ronaldo.welatpets.xyz Open in urlscan Pro
198.54.126.143 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
Submission: On September 17 via manual (September 17th 2019, 11:25:38 pm UTC) from AE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 9 domains to perform 16 HTTP transactions. The main IP is 198.54.126.143, located in Los Angeles, United States and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is ronaldo.welatpets.xyz.

This is the only time ronaldo.welatpets.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	198.54.126.143 198.54.126.143	22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap)
6	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	193.124.183.237 193.124.183.237	48666 (AS-MAROSN...) (AS-MAROSNET Moscow)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
5	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	158.69.252.241 158.69.252.241	16276 (OVH) (OVH)
16	7

1 198.54.126.143 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: premium3-3.web-hosting.com

ronaldo.welatpets.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.124.183.237 (Moscow, Russian Federation)

ASN48666 (AS-MAROSNET Moscow, Russia, RU)
PTR: ih1254818.vds.myihor.ru

nowlive.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.252.241 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns561403.ip-158-69-252.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	doubleclick.net googleads.g.doubleclick.net
3	googlesyndication.com pagead2.googlesyndication.com	196 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
1	googletagservices.com www.googletagservices.com	29 KB
1	google.com adservice.google.com	476 B
1	google.de adservice.google.de	476 B
1	nowlive.pro nowlive.pro
1	blogspot.com 1.bp.blogspot.com	1 KB
1	welatpets.xyz ronaldo.welatpets.xyz	2 KB
16	9

	Domain	Requested by
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	pagead2.googlesyndication.com	ronaldo.welatpets.xyz pagead2.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	s10.histats.com	ronaldo.welatpets.xyz
1	nowlive.pro	ronaldo.welatpets.xyz
1	1.bp.blogspot.com	ronaldo.welatpets.xyz
1	ronaldo.welatpets.xyz
16	10

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
Frame ID: 602FA8781D146E16F93D257226A3C043
Requests: 9 HTTP requests in this frame

Frame: http://nowlive.pro/1/101.html?id=101
Frame ID: 380E5E9AC3377B630429113D3A702791
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js
Frame ID: 0CF7BDBF03A3AF3846E3C996D6689817
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190916/r20190131/zrt_lookup.html
Frame ID: 806E2175DB213A8B6B2FE0E077BA14C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4361649229088462&output=html&h=90&slotname=1450182469&adk=84484421&adf=3939372865&w=728&lmt=1568749723&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fronaldo.welatpets.xyz%2Fcr7%2Fborusia-barcy.html&flash=0&wgl=1&adsid=NT&dt=1568762721855&bpp=9&bdt=45&fdt=44&idt=44&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&correlator=1133963928503&frm=20&pv=2&ga_vid=2001230215.1568762722&ga_sid=1568762722&ga_hid=1005277740&ga_fc=0&iag=0&icsg=2728&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=44&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064339&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.w06yxxhnwemy&fsb=1&xpc=Qi3xWofo0t&p=http%3A//ronaldo.welatpets.xyz&dtd=57
Frame ID: 99B520F229B4E4582C9E2E26C6D0DF52
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4361649229088462&output=html&h=90&slotname=1450182469&adk=2809090136&adf=2727024767&w=728&lmt=1568749723&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fronaldo.welatpets.xyz%2Fcr7%2Fborusia-barcy.html&flash=0&wgl=1&adsid=NT&dt=1568762721864&bpp=4&bdt=55&fdt=56&idt=56&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90&correlator=1133963928503&frm=20&pv=1&ga_vid=2001230215.1568762722&ga_sid=1568762722&ga_hid=1005277740&ga_fc=0&iag=0&icsg=35496&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064339&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.vz35gsm7p82f&fsb=1&xpc=iDeTdVyWr8&p=http%3A//ronaldo.welatpets.xyz&dtd=58
Frame ID: EAD5F86DC49BEA28042D66D1B0293302
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4361649229088462&output=html&h=250&slotname=2763264135&adk=2742236066&adf=2492882279&w=300&lmt=1568749723&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fronaldo.welatpets.xyz%2Fcr7%2Fborusia-barcy.html&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1568762721868&bpp=3&bdt=59&fdt=58&idt=58&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=1133963928503&frm=20&pv=1&ga_vid=2001230215.1568762722&ga_sid=1568762722&ga_hid=1005277740&ga_fc=0&iag=0&icsg=35496&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064339&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=16&bc=23&ifi=3&uci=3.4qtz83k6wvnk&fsb=1&xpc=qTQhtuWN7n&p=http%3A//ronaldo.welatpets.xyz&dtd=60
Frame ID: 891953E8FED84415C1253E38F37E63E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4361649229088462&output=html&adk=1812271804&adf=3025194257&lmt=1568749723&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fronaldo.welatpets.xyz%2Fcr7%2Fborusia-barcy.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1568762721871&bpp=3&bdt=62&fdt=61&idt=61&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C300x250&nras=1&correlator=1133963928503&frm=20&pv=1&ga_vid=2001230215.1568762722&ga_sid=1568762722&ga_hid=1005277740&ga_fc=0&iag=0&icsg=35496&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064339&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=3.lllkk56o0vq7&fsb=1&dtd=64
Frame ID: 526BC202B37DC0A50B404CC77B5998D1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

16
Requests

75 %
HTTPS

43 %
IPv6

9
Domains

10
Subdomains

7
IPs

5
Countries

233 kB
Transfer

624 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request borusia-barcy.html Show response
ronaldo.welatpets.xyz/cr7/ 3 KB
2 KB 7628ms
7583ms Document
text/html 198.54.126.143
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
Protocol: HTTP/1.1
Server: 198.54.126.143 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: premium3-3.web-hosting.com
Software: Apache /
Resource Hash: a5ed9f7eb51bfb3393473922d3623d26bea2052fe753697d2c1ff60612648fd2

Request headers

Host: ronaldo.welatpets.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 23:25:21 GMT
Server: Apache
Last-Modified: Tue, 17 Sep 2019 19:48:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1332
Content-Type: text/html

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 95 KB
35 KB 32ms
20ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ronaldo.welatpets.xyz
URL: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea6dec8a911924c0098fa147b9c983693d079299d19a9e89ee23a913e6f352e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 23:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 35325
x-xss-protection: 0
server: cafe
etag: 5424778929673075744
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 Sep 2019 23:25:21 GMT

GET
H2 200 closeButton.gif
1.bp.blogspot.com/-1CSgNBJaCJ0/VEvBgUPsIeI/AAAAAAAAAxM/CvwQXvX-Vsk/s1600/ 1013 B
1 KB 20ms
6ms Image
image/gif 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-1CSgNBJaCJ0/VEvBgUPsIeI/AAAAAAAAAxM/CvwQXvX-Vsk/s1600/closeButton.gif

Requested by

Host: ronaldo.welatpets.xyz
URL: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

4e9df74a2654e54242ac36f10826cba1261c1f9152da9ff7504b2248c42463ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 20:05:19 GMT
x-content-type-options: nosniff
age: 12002
status: 200
content-disposition: inline;filename="closeButton.gif"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1013
x-xss-protection: 0
server: fife
etag: "v314"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Sep 2019 19:55:54 GMT

GET
H/1.1 200
OK 101.html
nowlive.pro/1/ Frame 380E 0
0 146ms
106ms Document
text/html 193.124.183.237
AS-MAROSNET Moscow

General

Check archive.org

Show headers Download Go to

Full URL: http://nowlive.pro/1/101.html?id=101
Requested by: Host: ronaldo.welatpets.xyz
URL: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
Protocol: HTTP/1.1
Server: 193.124.183.237 Moscow, Russian Federation, ASN48666 (AS-MAROSNET Moscow, Russia, RU),
Reverse DNS: ih1254818.vds.myihor.ru
Software: nginx/1.2.1 /
Resource Hash

Request headers

Host: nowlive.pro
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html

Response headers

Server: nginx/1.2.1
Date: Tue, 17 Sep 2019 23:18:01 GMT
Content-Type: text/html
Last-Modified: Wed, 08 May 2019 20:37:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 44ms
30ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: ronaldo.welatpets.xyz
URL: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 23:15:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP: 51.254.41.128/26
ETag: "-139234964"
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 32089
Content-Type: text/javascript
X-CDN-Pop: rbx1
Accept-Ranges: bytes
Content-Length: 4525
X-Request-ID: 666213157

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
476 B 28ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ronaldo.welatpets.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 23:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
476 B 28ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ronaldo.welatpets.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 23:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/ 218 KB
80 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c2ff48bcbf9eadb11a5db2905263a74dfce1f4d3067910bfa74c4284a2ee7055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 23:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 82154
x-xss-protection: 0
server: cafe
etag: 11959035575636662538
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Sep 2019 23:25:21 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/ Frame 0CF7 218 KB
80 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c2ff48bcbf9eadb11a5db2905263a74dfce1f4d3067910bfa74c4284a2ee7055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 23:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 82154
x-xss-protection: 0
server: cafe
etag: 11959035575636662538
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Sep 2019 23:25:21 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190916/r20190131/ Frame 806E 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190916/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190916/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 16 Sep 2019 14:13:40 GMT
expires: Mon, 30 Sep 2019 14:13:40 GMT
content-type: text/html; charset=UTF-8
etag: 14866779439905550351
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7273
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 119501
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
323 B 210ms
196ms Script
text/html 158.69.252.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s4.histats.com/stats/0.php?4256504&@f16&@g1&@h1&@i1&@j1568762721880&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:178306972&@b3:1568762722&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fronaldo.welatpets.xyz%2Fcr7%2Fborusia-barcy.html&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Server: 158.69.252.241 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561403.ip-158-69-252.net
Software: /
Resource Hash: df9e26f579acc77338a92c59151b5f853ec9805e50e22c7db336c9292c0a47de

Request headers

Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 23:25:22 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 99B5 0
0 116ms
116ms Document
text/html 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4361649229088462&output=html&h=90&slotname=1450182469&adk=84484421&adf=3939372865&w=728&lmt=1568749723&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fronaldo.welatpets.xyz%2Fcr7%2Fborusia-barcy.html&flash=0&wgl=1&adsid=NT&dt=1568762721855&bpp=9&bdt=45&fdt=44&idt=44&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&correlator=1133963928503&frm=20&pv=2&ga_vid=2001230215.1568762722&ga_sid=1568762722&ga_hid=1005277740&ga_fc=0&iag=0&icsg=2728&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=44&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064339&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.w06yxxhnwemy&fsb=1&xpc=Qi3xWofo0t&p=http%3A//ronaldo.welatpets.xyz&dtd=57

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4361649229088462&output=html&h=90&slotname=1450182469&adk=84484421&adf=3939372865&w=728&lmt=1568749723&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fronaldo.welatpets.xyz%2Fcr7%2Fborusia-barcy.html&flash=0&wgl=1&adsid=NT&dt=1568762721855&bpp=9&bdt=45&fdt=44&idt=44&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&correlator=1133963928503&frm=20&pv=2&ga_vid=2001230215.1568762722&ga_sid=1568762722&ga_hid=1005277740&ga_fc=0&iag=0&icsg=2728&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=44&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064339&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.w06yxxhnwemy&fsb=1&xpc=Qi3xWofo0t&p=http%3A//ronaldo.welatpets.xyz&dtd=57
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 17 Sep 2019 23:25:22 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Sep-2019 23:40:21 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Tue, 17 Sep 2019 23:25:22 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

31689f8d6eb1b3893de316c482b745b5fc7f0ee5408f7e86ec0e20c320e6b1c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 23:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Tue, 17 Sep 2019 23:25:21 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame EAD5 0
0 126ms
125ms Document
text/html 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4361649229088462&output=html&h=90&slotname=1450182469&adk=2809090136&adf=2727024767&w=728&lmt=1568749723&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fronaldo.welatpets.xyz%2Fcr7%2Fborusia-barcy.html&flash=0&wgl=1&adsid=NT&dt=1568762721864&bpp=4&bdt=55&fdt=56&idt=56&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90&correlator=1133963928503&frm=20&pv=1&ga_vid=2001230215.1568762722&ga_sid=1568762722&ga_hid=1005277740&ga_fc=0&iag=0&icsg=35496&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064339&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.vz35gsm7p82f&fsb=1&xpc=iDeTdVyWr8&p=http%3A//ronaldo.welatpets.xyz&dtd=58

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4361649229088462&output=html&h=90&slotname=1450182469&adk=2809090136&adf=2727024767&w=728&lmt=1568749723&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fronaldo.welatpets.xyz%2Fcr7%2Fborusia-barcy.html&flash=0&wgl=1&adsid=NT&dt=1568762721864&bpp=4&bdt=55&fdt=56&idt=56&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90&correlator=1133963928503&frm=20&pv=1&ga_vid=2001230215.1568762722&ga_sid=1568762722&ga_hid=1005277740&ga_fc=0&iag=0&icsg=35496&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064339&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.vz35gsm7p82f&fsb=1&xpc=iDeTdVyWr8&p=http%3A//ronaldo.welatpets.xyz&dtd=58
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 17 Sep 2019 23:25:22 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Sep-2019 23:40:21 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Tue, 17 Sep 2019 23:25:22 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8919 0
0 182ms
181ms Document
text/html 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4361649229088462&output=html&h=250&slotname=2763264135&adk=2742236066&adf=2492882279&w=300&lmt=1568749723&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fronaldo.welatpets.xyz%2Fcr7%2Fborusia-barcy.html&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1568762721868&bpp=3&bdt=59&fdt=58&idt=58&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=1133963928503&frm=20&pv=1&ga_vid=2001230215.1568762722&ga_sid=1568762722&ga_hid=1005277740&ga_fc=0&iag=0&icsg=35496&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064339&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=16&bc=23&ifi=3&uci=3.4qtz83k6wvnk&fsb=1&xpc=qTQhtuWN7n&p=http%3A//ronaldo.welatpets.xyz&dtd=60

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4361649229088462&output=html&h=250&slotname=2763264135&adk=2742236066&adf=2492882279&w=300&lmt=1568749723&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fronaldo.welatpets.xyz%2Fcr7%2Fborusia-barcy.html&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1568762721868&bpp=3&bdt=59&fdt=58&idt=58&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=1133963928503&frm=20&pv=1&ga_vid=2001230215.1568762722&ga_sid=1568762722&ga_hid=1005277740&ga_fc=0&iag=0&icsg=35496&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064339&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=16&bc=23&ifi=3&uci=3.4qtz83k6wvnk&fsb=1&xpc=qTQhtuWN7n&p=http%3A//ronaldo.welatpets.xyz&dtd=60
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 17 Sep 2019 23:25:22 GMT
server: cafe
content-length: 200
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Sep-2019 23:40:21 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Tue, 17 Sep 2019 23:25:22 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 526B 0
0 16ms
15ms Document
text/html 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4361649229088462&output=html&adk=1812271804&adf=3025194257&lmt=1568749723&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fronaldo.welatpets.xyz%2Fcr7%2Fborusia-barcy.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1568762721871&bpp=3&bdt=62&fdt=61&idt=61&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C300x250&nras=1&correlator=1133963928503&frm=20&pv=1&ga_vid=2001230215.1568762722&ga_sid=1568762722&ga_hid=1005277740&ga_fc=0&iag=0&icsg=35496&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064339&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=3.lllkk56o0vq7&fsb=1&dtd=64

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4361649229088462&output=html&adk=1812271804&adf=3025194257&lmt=1568749723&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fronaldo.welatpets.xyz%2Fcr7%2Fborusia-barcy.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1568762721871&bpp=3&bdt=62&fdt=61&idt=61&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C300x250&nras=1&correlator=1133963928503&frm=20&pv=1&ga_vid=2001230215.1568762722&ga_sid=1568762722&ga_hid=1005277740&ga_fc=0&iag=0&icsg=35496&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064339&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=3.lllkk56o0vq7&fsb=1&dtd=64
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://ronaldo.welatpets.xyz/cr7/borusia-barcy.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 17 Sep 2019 23:25:21 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Sep-2019 23:40:21 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Tue, 17 Sep 2019 23:25:21 GMT
cache-control: private

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ronaldo.welatpets.xyz/	1970-01-19 12:31:38	Name: HstCmu4256504 Value: 1568762721880
.dailydeports.pw/	1970-01-19 12:31:38	Name: __cfduid Value: d82db7f353100a2b146118f9ae6504dd61568762722
ufpcdn.com/	1969-12-31 23:59:59	Name: adcashufpv3 Value: 21052940381861782647128834933
ronaldo.welatpets.xyz/	1970-01-19 12:31:38	Name: HstCns4256504 Value: 1
ronaldo.welatpets.xyz/	1970-01-19 12:31:38	Name: HstCnv4256504 Value: 1
.revrtb.com/	1970-01-19 12:31:38	Name: __cfduid Value: d4a586b2ff53d70a6cae87465cf7cc0ce1568762722
.doubleclick.net/	1970-01-19 03:46:03	Name: test_cookie Value: CheckForPermission
ronaldo.welatpets.xyz/	1970-01-19 12:31:38	Name: HstPt4256504 Value: 1
ronaldo.welatpets.xyz/	1970-01-19 12:31:38	Name: HstCla4256504 Value: 1568762721880
ronaldo.welatpets.xyz/	1970-01-19 12:31:38	Name: HstPn4256504 Value: 1
.ufpcdn.com/	1970-01-19 12:31:38	Name: __cfduid Value: de5460eaa27e2074260dad4aab0bf450e1568762722
ronaldo.welatpets.xyz/	1970-01-19 12:31:38	Name: HstCfa4256504 Value: 1568762721880

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
nowlive.pro
pagead2.googlesyndication.com
ronaldo.welatpets.xyz
s10.histats.com
s4.histats.com
www.googletagservices.com
158.69.252.241
193.124.183.237
198.54.126.143
2a00:1450:4001:815::2002
2a00:1450:4001:819::2001
2a00:1450:4001:81e::2002
46.105.201.240
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
31689f8d6eb1b3893de316c482b745b5fc7f0ee5408f7e86ec0e20c320e6b1c4
4e9df74a2654e54242ac36f10826cba1261c1f9152da9ff7504b2248c42463ad
a5ed9f7eb51bfb3393473922d3623d26bea2052fe753697d2c1ff60612648fd2
c2ff48bcbf9eadb11a5db2905263a74dfce1f4d3067910bfa74c4284a2ee7055
df9e26f579acc77338a92c59151b5f853ec9805e50e22c7db336c9292c0a47de
ea6dec8a911924c0098fa147b9c983693d079299d19a9e89ee23a913e6f352e0

ronaldo.welatpets.xyz Open in urlscan Pro 198.54.126.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

75 %HTTPS

43 %IPv6

9 Domains

10 Subdomains

7 IPs

5 Countries

233 kBTransfer

624 kBSize

12 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

12 Cookies

Indicators

ronaldo.welatpets.xyz Open in urlscan Pro
198.54.126.143 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

75 %
HTTPS

43 %
IPv6

9
Domains

10
Subdomains

7
IPs

5
Countries

233 kB
Transfer

624 kB
Size

12
Cookies

16 HTTP transactions
0 data transactions