www.ofertaspravoce.com Open in urlscan Pro
104.18.1.191 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b...
Submission Tags: @phish_report
Submission: On May 12 via api (May 12th 2024, 7:20:24 pm UTC) from FI — Scanned from FI

Summary HTTP 50 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 50 HTTP transactions. The main IP is 104.18.1.191, located in and belongs to CLOUDFLARENET, US. The main domain is www.ofertaspravoce.com.
TLS certificate: Issued by R3 on April 7th 2024. Valid for: 3 months.

This is the only time www.ofertaspravoce.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	104.18.1.191 104.18.1.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.219.46.13 52.219.46.13	16509 (AMAZON-02) (AMAZON-02)
9	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
13	172.67.71.184 172.67.71.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	116.203.25.165 116.203.25.165	24940 (HETZNER-AS) (HETZNER-AS)
2	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
50	7

21 104.18.1.191 (None, )

ASN13335 (CLOUDFLARENET, US)

www.ofertaspravoce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.46.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-w.eu-central-1.amazonaws.com

imbajslibs.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.67.71.184 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.25.165 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.25.203.116.clients.your-server.de

brplanet49.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	ofertaspravoce.com www.ofertaspravoce.com	425 KB
13	cleverpush.com static.cleverpush.com — Cisco Umbrella Rank: 24654 api.cleverpush.com — Cisco Umbrella Rank: 21697	132 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	266 KB
1	mycleverpush.com brplanet49.mycleverpush.com
1	amazonaws.com imbajslibs.s3.amazonaws.com	88 KB
0	btstatic.com Failed s.btstatic.com Failed
50	6

	Domain	Requested by
21	www.ofertaspravoce.com	www.ofertaspravoce.com
9	static.cleverpush.com	www.ofertaspravoce.com static.cleverpush.com
9	pagead2.googlesyndication.com	www.ofertaspravoce.com pagead2.googlesyndication.com
4	api.cleverpush.com	static.cleverpush.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	brplanet49.mycleverpush.com	static.cleverpush.com
1	imbajslibs.s3.amazonaws.com	www.ofertaspravoce.com
0	s.btstatic.com Failed	www.ofertaspravoce.com
50	8

This site contains links to these domains. Also see Links.

Domain
trk.adstrck123.com

Subject Issuer	Validity	Valid
www.ofertaspravoce.com R3	`2024-04-07` - `2024-07-06`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
cleverpush.com E1	`2024-04-30` - `2024-07-29`	3 months	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-14` - `2024-06-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Frame ID: 097D24B453664F58BB837993F22F09E1
Requests: 41 HTTP requests in this frame

Frame: https://www.ofertaspravoce.com/sc/pwrWlRgzGoMgiRxoyRyhgwgIsMirjggskhhoykJkmQimJlLowhgGirjiuJuKNisPyMoLznsRqmiLzgsjwQroxihjkopsJGkvPhqXMowwloxhOItOgoIqKoxiwLGggP
Frame ID: 5EB77B9823CBCD499FB6DACF66E8759C
Requests: 2 HTTP requests in this frame

Frame: https://brplanet49.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.ofertaspravoce.com
Frame ID: 044CA68C9CC49B8CBAA4A2CA6E41CA3D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240508/r20110914/zrt_lookup_fy2021.html
Frame ID: E86C6CDD4C203B64D66A0381B0BEC001
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7930870054565703&output=html&adk=1464023242&adf=699424016&abgtt=6&lmt=1715541618&plaf=2%3A2&plat=3%3A16%2C4%3A16%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.ofertaspravoce.com%2F%3Fcp%3DNnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq%26sub_id%3D7627-137_14308%26sub_id_postback%3D1026b2897055d3c5fedd763c0f8d6f&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715541617966&bpp=4&bdt=1063&idt=827&shv=r20240508&mjsv=m202405070101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5082454741162&frm=20&pv=2&ga_vid=367780087.1715541619&ga_sid=1715541619&ga_hid=929041886&ga_fc=0&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083437%2C95331983%2C95331043%2C95332402%2C95332415&oid=2&pvsid=3207651077118688&tmod=1329766614&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=851
Frame ID: 2776C4D03349B16F4CA74FC029EC9057
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240508/r20110914/zrt_lookup_fy2021.html
Frame ID: 82AAF80544E09EF5C47CE3DD5ADA1752
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F381471313A394E69D81CF3E1BC7F397
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mercado Livre

Detected technologies

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

50
Requests

94 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

911 kB
Transfer

2033 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://trk.adstrck123.com/aff_c?offer_id=9805&aff_id=2801&url_id=21579
Title: Cadastre-se aqui

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ofertaspravoce.com/ 39 KB
11 KB 1499ms
596ms Document
text/html 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e09bc7ce93529ff2cc49da01708b350265b62ba7c3722a42b0bec6238f0bafc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 882cc3de1f0b8d8f-HEL
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 12 May 2024 19:20:16 GMT
server: cloudflare
strict-transport-security: max-age=31536000
x-firstpage: 0
x-map-context: br
x-page: reg_full
x-served-by: a-04

GET
H2 200 sweepstake.bundle.css
www.ofertaspravoce.com/dist/69/ 105 KB
19 KB 64ms
61ms Stylesheet
text/css 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofertaspravoce.com/dist/69/sweepstake.bundle.css?2024-05-10.1

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f56eae15506eb81cf984710315cc2dc9e18fd6a0ce268544e9086856462f6bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 63418
cf-polished: origSize=109071
x-served-by: a-01
cf-bgj: minify
last-modified: Tue, 12 Mar 2024 13:31:14 GMT
x-map-context: br
server: cloudflare
etag: W/"65f05922-1aa0f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 882cc3e1d9f78d8f-HEL
expires: Mon, 13 May 2024 19:20:16 GMT

GET
H2 200 MooTools-Core-1.6.0-compressed.js Show response
www.ofertaspravoce.com/_global/js/framework/ 87 KB
27 KB 116ms
113ms Script
application/javascript 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofertaspravoce.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2024-05-10.1

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8f180db5bee6d0f0657465aa933e8e1f3492725403b3058424ab613998500ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
cf-polished: origSize=89700
x-served-by: a-01
cf-bgj: minify
last-modified: Fri, 10 Nov 2017 11:48:17 GMT
x-map-context: br
server: cloudflare
etag: W/"5a059201-15e64"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 882cc3e1e9fd8d8f-HEL
expires: Mon, 13 May 2024 19:20:16 GMT

GET
H2 200 moolidator.js Show response
www.ofertaspravoce.com/_global/js/ 34 KB
6 KB 93ms
90ms Script
application/javascript 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofertaspravoce.com/_global/js/moolidator.js?2024-05-10.1

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d17497c99136331e168c72b86d40bf1eb3194fb6c728f9ac65b66d536c05b653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
cf-polished: origSize=43114
x-served-by: a-03
cf-bgj: minify
last-modified: Thu, 09 Mar 2023 10:32:23 GMT
x-map-context: br
server: cloudflare
etag: W/"6409b5b7-a86a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 882cc3e1e9fe8d8f-HEL
expires: Mon, 13 May 2024 19:20:16 GMT

GET
H2 200 moolidator_rules.js Show response
www.ofertaspravoce.com/_global/js/ 19 KB
3 KB 88ms
86ms Script
application/javascript 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofertaspravoce.com/_global/js/moolidator_rules.js?2024-05-10.1

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c88919bb9c836ec10f4bd2431c91ac57c7cdac9f5af98824c6e7cc19a83e0217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
cf-polished: origSize=27274
x-served-by: a-02
cf-bgj: minify
last-modified: Mon, 08 Apr 2024 05:58:24 GMT
x-map-context: br
server: cloudflare
etag: W/"66138780-6a8a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 882cc3e1e9ff8d8f-HEL
expires: Mon, 13 May 2024 19:20:16 GMT

GET
H/1.1 200
OK combined.js Show response
imbajslibs.s3.amazonaws.com/2.11.28/ 88 KB
88 KB 302ms
129ms Script
application/javascript 52.219.46.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imbajslibs.s3.amazonaws.com/2.11.28/combined.js?2024-05-10.1
Requested by: Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.46.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 500e7f56813841c7fa0cedb0ffe7c365116a9634ca1bda8cf491b0bfddc9afc7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 12 May 2024 19:20:18 GMT
Last-Modified: Wed, 06 Sep 2023 13:42:47 GMT
Server: AmazonS3
x-amz-request-id: TJ47X1YN5MNZQP6S
ETag: "2544324831df1315c65e545f4f9194f1"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 89631
x-amz-id-2: uBCWljMpPmxZ6On5UdH1Zwsl/+na9J30YYsYpPIYCyC9BvMbtW+hcIQHUW9u7/TMYhc6qptPRIY=

GET
H2 200 scripts.js Show response
www.ofertaspravoce.com/_global/js/ 32 KB
9 KB 85ms
83ms Script
application/javascript 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofertaspravoce.com/_global/js/scripts.js?2024-05-10.1

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28a38b5911fdbcf635d4ac17a190ee9a672618a29e2c04ff35668020bdee62a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
cf-polished: origSize=55042
x-served-by: a-04
cf-bgj: minify
last-modified: Mon, 06 May 2024 07:37:28 GMT
x-map-context: br
server: cloudflare
etag: W/"663888b8-d702"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 882cc3e1ea028d8f-HEL
expires: Mon, 13 May 2024 19:20:16 GMT

GET
H2 200 global.js Show response
www.ofertaspravoce.com/wingame/global/js/ 58 B
177 B 95ms
94ms Script
application/javascript 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofertaspravoce.com/wingame/global/js/global.js?2024-05-10.1

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fab13fe7ae5ae57ce41e7381911342d5211d234c5ea99b6ad124faabc52f4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
cf-polished: origSize=155
x-served-by: a-01
cf-bgj: minify
last-modified: Thu, 19 Nov 2020 08:59:41 GMT
x-map-context: br
server: cloudflare
etag: W/"5fb633fd-9b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 882cc3e1ea048d8f-HEL
expires: Mon, 13 May 2024 19:20:16 GMT

GET
H2 200 series.js Show response
www.ofertaspravoce.com/_global/wingame/76/js/ 6 KB
2 KB 92ms
90ms Script
application/javascript 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofertaspravoce.com/_global/wingame/76/js/series.js?2024-05-10.1

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c885fe3584d7a7388d61578ac6497905573b7c2777873454100891313c0e3859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
cf-polished: origSize=8973
x-served-by: a-04
cf-bgj: minify
last-modified: Thu, 21 Mar 2024 11:06:06 GMT
x-map-context: br
server: cloudflare
etag: W/"65fc149e-230d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 882cc3e1ea068d8f-HEL
expires: Mon, 13 May 2024 19:20:16 GMT

GET
H2 200 sweepstake.js Show response
www.ofertaspravoce.com/wingame/69/js/ 2 KB
1 KB 92ms
91ms Script
application/javascript 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofertaspravoce.com/wingame/69/js/sweepstake.js?2024-05-10.1

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a73f8d9856b5953f647826b40badda93a7f3d299cd9fa279202f1cc9dee2b435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
cf-polished: origSize=3573
x-served-by: a-03
cf-bgj: minify
last-modified: Thu, 01 Feb 2024 12:35:07 GMT
x-map-context: br
server: cloudflare
etag: W/"65bb8ffb-df5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 882cc3e1ea088d8f-HEL
expires: Mon, 13 May 2024 19:20:16 GMT

GET
H2 200 Roboto.css
www.ofertaspravoce.com/_static/_global/_supload/fonts/css/ 3 KB
512 B 67ms
66ms Stylesheet
text/css 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofertaspravoce.com/_static/_global/_supload/fonts/css/Roboto.css

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d7b621db4b7913c0e6fe5e6bb0cc31efa17e6b3c43e04c6405776e67483242e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 02 Oct 2020 11:00:33 GMT
server: cloudflare
age: 63418
cf-polished: origSize=3799
etag: W/"724952885"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=86400
cf-ray: 882cc3e1ea008d8f-HEL
expires: Mon, 13 May 2024 19:20:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
52 KB 742ms
264ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7930870054565703

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

c09c55c95dad7be45b594908da86f091ba437a0e1843f833db01b58ff082edc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Origin: https://www.ofertaspravoce.com
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52317
x-xss-protection: 0
server: cafe
etag: 10692718017152166734
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 12 May 2024 19:20:17 GMT

GET
H2 200 7sesMoDRqxr5TTpJu.js Show response
static.cleverpush.com/channel/loader/ 247 KB
63 KB 1074ms
330ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/7sesMoDRqxr5TTpJu.js
Requested by: Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dbdf441e66863b5979ca6ab08d090b04b17b09a07e5b2f47f934db43a4df7b5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:18 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KH1ADT21PM6BYX8B
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Yp3xJmyZhMsTlqKp/dViORqW0Rzwx/9CsCatyHKFGWxmtNTkAlNi6lySN5Jg+kbwFWq5fcNGY8A=
last-modified: Sat, 11 May 2024 01:04:57 GMT
server: cloudflare
etag: W/"dbf1a59ece7c94f57c968e01580dde46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g5qdM90jEZPiLbPLvX%2BMzyuy9zxWv2KoycgiPnUlXYVMS5ovXa4cpLd9m4qT4oXvtijHDnNPHBMP8jwjAbiciMafvg645eLKhSxbYJXOLT2FRahzvXb2xc5yyW4QaYW%2FycYwmank3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 882cc3e8983a8d84-HEL

GET
H2 200 imgHousehold01.jpg
www.ofertaspravoce.com/_static/_global/_supload/ctn/ 61 KB
61 KB 418ms
417ms Image
image/jpeg 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ofertaspravoce.com/_static/_global/_supload/ctn/imgHousehold01.jpg

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cb75aefd58fefd4bc5b91e51528b6d0e0e3ebd2daa6ad6ce7f86fec595a4e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:17 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
last-modified: Tue, 09 Mar 2021 15:01:10 GMT
server: cloudflare
etag: "2134920702"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 882cc3e42c118d8f-HEL
content-length: 62675
expires: Mon, 13 May 2024 19:20:17 GMT

GET
H2 200 imgHousehold02.jpg
www.ofertaspravoce.com/_static/_global/_supload/ctn/ 58 KB
58 KB 669ms
667ms Image
image/jpeg 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ofertaspravoce.com/_static/_global/_supload/ctn/imgHousehold02.jpg

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d2743a2fb09c6508590431c2aa14320b4fdfaf137a38c19ed7c6d25fd3bfca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:17 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
last-modified: Tue, 09 Mar 2021 15:01:10 GMT
server: cloudflare
etag: "2082045329"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 882cc3e46c478d8f-HEL
content-length: 59254
expires: Mon, 13 May 2024 19:20:17 GMT

GET
H2 200 imgHousehold03.jpg
www.ofertaspravoce.com/_static/_global/_supload/ctn/ 82 KB
82 KB 457ms
456ms Image
image/jpeg 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ofertaspravoce.com/_static/_global/_supload/ctn/imgHousehold03.jpg

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b501c1fd7faecb2afa0327db4897a23875755848bfe45df62b7e447fd85427e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:17 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
last-modified: Tue, 09 Mar 2021 15:01:10 GMT
server: cloudflare
etag: "4031147819"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 882cc3e46c498d8f-HEL
content-length: 83474
expires: Mon, 13 May 2024 19:20:17 GMT

GET
H2 200 bgHousehold.jpg
www.ofertaspravoce.com/_static/_global/_supload/ctn/ 19 KB
19 KB 426ms
425ms Image
image/jpeg 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ofertaspravoce.com/_static/_global/_supload/ctn/bgHousehold.jpg

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cab4d777a6022a4c3b22c647aeab3a5dac30261ddc1e515d94d39e03afd5bed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:17 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
last-modified: Tue, 09 Mar 2021 15:01:09 GMT
server: cloudflare
etag: "2015222940"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 882cc3e46c4a8d8f-HEL
content-length: 19031
expires: Mon, 13 May 2024 19:20:17 GMT

GET
H2 200 imgHouseholdB01.jpg
www.ofertaspravoce.com/_static/_global/_supload/ctn/ 25 KB
25 KB 429ms
428ms Image
image/jpeg 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ofertaspravoce.com/_static/_global/_supload/ctn/imgHouseholdB01.jpg

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d0ede8c4de5c7d8e8f877e4a51ed2febdf24f87539162bede3a2ffc32d26f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:17 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
last-modified: Tue, 09 Mar 2021 15:01:10 GMT
server: cloudflare
etag: "1391018966"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 882cc3e46c4c8d8f-HEL
content-length: 25899
expires: Mon, 13 May 2024 19:20:17 GMT

GET
H2 200 imgHouseholdB02.jpg
www.ofertaspravoce.com/_static/_global/_supload/ctn/ 32 KB
32 KB 431ms
431ms Image
image/jpeg 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ofertaspravoce.com/_static/_global/_supload/ctn/imgHouseholdB02.jpg

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a694f428c2e1d087d59b3d269c91be1a7c05e1636a2d04183705bfb448c98a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:17 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
last-modified: Tue, 09 Mar 2021 15:01:10 GMT
server: cloudflare
etag: "2051775852"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 882cc3e46c4d8d8f-HEL
content-length: 33120
expires: Mon, 13 May 2024 19:20:17 GMT

GET
H2 200 imgHouseholdB03.jpg
www.ofertaspravoce.com/_static/_global/_supload/ctn/ 25 KB
25 KB 455ms
455ms Image
image/jpeg 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ofertaspravoce.com/_static/_global/_supload/ctn/imgHouseholdB03.jpg

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd0f9d959c1ae215bc0e9557994f3452b93b6428414053c4124db27f57c6fe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:17 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
last-modified: Tue, 09 Mar 2021 15:01:10 GMT
server: cloudflare
etag: "3538675219"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 882cc3e46c4e8d8f-HEL
content-length: 25658
expires: Mon, 13 May 2024 19:20:17 GMT

GET
H2 200 imgHouseholdB04.jpg
www.ofertaspravoce.com/_static/_global/_supload/ctn/ 29 KB
29 KB 493ms
493ms Image
image/jpeg 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ofertaspravoce.com/_static/_global/_supload/ctn/imgHouseholdB04.jpg

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fc0e4ec207aee4d00edb7c6ca5ffea532e0263b935a4c6963802563f364c3ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:17 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
last-modified: Tue, 09 Mar 2021 15:01:10 GMT
server: cloudflare
etag: "2048098890"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 882cc3e46c4f8d8f-HEL
content-length: 29906
expires: Mon, 13 May 2024 19:20:17 GMT

GET tag.js
s.btstatic.com/ 0
0

GET
H2 200 pwrWlRgzGoMgiRxoyRyhgwgIsMirjggskhhoykJkmQimJlLowhgGirjiuJuKNisPyMoLznsRqmiLzgsjwQroxihjkopsJGkvPhqXMowwloxhOItOgoIqKoxiwLGggP Show response
www.ofertaspravoce.com/sc/ Frame 5EB7 527 B
432 B 131ms
129ms Document
text/html 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofertaspravoce.com/sc/pwrWlRgzGoMgiRxoyRyhgwgIsMirjggskhhoykJkmQimJlLowhgGirjiuJuKNisPyMoLznsRqmiLzgsjwQroxihjkopsJGkvPhqXMowwloxhOItOgoIqKoxiwLGggP

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

882799aa4d0e1546b4691a75fdaa2174dc083d50f06f852dfb712da1b2b980be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 882cc3e46c518d8f-HEL
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 12 May 2024 19:20:17 GMT
server: cloudflare
strict-transport-security: max-age=31536000
x-map-context: br
x-served-by: a-01

GET
H2 200 s5-bfp.js Show response
www.ofertaspravoce.com/_global/js/ 12 KB
4 KB 425ms
424ms Script
application/javascript 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofertaspravoce.com/_global/js/s5-bfp.js?4019847338

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/_global/js/scripts.js?2024-05-10.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82e17635bd84d9c2f72b3d9ae284d3e84d9d4c990faf27b3ddb4169229f0bcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: a-04
date: Sun, 12 May 2024 19:20:17 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Mar 2020 13:46:39 GMT
server: cloudflare
x-map-context: br
etag: W/"5e6a3d3f-2e71"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 882cc3e46c528d8f-HEL
expires: Mon, 13 May 2024 19:20:17 GMT

GET tag.js
s.btstatic.com/ Frame 5EB7 0
0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405070101/ 412 KB
140 KB 652ms
180ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7930870054565703&plah=www.ofertaspravoce.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7930870054565703

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

3d132c4836ebfa9611df1cde194a4e99adf7c70b2a65a7847f8e9fe22106441e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142544
x-xss-protection: 0
server: cafe
etag: 903085463962755441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 12 May 2024 19:20:18 GMT

GET
H2 200 5.877e5677b6ca133c7147.js Show response
static.cleverpush.com/sdk/chunk/ 36 KB
10 KB 63ms
61ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.877e5677b6ca133c7147.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/7sesMoDRqxr5TTpJu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3002fef546813c1b3e5a09a4ba66bb3e4a490ea12ee76a4e5efc5a1ead0b683c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XH6GK661ZFZJD81Y
age: 20478
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: F+qgRYrPwvdUyfgsB1T3XbadshEVZJfx0OeGqWUhpBIn98Apo3yeJdEWJcmYNOCGZNs2jYsN5L8=
last-modified: Fri, 10 May 2024 13:26:54 GMT
server: cloudflare
etag: W/"0b6f36aba47858a26d63eeb0ebb0f4f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1PG%2BIzwTPH9Jk4yjzgvbvCD%2BDC8xZIkw8A5r0NoUJ6upkxbLtocAB%2BgCV0NeScGd5DQsaOlC0T%2Fg3ugbQJsu5D9KEuBGdWx3i2RsNVez5WtkXHcu4RayAHhyGFMkF1iQhj55GVGZog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 882cc3eafa188d84-HEL

GET
H2 200 251.ff5b3c0c290e9961835b.js Show response
static.cleverpush.com/sdk/chunk/ 5 KB
3 KB 61ms
60ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/7sesMoDRqxr5TTpJu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: DCVT3GZDA0076FB1
age: 21184
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: TT3eQ66Nnt0xr253KVBgXG7mlDQVRqwBGN2H2ZHeuOic4CTOk7tdzccAi/b9q1R4TzNrvjAz4YOJuv4p/QZWkw==
last-modified: Fri, 10 May 2024 13:26:52 GMT
server: cloudflare
etag: W/"e89cddaa8c63cff3a495570a91d5e690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hhnw%2Bf4d3oZ%2BQ%2BYUOXC%2FtJ0Lm1pRk4aS2zrw4Eo8VGrVppwv%2FjdU9wdWd1RQntjhymAhxk8doos%2FFt9Vs3VfN7VW2baCOPAU%2BmX2BY%2FcH2DmaWeRfgJ9SvT1h4JFrpWZQV7tzklXsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 882cc3eafa1b8d84-HEL

GET
H2 200 115.d6f4579d16a8335c5081.js Show response
static.cleverpush.com/sdk/chunk/ 14 KB
4 KB 59ms
59ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/115.d6f4579d16a8335c5081.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/7sesMoDRqxr5TTpJu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ddd1b39eac2a04fae60a31aa02ef2b45657ea5df67f814218e9a6a677bda5b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 69N6TKJ1H2K0TZP0
age: 19097
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CsA+JYHJZ5YqPCpBA4U7Xo0Ycekcz6i14EP1PtAf8n2GPkgRQ9OQcpklftxw1of5arYVyEn+B18=
last-modified: Fri, 10 May 2024 13:26:52 GMT
server: cloudflare
etag: W/"780fd0f9008fd4d419a4aa7e324ca738"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uN4H%2FEkXCvt12eYnqVWlhYX%2Bm4IWPkwsHoZurzcSgwCBjhNPDTN1m0AlvOtaM4KhGHxLisA6xHMgVjEkiDW9JSB9uJ4yFn4KxsEijH5%2FWQNnkMw1jij9scI1a0hJSg3fq5%2BowxpM%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 882cc3eafa1c8d84-HEL

GET
H2 200 iframe
brplanet49.mycleverpush.com/ Frame 044C 0
0 337ms
132ms Document
text/html 116.203.25.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://brplanet49.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.ofertaspravoce.com

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.203.25.165 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.25.203.116.clients.your-server.de

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.ofertaspravoce.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 12 May 2024 19:20:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend-server: cleverpush-worker-2
x-cache-status: HIT
x-robots-tag: noindex

GET
H2 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240508/r20110914/ Frame E86C 0
0 561ms
83ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240508/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7930870054565703&plah=www.ofertaspravoce.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.ofertaspravoce.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 83611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 May 2024 20:06:48 GMT
etag: 5035419970550746386
expires: Sat, 25 May 2024 20:06:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads
pagead2.googlesyndication.com/pagead/ Frame 2776 0
0 937ms
473ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7930870054565703&output=html&adk=1464023242&adf=699424016&abgtt=6&lmt=1715541618&plaf=2%3A2&plat=3%3A16%2C4%3A16%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.ofertaspravoce.com%2F%3Fcp%3DNnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq%26sub_id%3D7627-137_14308%26sub_id_postback%3D1026b2897055d3c5fedd763c0f8d6f&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715541617966&bpp=4&bdt=1063&idt=827&shv=r20240508&mjsv=m202405070101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5082454741162&frm=20&pv=2&ga_vid=367780087.1715541619&ga_sid=1715541619&ga_hid=929041886&ga_fc=0&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083437%2C95331983%2C95331043%2C95332402%2C95332415&oid=2&pvsid=3207651077118688&tmod=1329766614&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=851

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.ofertaspravoce.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 44347
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 May 2024 19:20:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 103.ca34caf4a7c7f94a245a.js Show response
static.cleverpush.com/sdk/chunk/ 96 KB
22 KB 63ms
63ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/103.ca34caf4a7c7f94a245a.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/7sesMoDRqxr5TTpJu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0PVYVF3MKQY7CHVH
age: 21187
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tItF1eRBTSrXUXG58fWu49oA++erZmWo2T3QSLqtlrJYtr5H5yCAYJCRuIut+lKZ7pxTzw+8nB0=
last-modified: Fri, 10 May 2024 13:26:52 GMT
server: cloudflare
etag: W/"edca157e63c1ec51d4f0d926c455f313"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ID523JVSNroNHy5zHsiz5Dh72O0XVqMxjfw7ZA9K%2BXdy83Jjiwu%2FmHfy%2Fy8pMseAW5o6LWvRLrB6K92Xcjn5U8Y%2Bg7z6xwPPal7DdGdqTY7HW9A0Kyqr3WCi6sY4BccEZOHXSbZTAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 882cc3f0fe458d84-HEL

GET
H2 200 720.55250bc0a01067617553.js Show response
static.cleverpush.com/sdk/chunk/ 48 KB
11 KB 62ms
62ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/720.55250bc0a01067617553.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/7sesMoDRqxr5TTpJu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 634fb6243f777936587296216a0a98c5ebd215c4c2fd44bb310fdfad37ce1ea7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: DS1WQY6FZ0HR3FC0
age: 19091
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tmJPhzHzVyfQsurcl5mPHp9l8BMuACaThpUz9eaWybB3/DTf4htV+jxW1ICJAJaHiuynu+z8y+8=
last-modified: Fri, 10 May 2024 13:26:54 GMT
server: cloudflare
etag: W/"efcb14c4a4c67c58e37dd5ee8083a4d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tMX4Ct0UUfdDE7QsN%2BDDEEM2ThCJatcRQvB%2Fo1sasVRdlPlIpvQtDCasFITRc1nnPIEncWxyrVjw53kh8VSXQ05t9TqCTqBGlkJCHLf8JEjaTttBZj8V05GVdN1FZsUzgxVoouM2Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 882cc3f0fe468d84-HEL

GET
H2 200 376.8cab31ffc2b64b495b06.js Show response
static.cleverpush.com/sdk/chunk/ 12 KB
4 KB 59ms
58ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/376.8cab31ffc2b64b495b06.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/7sesMoDRqxr5TTpJu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b45565fcd020711c8775c1a80ce7b1f9eea3546dbd5809292f908556c40ac0bf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: MHEE42B20E637TGV
age: 20970
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 790Menl0SAeNqvj3RRYyE9nMfDIK3H8vdBC4DGRzV56KtRcXe0UjQnfzIw4sR/9J1mi1U9dl10c=
last-modified: Fri, 10 May 2024 13:26:53 GMT
server: cloudflare
etag: W/"82d21e4c44ccb88da7bc6dc70911eddf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BIi6uZlAw1NxPhCBBFJiePyOJrM9qqZhprXzWrkQYTCbllLUdEG5CCAUQ7zhOsl8Cf5UNm8lYss4q8oGgQGTN5d5crD2%2Bi7xPri5TsxvifW1gckSeGuNAWwcKDBLx%2Fr3ATY%2FcIQf1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 882cc3f18eb18d84-HEL

GET
H2 200 862.00b24ae64de8ff317661.js Show response
static.cleverpush.com/sdk/chunk/ 33 KB
9 KB 70ms
70ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/862.00b24ae64de8ff317661.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/7sesMoDRqxr5TTpJu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e49eb1384fa0a2c2116fcc445f475fb41051e517a1e43dde798ca4770d481447

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: DS1P6K5RG6179PAV
age: 19091
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mIXiPIEsV62u+1SWj1fUKG1JAPkDxfPkGE2072bD10ykc1tDE4WCPLJjfiYxbyNdySn7obRd9Vg=
last-modified: Fri, 10 May 2024 13:26:55 GMT
server: cloudflare
etag: W/"cafc6aa528a48ecd92bc50630c8497d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZKGh5gIUjRSWRg7JZaIfoE%2BRsnAQwNQSMPpN9Fou2qZowAxWLc61qsdE1oEaD99H4sVn2exA0XkePzgNSzrGNvDKmY3uQIzJJG4VTU8vEUE%2FyEhNWsTZtIk9CecCjR7Ej5fKTbsIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 882cc3f18eb28d84-HEL

POST
H2 200 optin-visitor Show response
api.cleverpush.com/channel/ 16 B
298 B 97ms
97ms Fetch
application/json 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/7sesMoDRqxr5TTpJu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.ofertaspravoce.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-44
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVnXus%2FCX2%2BfXcHtS69Ohb%2BS6ho34MBVMWJgKy2%2FmQ4h55g%2FcRgop6YNTqfobzWegLogAAZQo9mTbB0koocC9DZmV3DuJwvzMcI5TlVVlEajYa0jyKACdt2vgGbyYl67JncqwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 882cc3f4cf968d52-HEL
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage

OPTIONS
H2 200 optin-visitor
api.cleverpush.com/channel/ Frame 0
0 511ms
88ms Preflight
application/json 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ofertaspravoce.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 882cc3f43f338d52-HEL
content-length: 0
content-type: application/json; charset=utf-8
date: Sun, 12 May 2024 19:20:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gq5KlBArEkPUbmidKGzXFFqcRZMU1vWLELUJEaY7AW5HWdQGxmLRc3qECP9Wvz%2F%2BfO17RQq8EXDmX5d22DbelAYRheaAf0P2A4iScYb2vKk%2B%2FAxoxlATrCmGETvLyQcL27HRTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H2 200 confirm-alert
api.cleverpush.com/channel/ Frame 0
0 506ms
87ms Preflight
application/json 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ofertaspravoce.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 882cc3f43f328d52-HEL
content-length: 0
content-type: application/json; charset=utf-8
date: Sun, 12 May 2024 19:20:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ggrb7%2BJUXjoqnJz1Ac7RF2wAkYyOqWs4%2B%2BnhaJg8mRXxhToinsREkXuLgVv%2BYhVT7alNb9AWYtEcbmT0WHB5qg3%2F0HtUJH0pOEDcUNMnQ5sgMfl9sKHpapKqtkLYHopo9AyYSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 confirm-alert Show response
api.cleverpush.com/channel/ 16 B
366 B 96ms
94ms Fetch
application/json 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/7sesMoDRqxr5TTpJu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.ofertaspravoce.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-44
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BmFxasqmFPfAGwcJ4jhpOZ78%2BPDb6cZzRXUR46YegDiEy0Va9lfJqTV9BOLVSA4tdYuCzyFcSlmA4k4RJJ9ZxyFOqTJd5lrN0VNftTb1TImAuexQfESfAwunf%2Fp%2BTosUw%2Bj2yA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 882cc3f4cf948d52-HEL
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage

GET
H2 200 2NpSx68QgSZRyQkHN.png
static.cleverpush.com/notification/icon/ 5 KB
5 KB 176ms
176ms Image
image/png 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cleverpush.com/notification/icon/2NpSx68QgSZRyQkHN.png
Requested by: Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dd2b94a3ff115cb7475222f18127dbf181da22ca662f7721b69a231d60c3da

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:19 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Oct 2020 14:13:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: K81C2TZEEH6AXS9H
etag: "971cc209e2a268d6a0c46f9159caff90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VTf3BwEIAA2yZecZi8oJD6L%2BqAlE0BKcSNnA6WFhWLRNBEmfdtQPLcIo7J6qPq3Cj%2BYXzITnYDNdMnGrIZRXTo%2Frq68FCdHSxVD5g66Um2bvZSiRnefIfw72vOemIT9mt6qRXXOAsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 882cc3f19ec58d84-HEL
alt-svc: h3=":443"; ma=86400
content-length: 5014
x-amz-id-2: I3oR0bTSlWUHggzoBaEIhSAz26fkbye8572rBOU/JaQiKE/AD/Tmb4zg8kyyT3MVHSnvbgGgjrcDx0c5nMrYOw==

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405070101/ 167 KB
56 KB 123ms
122ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405070101/reactive_library_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8d0a426a04555526d30d1521bda25015b1773fa116375088b0c18b700774aa1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57493
x-xss-protection: 0
server: cafe
etag: 8861666937863536857
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 May 2024 19:20:19 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 134ms
133ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759842%2C31083437%2C95331983%2C95331043%2C95332402%2C95332415&hl=pt&pvc=3207651077118688

Requested by

Host: www.ofertaspravoce.com
URL: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 12 May 2024 19:20:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 120ms
119ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7930870054565703&plah=www.ofertaspravoce.com&aplac=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240508/r20110914/ Frame 82AA 0
0 0ms
0ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240508/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.ofertaspravoce.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 83611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 May 2024 20:06:48 GMT
etag: 5035419970550746386
expires: Sat, 25 May 2024 20:06:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 126ms
126ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240508&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e4d94bc37173d9f374b528bb677e5ba424da678cb92d1e7d409b5e9cc89649da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12087
x-xss-protection: 0

GET
H2 200 favicon.ico
www.ofertaspravoce.com/ 15 KB
10 KB 82ms
81ms Other
image/x-icon 104.18.1.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofertaspravoce.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.191 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

013957918216490a7a6092735b2974a57ba30430b6b988177d92bfaa785d7382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/?cp=NnyMkowoLiigrkrhjLsNKgxsHwxiHhzogrmthlxwgmigwGoq&sub_id=7627-137_14308&sub_id_postback=1026b2897055d3c5fedd763c0f8d6f
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: a-04
date: Sun, 12 May 2024 19:20:20 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 May 2020 13:11:44 GMT
server: cloudflare
x-map-context: br
etag: W/"5eac2010-3aee"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=86400
cf-ray: 882cc3f9fcd38d8f-HEL
expires: Mon, 13 May 2024 19:20:20 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 616ms
127ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ofertaspravoce.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 19:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 May 2024 19:20:21 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F381 0
0 131ms
131ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.ofertaspravoce.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 16750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 May 2024 14:41:11 GMT
expires: Mon, 12 May 2025 14:41:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.btstatic.com
URL: https://s.btstatic.com/tag.js

Domain: s.btstatic.com
URL: https://s.btstatic.com/tag.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240508&jk=3207651077118688&bg=!ODulO3TNAAZxHNKdURw7ADQBe5WfOFxTovCFiZCBpMraq8TsoTj75EdzcxyaHtH_L44PQcVsqe_vfdygl4_noI4Nc6mbAgAAAEVSAAAABGgBB34ANRI4sqMwFafSCkFVW2fImQmPgR1f8AD6guGqWfjfi79ibXRrhMoB-QOEgqS2gwWT2JTyYkDtCgBlbBGYK42p8ZNNA7V6vHN7anEcADo3x5_2Dbb7JfmbbxwKGNUt9RP37xeqX-_7PXr-cLxRBGCXTmV8AGx6OACD8tSlaKLIvhj1P90yAixEUTUoLsVKZUPgutKg1iKo46uLy821UD6ZAqUohx4pdkT_uuSf5TRWMZj8NY84UDib1wkBvEI9tQ09ApvuqwuUOfYuSUS7VuJKkeQN-Wu3NGj-ox8-Ek49vZa3mYnTFv5A-SLyb_W7-GQpXZbaXC8-kVEIp1Bxwz5oxxDqT8OM75kjUtxc791hsMIJcKIOm0fvar-rqrRhpwvZ6u498JgeYp1muUQcrj5cYYMcWEfDnAGmQy3J789j5t7bDCtrVMo5kFFNcThoAr71frBdyegrdo7YXTFlTOX3KarjZUmPzqETfQXP4yQjYm12soFc9Qu7lHNzZvnLi-A3V2LIXpw87ZR8bFg-SHTdwkyJMMNYJeQTrplPR0pJ_WkKqVmZSSrLo2Zc5PRJBVq1_qNz-8AIt7JgPEA9W9TQc97TKP5bvXeK8Ht0wpAWsEJfLFAwFOUzh6g26mNlip1vdqHH3ry2oEJDZfGyXBbS8akJqF6pC4Qa2P-p7HhdjWyYCKl1AGo0gA58XnbED_sj-jOpBg-HTBlcReeK6MyCSd2o1oA8gAhUs_vkH4xiHLX1jAQHgdpLNQI2aaGwb2waPU2Jtla3iFHJbkfbA0k0kTFa9oymKwxLJA_bTzWW0n-hLSptlqJGMNOhot2VosXcOVM6NGb_R1no8lxh4yV8zLbLWBj5mBnUyxo64rvcTzILBvDsCqbmrkqbGE1EHbMCDbYwtMNCu4fhy2M8YTP864KdjfQnr30UBLa-O3m0UPkT1qTlibc0BfnDGwkJ1SWRPWrXMxL3KgFq7qUoYYpt7hxkMfgTUYkrjJjQSXr9POJrS8o9pYlT2sNFmtIdI0kkpM-aLukucNpZGRQdtOoChNldgSyeimTuE8AKyA04TljtkFIxKbFYFcj5NCluRd9NgkDgPyVSbYxe_OE5wZ8aKXUw7lHhtA

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ofertaspravoce.com/	1970-01-21 00:51:33	Name: __eoi Value: ID=dbe94ad562f468e9:T=1715541619:RT=1715541619:S=AA-AfjYrNC8Ico6S7lGFnhLtjMxu

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s.btstatic.com/tag.js#site=IvXsPZ5 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://s.btstatic.com/tag.js#site=IvXsPZ5 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cleverpush.com
brplanet49.mycleverpush.com
imbajslibs.s3.amazonaws.com
pagead2.googlesyndication.com
s.btstatic.com
static.cleverpush.com
tpc.googlesyndication.com
www.ofertaspravoce.com
pagead2.googlesyndication.com
s.btstatic.com
104.18.1.191
116.203.25.165
142.250.185.162
142.250.186.161
172.67.71.184
52.219.46.13
013957918216490a7a6092735b2974a57ba30430b6b988177d92bfaa785d7382
28a38b5911fdbcf635d4ac17a190ee9a672618a29e2c04ff35668020bdee62a4
3002fef546813c1b3e5a09a4ba66bb3e4a490ea12ee76a4e5efc5a1ead0b683c
3cb75aefd58fefd4bc5b91e51528b6d0e0e3ebd2daa6ad6ce7f86fec595a4e92
3d132c4836ebfa9611df1cde194a4e99adf7c70b2a65a7847f8e9fe22106441e
3d2743a2fb09c6508590431c2aa14320b4fdfaf137a38c19ed7c6d25fd3bfca6
500e7f56813841c7fa0cedb0ffe7c365116a9634ca1bda8cf491b0bfddc9afc7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634fb6243f777936587296216a0a98c5ebd215c4c2fd44bb310fdfad37ce1ea7
78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e
7e09bc7ce93529ff2cc49da01708b350265b62ba7c3722a42b0bec6238f0bafc
7fc0e4ec207aee4d00edb7c6ca5ffea532e0263b935a4c6963802563f364c3ac
81d0ede8c4de5c7d8e8f877e4a51ed2febdf24f87539162bede3a2ffc32d26f6
82e17635bd84d9c2f72b3d9ae284d3e84d9d4c990faf27b3ddb4169229f0bcd1
87ddd1b39eac2a04fae60a31aa02ef2b45657ea5df67f814218e9a6a677bda5b
882799aa4d0e1546b4691a75fdaa2174dc083d50f06f852dfb712da1b2b980be
8d0a426a04555526d30d1521bda25015b1773fa116375088b0c18b700774aa1d
8dbdf441e66863b5979ca6ab08d090b04b17b09a07e5b2f47f934db43a4df7b5
9d7b621db4b7913c0e6fe5e6bb0cc31efa17e6b3c43e04c6405776e67483242e
9fab13fe7ae5ae57ce41e7381911342d5211d234c5ea99b6ad124faabc52f4fe
a694f428c2e1d087d59b3d269c91be1a7c05e1636a2d04183705bfb448c98a11
a73f8d9856b5953f647826b40badda93a7f3d299cd9fa279202f1cc9dee2b435
a9dd2b94a3ff115cb7475222f18127dbf181da22ca662f7721b69a231d60c3da
b45565fcd020711c8775c1a80ce7b1f9eea3546dbd5809292f908556c40ac0bf
b501c1fd7faecb2afa0327db4897a23875755848bfe45df62b7e447fd85427e5
bd0f9d959c1ae215bc0e9557994f3452b93b6428414053c4124db27f57c6fe77
c09c55c95dad7be45b594908da86f091ba437a0e1843f833db01b58ff082edc3
c885fe3584d7a7388d61578ac6497905573b7c2777873454100891313c0e3859
c88919bb9c836ec10f4bd2431c91ac57c7cdac9f5af98824c6e7cc19a83e0217
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cab4d777a6022a4c3b22c647aeab3a5dac30261ddc1e515d94d39e03afd5bed9
d17497c99136331e168c72b86d40bf1eb3194fb6c728f9ac65b66d536c05b653
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49eb1384fa0a2c2116fcc445f475fb41051e517a1e43dde798ca4770d481447
e4d94bc37173d9f374b528bb677e5ba424da678cb92d1e7d409b5e9cc89649da
e8f180db5bee6d0f0657465aa933e8e1f3492725403b3058424ab613998500ab
f56eae15506eb81cf984710315cc2dc9e18fd6a0ce268544e9086856462f6bb5

www.ofertaspravoce.com Open in urlscan Pro 104.18.1.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

94 %HTTPS

0 %IPv6

6 Domains

8 Subdomains

7 IPs

3 Countries

911 kBTransfer

2033 kBSize

1 Cookies

1 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ofertaspravoce.com Open in urlscan Pro
104.18.1.191 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

94 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

911 kB
Transfer

2033 kB
Size

1
Cookies

50 HTTP transactions
0 data transactions