn.navdmp.com
cdn.ome.lt
cdn.revjet.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
cnt.trvdp.com
config.aps.amazon-adsystem.com
connect.facebook.net
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
events.newsroom.bi
experiences.mrf.io
fastlane.rubiconproject.com
gcm.ctnsnet.com
go.trvdp.com
googleads.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
img01.ztat.net
marfeelexperimentsexperienceengine.mrf.io
onetag-sys.com
pagead2.googlesyndication.com
pix.revjet.com
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prg.smartadserver.com
r.turn.com
region1.analytics.google.com
rt.ad-score.com
rtb.openx.net
s.ad.smaato.net
s.trvdp.com
s0.2mdn.net
sdk.mrf.io
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.ads-twitter.com
stats.g.doubleclick.net
stg.truvidplayer.com
sync-tm.everesttech.net
sync.1rx.io
sync.navdmp.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync2.navdmp.com
t.co
tag.navdmp.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.navdmp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.omelete.com.br
www.youtube.com
x.bidswitch.net
sync.search.spotxchange.com
104.244.42.131
104.244.42.5
108.138.36.100
108.138.36.122
108.138.37.209
142.250.181.230
142.250.185.226
142.250.74.194
146.75.120.157
151.101.2.49
162.19.96.35
162.55.83.73
167.235.39.43
172.64.151.101
178.250.1.9
179.191.182.65
18.173.154.21
18.173.154.83
18.173.159.32
185.86.139.96
192.229.233.6
198.47.127.19
2.23.209.44
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.181
23.32.185.35
2600:9000:237d:2800:1b:5138:8a40:93a1
2600:9000:26db:ac00:15:157b:ff80:93a1
2602:803:c003:200::21
2606:4700:3033::6815:325a
2606:4700:3033::ac43:9fa2
2606:4700::6810:cf3
2606:4700::6811:190e
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:808::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9c
2a02:fa8:8806:12::1400
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3605:c0d2:1e6b:33e4:3d3e
3.122.48.206
3.75.62.37
34.254.59.108
35.186.193.173
35.186.253.211
35.190.0.66
35.204.74.118
35.208.216.174
35.214.181.122
35.244.159.8
37.157.4.29
37.252.171.149
46.228.174.117
51.75.86.98
52.28.181.94
69.173.144.165
76.223.111.18
81.17.55.108
95.101.148.198
95.101.149.35
99.84.88.91
02264627af70a960a4f4d8805beb9982b818f936dfd45fc9c28c3f0f5e2e6486
0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7
053fc6fcd14cf8117c1262ce3601b7922eab00187ee6a3ad05cf77ced1e144bc
059e2c7b3433933e04e1d05e2c72aadf3dfc27fa0d5283610f6bcb7d01990b54
064fa7ef2d21fc63c5ac4f8875dca4e5ac9f7c13c389c84b0b02883937a036e7
06af1c94bbac0654d905abaa5b2e4500a2829ec6f402261232ac1a2bdff613b1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09f9bcb4a752066ef29e95bc6656cb04e69b2fd64dd44a13bdb8da4eba419d5d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c161dae3ec1c4a337b2531ea815565f6a2dc7bc787aaa074490ac483274371c
0eb62db9d48737c03c767826fc60114198c1712837f00f00e5c3f4064a6b4b0f
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f550e673cf74a675d4de866f40a6e8f178d744f487e13e05adf6027f0f8574d
1302f4fc3c33cec84590b4479711a6b1fdd2ac1ebd32635d4cd4cfbbd83308a7
1488093f4f9826c032c96c9d7c6bef5cff310c3fd277b93ecbced2ae353c6d97
15892155df56a8c7a901d5f04f7c0d8735c12100b057cf0bda202f1aebf2c75f
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
185ee6c604469276f38fddfd5ec30d536bc7d1ec539289d947184abc8e6226b9
1926b35d9de9c65d719471d235e19a30885336681ede98311c3dd908d06f8e4a
1a083268799415e307762cf70a7422166b40b50615c3c0083f5002e758286c7e
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1e8e1b0a50cc234f74113697100ff7859b1f67a98cef4938f5605de9fc3f7e02
20bbd8ab88d7992c27fc1ab8a9783751cd46845528c5598eea90e9c0edb5a620
23ac22fac67ced5028985031c76904ca5503aa60f29142c13e249021efbbbe30
248929cda9a1cb269996491cead4c9577ae9206c37754f36b61dd6e4bd403f0e
27c91b042b50c145ccbe32c722d890e2e13b662302c269e1c990591348d98875
29de72896b6c83b67a67bbbdd8b125541784c50c892aea043f3e7409c7899dbc
2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154
2b1c4182e0759f31cf7d9de0e66aaeb7e72f6c9c2750feae20f2d25a4425b969
2bda70acd8cade0b42ffd2d57af39ca2594da5567d62e52807b2c483bffa00dd
2cd48eca6bf2a731ef791eec093b18751bbc67a114520d2ab8c3a7bcb8958d16
2cea1b199a167029923331090b45413cfa8e5f1f15cc076f73c011e0cd1b862b
2ea91a1c266e5d8673a6636bc48927e5e222ac94e38f009a1fcfa08d3631118b
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
2fb990d6b27623254e5ee6687f143687a09c64f0e91cb4c83ff6f61d269fe5ba
30ad59ac1b6c17a171fe8a5b8625c43a42b8178babffeb1a8da6dfc67397d67a
3161e133ea15831f8acfcfae7ac19f170217fcd8c82b1d6c03f8441c94e54844
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
338fa690162b4c45bb63092b1d12ecf55ed1a3fdd73f07080807ebf971621a74
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
3710e0f393e929ce3ef44553314e534b8804c68874b944bf41bad58b1bc6bc44
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a08e691d72c2751f4c9e3d314eb4096da345ef25c48edb8549cd7279c24f8f4
3a6d2651f1e1fe0727fd3290c2598155a05d2b30ab867e41779454065ce01409
3aa348aad728126cdb847ce20f8a92f673ea9a7c24fe7ac6fd2209e22884d6f3
3aa6010e012aa80ebe28057d2ec103ffc3d5d9d8b691e6e0d0ddcc0c1be7924c
3c55a711052b37e863c95b282351e168a8a252b23362e19876eef56d0f383ee2
3d7673c7e6c043d96171b248b7b8dcf00d10df8e889547cf7efb004fafcc55a0
3e1bd882478ea2d53cea87b43488a5bbf1bf8302f8a3de5a2baaccf9df96a9d7
3e77cb34731d746d00dfc8b46d6e5ae90c32c5a885e3ee6faa4a3cbc80d51a21
3ebd3757400943fcbea840e4958aba933c76c7cb5238f640daab079a51cfa9fa
3f921ad528f18411472daf5a169f99678086aec6ac4a71f00730575a092621f5
41f13515e41e8a10e83fc334969c71f91a7a14d4f023945a7eccbd2b7233ef1d
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
43043d7ecc1e616079e221e89e8dbfe56ccae1809b73f79196f74209e998ef2b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4434d143e1c4a63a74bac0d9f7ee77e806e566e5fcd1f200489110fb5a655856
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47ad00b9bc01773119411f1fa0598d0ecaec56e2e36eae06682114a0e57e88a7
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48db22016c12abee76f578c9484b948b694944e3fdc04321cb5ba015960ca525
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4bf39d2a6064a154242a4193ae25028432995c31b4de27bf7dcdf39994f8083d
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ebd231f17af82c57674d70d33810bc2410a4ce838e8c89658a682e18f6e891f
4ecad1c325e26aab7e65be617979fa196ee5840e73c0a2f76829557934602954
50d8ff5096f0bf09f43658cc64e4f208495d36ea105e2fe75e94969f7cada11f
52340560fda7c7ca6b4681939b010f3e4a0f8581550b6d35dd3219d3ac21d87f
540f4b77319f1f71a0ef6085d2d0043409270804751e422ff8ec8205e03f0816
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5903b8484232f9a1d05fe5b708b46d8069bdd6014bfd912204deaa6911a2a895
596ab355e9193db50235aed1a1f61c0aa5c121c2271f42b7651ca60c32e30696
59eb4a6ccf7bd121968b601c22604aecb5cfb1d2027327467635a7a835ff741f
5f953ee7a4665e1fccc4ecf3b06b1e0d8e9ea7abe48f8f5d829ab7a0c1ecbda8
60159e9de8ca359fa7bfe53d8f4b2bbba92ad4432a6569a5f74ea33d55be3f15
60a9dbc3429ac7e9e650722dce14ec0f5d2d55c0ec85dc24c16e8e14536352cf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631b5d2af27fddf577d1710a753620c74dcf6657f4e4e05c7864031e68fe364a
63a13c202f32effece28d1a8c0b45a7906d5b68f06d60514e4f3b4eb4d34f803
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
645a36835eb7cdff5dde0aa1dd179ee3caf617e80f2a7fc730f0d95156ae00b8
64e60f20091c10538e3ef79477aacc245314b970b9ec89718ddb719415193c1a
654329aa8ed14513f33426fe24667fcd5e18db89bb84610a370d044d8b8b99d5
6724e7d7b20e7a863c763e8d0070c8e9405b567f62a219216c9f6b448a4ccbe0
67517f7ad7321f0ce005403c798b4a5b116078bc118c4f6249678199da08e27a
68d0656d441b3f89bca9b47d53f7d5ff82324290779a2aeae4d6f759577b874c
6c2faa2032de93bbda2372bcf4b82590b65f3414363c83e2a6305aff96ca807e
6c4832dcee6c83b45d0c64c7b626628d24d4208c3084b49ed360c2042c40048f
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
6da22bbe41a7b29a24dcab5489b3962db3c6c8e3c75d89747016969629455ba1
6e849c218934a5ba5248ccfc8596c3162689085fe880ff56c0ab60912a2ff55a
6f4ca1f3f794f9bf9f06314dbecebf7098b1f408439289b3555e9c220f22bcc8
7057c8d51f6e06a6c8be66aa0a89efb91068c81ee021d9a612e0975dc80a228e
71877f1c47748751ee8c86727556741baebe894741c032ab6e5bd53b4faf4f69
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
729b7483ca0d4ebed4308518d25a858d469fae295335f125a9290b3a557a56fb
738646c16773aef15b679917edb6279d6e63969ba3bc299e06bb4c0de325520d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77220b52fd01a7dc6a0fc96e5adc57dae2228f2393a21278c73ff19c18b87b17
7b130c7e1e04949b96ad165432d01acab359b2d94917c73a7f00cd0e328d8552
7be6d35b0272e4a334e6b959b504ebd22038340f533106df1cc85ce57d4e1ecb
7d684d847a1a127a8410f5f19ba0c4dc95dd718bbc0c0596aa8d751231152508
7e9109051a8c42b9cd4d6217ebe0f904412ed10ff5c1c6b61f720a9936e7d8f8
7f1de51daf9b60c731dc5ad11cf33c9a490099e93a78572d05aa9485d579c45f
7f1f08163321a04295841c84ba02437a9ece98690ad1ea82e2c515e9228955ec
824f20d5e00c556dec0ba67660015f1e9a5077a3103161343e560945e980fbbd
82e2dfd508e384344b282a23ac94f79582c4c617426a8736e7824a8a08e6ea8f
83d65354a1a0ebd5c9bc357f5ff2ff28959c9982bed2aab8c6d2decd1b36a359
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
8527f1710f77619ef0427292672a746994c3d64943dbdc9102d019536490653c
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
86f9eb14e12e21b0fac19fe81082ec077e2a8b5a8373ccf5ef416869c652c430
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8a986ea00773d0694d74b1e10e2fde329c2aeb4a29f6386d9d5002017fd01e6a
8b4ab73197a9fe21bac962393e16f1e2339cdc0f11dacd7f3db71ccb33950ab3
8c2e77febce01a1d98119cfb559ac60bdae1dd3597a3b5eec35173c79659d0c0
8c874ef1b3a660dd636d827dcbc514c53d5783a1b176668acbab93b90f1f403d
8ecc9847cf91108f6fb4e5b87cd308c0f8613fd56ab4b27379d12e820bbd4a72
8f26944bb0a49105870ed138904641479bf78b09126c60f19be224f02c07eb89
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f96d5fcca3c9b5a3c11d3ec60bfdf0e152e4825b566537e083839a492709506
92923e7ea94444b385afba025c7848d21f243be8358d35dc293275553863d97a
94cc35cd0cc08ed62ed5e48dc1b05055b3611e1df42d79203a569e0345b9b94d
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9876aee5e5417c163d9e7308bf64a54c7f6c5b9925bb667711cfe904fad2a22e
99174facd8ea1aa035e74bf4144c515a94d57d75a74dae9ada78b6cd19b028b1
9966dd73e3b6bd3309ea340c912de997aae36995155a7798a5eb036000111ed2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9e029604088b4b4d10e6f03361a7da5c18a1adeb1134e59d4e0f57fb566d0f68
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a7bc63ea693701956f1e693a36ce1e0fc24287aeccd1efe0f96371582f3d58bf
a9cd98344793b837f2c181ec0a785570f274b20950c45586b30d7a0c6f876a71
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ace8af7558d18129ddd3d52a56d5a83e7e87aed65613183d2354ad52c1416c0e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa7ce685176ced89c09ac5df6dd3132848cbf5e6db030582e0144d7a20b8f40
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2411ddc50b71ef631996cf91290a035d1066c3ef055010f244efa42d7d119d5
b28b87b8b1818880ec42d1f17d37a2e525d2c2303e0e5a898b65a262ea254646
b6a1cb7947bac55c1070534ac504f37532a1448413d0ed741726375e684d6c72
b72c523f3a6bd2865cbc4d463d4fcfe473e91ca7c8407a47dea62c8d607c5500
b774872cba7b39f361fad8583f8cbccd57ffb120483177d524374624309ea2fa
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
bc1c05bdd3b01d9aa9d49cd9381d674cb1e061a55698f2fabf7813ea46036956
bc236616fa26a4da6ce999f7aa3b12df944bb6305523f8530ee3fa29448feae2
bcd2b90380b886e67b72b59a9e9a15718e3c19914c406add2a823c948e01e38a
c0baa6e598c59c33239ad1d8eedb937ce0d3b5c0d8a2a63446fa7bee1e373a0e
c147a771edf73103fca6b7d3d0a738ea2435500d4d9b6f3c34529e0c27aba621
c26f4e72b94e04baf21ae337ddf62accb340d9c38317b20efca960115cbd3f8a
c3ec08472d06b7e59c603fea9fd52905525f7b48da91cad9220ad38f65dbb36e
c450ebe740acbd203871abaf35582529164819738280817fa6722abbcbfd029e
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c560955a3bd65bb3a5f1127b93d36593cdf850f71073bd4570f5bda9435e8bc4
c7c1ca89f96c2ac6dac5a62b349fbec505318d4c694b60547c827f2b156b709c
c8beecf77b495c3f976c2ed865e71c62bd49d5e5ad66bd7d9b786b1b912c4db0
c9d6066da42d61cf26a2c1ea6d50eb2abdfc5943c98bb39804e048ed612ce927
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfa6522e0ac537a9155811bafefeae7f345f8a112e3434695a6a6917b49f5e21
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d1a023b7af61e7028e7ad890de48afba8058d04150335e965f3d936583f7d962
d1cedea9a6f9dae63eaa8dcd962dcb3d3835a9e5dce78daa2db47f9c8eb3ee56
d2338573a82d5a44daa4b5a13edee7a5b13ec5620a862bc8667ad995d0c3e89d
d2c70869058f2fe874b7bc15180cff05244acc747d565252c45e944a05472e1c
d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843
d786bbb6a12fc01d79f92e24da0aaf595071a129c5bda5619ce6ee1abbbbf97b
d7d0ac3d48477cce6d0e6cf13b24fd78b9da989284aceaad215faf54d0195eab
d8634e7f77328b9098263858e80d3fb517b7e099ba5fa06f327a1a7ba4af50e3
d9fd3f8d9f03861382664ad153bfb600aced64024d36133b414297b2d4732383
db3ec29feaad61dc8943de34c1c0ee5fb7988daa4a7bbf4619a55d633f376c2c
dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02
de31dd4294035c772f6e06eca33abf75d34c25383e6772a0e47ce7f05ad83b3e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deed89f76f895f6afc93a0aee8996083b58c091d2af7d82ff1a5804cbb68c02b
e1e5dfe98cc72943d3a0c3ec75a441dd9d2111c27db7cb5a9ac721ee7b60abfe
e275c8eab3b1c6c48f4b6840bab0b7aa61c58dfa018ea7a0ec3d07a500495d41
e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e
e2c894119a46e0ce14b425e44d4a02692c2107479526498141c38503e432834d
e2dc5bb29540bbd5f8dfd077751a2d33f15e00ad3d0ed899888968708d5f041f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e6e3fd75e470cd50759b897eab984da9b5cafeda028be8eba2e779e41df6d818
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
eb298849925f683a074bddf1074e358658b8c66987a85612b79791a6498e8f03
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
eee87e2cdd1327491bdfede2706365f058aa671d980d78a0981d5041c47cb62c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
f1b4e911a8e15e9aa70a90bbbfbc34374da4ebb41082b1b731c9939114ae2cad
f20423efce6530b137706a27ca445bec490866891fbafb0fa77a857409fb99c2
f2bc2cc1e49f8673220bafe0fd0a4a378db0a24baef5608ee88f513b4b5aadb4
f6246ebe302e91d6fb04472e2b5e7aa5b75bf992fb24cbfa3a7c5b5a7bb6a037
f63d9178fd9b2960a8e65c86aa989b67c2f577d3c7720028f857c6ef1934ff18
f89aa233585a1c9dbff4be7af8b01097de04e4f1465a1e923a8baad16f020097
fa5af17857ac25298ff679f7961fa27be1dc3312f0d63c725aa2f87e6bb3cd86
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fc137fc6c40cb0c11877998983fcc32316fa9ff2d0ba255d9fd70741ada291df
ff340b47638e30d37db826972047c55485cf37ae6ff6b93e0924131fcb4ff090

www.omelete.com.br Open in urlscan Pro 179.191.182.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

430 Requests

88 %HTTPS

36 %IPv6

58 Domains

87 Subdomains

58 IPs

10 Countries

6368 kBTransfer

12872 kBSize

66 Cookies

15 Outgoing links

Page URL History

Redirected requests

430 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.omelete.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Screenshot
Live screenshot

Full Image

430
Requests

88 %
HTTPS

36 %
IPv6

58
Domains

87
Subdomains

58
IPs

10
Countries

6368 kB
Transfer

12872 kB
Size

66
Cookies

430 HTTP transactions
8 data transactions