mrbolero.com Open in urlscan Pro
216.218.206.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mrbolero.com/
Effective URL:
https://mrbolero.com/
Submission: On March 11 via manual (March 11th 2021, 1:10:49 pm UTC) from US

Summary HTTP 109 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 36 domains to perform 109 HTTP transactions. The main IP is 216.218.206.41, located in Cazadero, United States and belongs to HURRICANE, US. The main domain is mrbolero.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 2nd 2021. Valid for: 3 months.

This is the only time mrbolero.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	216.218.206.41 216.218.206.41	6939 (HURRICANE) (HURRICANE)
9	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
12 12	185.59.220.198 185.59.220.198	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
18	172.67.39.17 172.67.39.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:33f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4 14	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	208.100.17.187 208.100.17.187	32748 (STEADFAST) (STEADFAST)
2 5	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
4 4	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
1	208.100.17.176 208.100.17.176	32748 (STEADFAST) (STEADFAST)
1 1	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	54.194.137.128 54.194.137.128	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	52.28.239.147 52.28.239.147	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
5 5	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	88.214.193.83 88.214.193.83	46636 (NATCOWEB) (NATCOWEB)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	52.46.130.13 52.46.130.13	16509 (AMAZON-02) (AMAZON-02)
1	52.16.108.17 52.16.108.17	16509 (AMAZON-02) (AMAZON-02)
1	135.125.8.70 135.125.8.70	16276 (OVH) (OVH)
1	63.251.232.170 63.251.232.170	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 3	23.5.100.175 23.5.100.175	16625 (AKAMAI-AS) (AKAMAI-AS)
1 13	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
109	35

20 216.218.206.41 (Cazadero, United States) 1 redirects

ASN6939 (HURRICANE, US)
PTR: fmt13.web.com.ph

mrbolero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.59.220.198 (Frankfurt am Main, Germany) 12 redirects

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-198.datapacket.com

cdn.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.67.39.17 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:33f5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.powr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.187 (United States)

ASN32748 (STEADFAST, US)
PTR: ip187.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.20.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.36 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.151 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.176 (United States)

ASN32748 (STEADFAST, US)
PTR: ip176.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.137.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-137-128.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.239.147 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-239-147.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.79 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.193.83 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.13 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.108.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-108-17.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.8.70 (France)

ASN16276 (OVH, FR)
PTR: ns3184584.ip-135-125-8.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-mon-1.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.5.100.175 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-100-175.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	427 KB
20	mrbolero.com 1 redirects mrbolero.com	17 MB
18	infolinks.com resources.infolinks.com router.infolinks.com	275 KB
12	doubleclick.net 4 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	53 KB
12	shortpixel.ai 12 redirects cdn.shortpixel.ai	8 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com	256 KB
9	pubmatic.com 9 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	6 KB
5	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	6 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	3 KB
4	adnxs.com 4 redirects ib.adnxs.com	4 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	googletagservices.com www.googletagservices.com	95 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	928 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	674 B
2	google.de adservice.google.de	2 KB
2	google-analytics.com ssl.google-analytics.com	18 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	adgrx.com cm.adgrx.com	408 B
1	dyntrk.com gu.dyntrk.com	215 B
1	adsrvr.org match.adsrvr.org	265 B
1	rfihub.com 1 redirects p.rfihub.com	751 B
1	ck-ie.com 1 redirects us.ck-ie.com	482 B
1	adkernel.com dsp.adkernel.com	233 B
1	cpx.to s.cpx.to	945 B
1	sonobi.com sync.go.sonobi.com	478 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	33across.com ssc-cms.33across.com	72 B
1	1rx.io 1 redirects sync.1rx.io	313 B
1	onetag-sys.com onetag-sys.com	818 B
1	tynt.com de.tynt.com	289 B
1	googleadservices.com partner.googleadservices.com	642 B
1	powr.io www.powr.io	5 KB
109	36

	Domain	Requested by
20	mrbolero.com	1 redirects mrbolero.com
15	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
13	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	cdn.shortpixel.ai	12 redirects
9	pagead2.googlesyndication.com	mrbolero.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	image8.pubmatic.com	5 redirects
4	cm.g.doubleclick.net	4 redirects
4	ib.adnxs.com	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
3	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	resources.infolinks.com	mrbolero.com resources.infolinks.com
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	sync.search.spotxchange.com	2 redirects
2	image4.pubmatic.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	ap.lijit.com	2 redirects
2	pixel.advertising.com	2 redirects
2	eus.rubiconproject.com	router.infolinks.com eus.rubiconproject.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	ssl.google-analytics.com	mrbolero.com
2	fonts.googleapis.com	mrbolero.com googleads.g.doubleclick.net
1	token.rubiconproject.com	eus.rubiconproject.com
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	gu.dyntrk.com	ssum-sec.casalemedia.com
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	us.ck-ie.com	1 redirects
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	ssc-cms.33across.com	router.infolinks.com
1	sync.1rx.io	1 redirects
1	onetag-sys.com	router.infolinks.com
1	de.tynt.com	router.infolinks.com
1	secure-assets.rubiconproject.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.powr.io	mrbolero.com
109	50

This site contains links to these domains. Also see Links.

Domain
arrowup.media
webdeveloper.com.ph
toandfrodigitalmarketing.com
topseophilippines.com

Subject Issuer	Validity	Valid
mrbolero.com ZeroSSL RSA Domain Secure Site CA	`2021-03-02` - `2021-05-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
gu.dyntrk.com R3	`2021-02-09` - `2021-05-10`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://mrbolero.com/
Frame ID: 4B54025E51C0EBB204CD767E6D4DB651
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html
Frame ID: 264418FAE5B78920D314A71896EDCA7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5146006997767796&output=html&adk=1812271804&adf=1573534164&lmt=1615468221&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrbolero.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615468221289&bpp=16&bdt=562&idt=106&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4450049278369&frm=20&pv=2&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=126
Frame ID: D780CB0A9F7554008020788DB0ABEEFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5146006997767796&output=html&h=280&slotname=2137049825&adk=2848357274&adf=3025194257&pi=t.ma~as.2137049825&w=1200&fwrn=4&fwrnh=100&lmt=1615468221&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmrbolero.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615468221305&bpp=12&bdt=579&idt=120&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4450049278369&frm=20&pv=1&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JKeImSNCRd&p=https%3A//mrbolero.com&dtd=132
Frame ID: 896393146FD91065CB2C0B46E514D90E
Requests: 20 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Frame ID: 89A3FEB81E5863B3042DB1241A597EA2
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5146006997767796&output=html&h=280&adk=2233788718&adf=2931138512&pi=t.aa~a.947749546~rp.3&w=370&fwrn=4&fwrnh=100&lmt=1615468221&rafmt=1&to=qs&pwprc=2494984760&psa=0&format=370x280&url=https%3A%2F%2Fmrbolero.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615468221596&bpp=1&bdt=869&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8f0ef1da208004a-223505e8beba008d%3AT%3D1615468221%3ART%3D1615468221%3AS%3DALNI_MaT94L1iGVyeoVIgLhQ3EQHwEcUmA&prev_fmts=0x0%2C1200x280&nras=2&correlator=4450049278369&frm=20&pv=1&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=klIML573VR&p=https%3A//mrbolero.com&dtd=13
Frame ID: 01A343E29C6D80971D0D9DD3BDB6F541
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Frame ID: 5D50D1A006C2F417801575F94BE8D6C6
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: DCD106970DE7BC69E796429603B26719
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Frame ID: 961210AACB505E3575E9D18AEFF683E4
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 940E7A839D07E6EEA5A747376E7431DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0EFB41C9B4DDF5F95B89357A6BB1B65C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js
Frame ID: EB68D611C31B5B4CFC3B2BD82709997A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js
Frame ID: B96FC9988690317F3345A8050779DC53
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: E4CAEE54F4CFE2EF8E17BE4F00F7B8DD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mrbolero.com/ HTTP 301
https://mrbolero.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

109
Requests

100 %
HTTPS

34 %
IPv6

36
Domains

50
Subdomains

35
IPs

6
Countries

18909 kB
Transfer

20631 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://arrowup.media/
Title: Website Designer in Philippines

Search URL Search Domain Scan URL

URL: http://webdeveloper.com.ph/
Title: Web Developer in Philippines

Search URL Search Domain Scan URL

URL: http://toandfrodigitalmarketing.com/
Title: To and Fro Digital

Search URL Search Domain Scan URL

URL: http://topseophilippines.com/
Title: Top SEO Philippines

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mrbolero.com/ HTTP 301
https://mrbolero.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_273,h_129/https://mrbolero.com/wp-content/uploads/2015/06/cropped-logo.png HTTP 302
https://mrbolero.com/wp-content/uploads/2015/06/cropped-logo.png

Request Chain 4

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/03/motivation.jpg HTTP 302
https://mrbolero.com/wp-content/uploads/2021/03/motivation.jpg

Request Chain 5

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/03/mrbolero.jpg HTTP 302
https://mrbolero.com/wp-content/uploads/2021/03/mrbolero.jpg

Request Chain 6

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/02/Reklamador.jpg HTTP 302
https://mrbolero.com/wp-content/uploads/2021/02/Reklamador.jpg

Request Chain 7

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/02/mrbolero-2.jpg HTTP 302
https://mrbolero.com/wp-content/uploads/2021/02/mrbolero-2.jpg

Request Chain 8

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/02/Untitled-1-1.jpg HTTP 302
https://mrbolero.com/wp-content/uploads/2021/02/Untitled-1-1.jpg

Request Chain 9

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/02/mrbolero-1.jpg HTTP 302
https://mrbolero.com/wp-content/uploads/2021/02/mrbolero-1.jpg

Request Chain 10

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/01/11_20201231_235656_0010.png HTTP 302
https://mrbolero.com/wp-content/uploads/2021/01/11_20201231_235656_0010.png

Request Chain 11

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/01/9_20201231_235656_0008.png HTTP 302
https://mrbolero.com/wp-content/uploads/2021/01/9_20201231_235656_0008.png

Request Chain 40

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_273,h_129/https://mrbolero.com/wp-content/uploads/2015/06/cropped-logo.png HTTP 302
https://mrbolero.com/wp-content/uploads/2015/06/cropped-logo.png

Request Chain 41

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east

Request Chain 43

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1

Request Chain 45

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=7492956257855341845

Request Chain 46

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT

Request Chain 48

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 50

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fmrbolero.com%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fmrbolero.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fmrbolero.com%2F&pid=12306&adnxs_uid=7492956257855341845

Request Chain 52

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP228d506b-826b-11eb-a418-06fe47841808 HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP228d506b-826b-11eb-a418-06fe47841808&verify=true HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-0eKdU7BE2uGdJkd26_L2fB7wQDyBVezc~A~UP228d506b-826b-11eb-a418-06fe47841808

Request Chain 53

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=3d3509f180698c9e6c6890bd

Request Chain 54

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUMwQjk0QUUtMjI1OS00NTNBLUEwRjQtRTI5Q0YyMzRBQUE5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DA922C116-6AE9-40B1-9112-815FDC0426C9 HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=A922C116-6AE9-40B1-9112-815FDC0426C9

Request Chain 55

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTkyMkMxMTYtNkFFOS00MEIxLTkxMTItODE1RkRDMDQyNkM5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DA922C116-6AE9-40B1-9112-815FDC0426C9 HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=A922C116-6AE9-40B1-9112-815FDC0426C9

Request Chain 56

https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D HTTP 302
https://router.infolinks.com/dyn/bizzc-usync?uid=73fe3d144799391071d615943c2e4b051891c1a5b7bd82bceb0636e9d3589f96

Request Chain 58

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=1871878968265736413

Request Chain 59

https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=22b2015a-826b-11eb-b2eb-1fe3cd8f0d06 HTTP 302
https://router.infolinks.com/dyn/sx-usync?uid=22b2011d-826b-11eb-b2eb-1fe3cd8f0d06

Request Chain 60

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-I9DX9sJE2uGf2izY_1ZVM_.9AkIupLHC9fC9F5Y-~A

Request Chain 61

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEoWvc4AL0_D8rqceeGr8AAABLwAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEoWvc4AL0_D8rqceeGr8AAABLwAAAAB&dcc=t

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEoWvc4AL0_D8rqceeGr8AAABLwAAAAB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEN2CqSBU_KB0OWsaWhmhcz8&google_cver=1

Request Chain 64

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEoWvc4AL0-D8rqceeGr8AAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKrPn-hVUh4dUyASqzj9Isw&google_cver=1

Request Chain 68

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6687546211214779942&uid=Q6687546211214779942&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 95

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrq5yjRxCwCRiwCTIIFDZR_jqtCm4 HTTP 301
https://tpc.googlesyndication.com/simgad/9179879348336548343

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 103

https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://mrbolero.com/wp-content/uploads/2021/03/motivation.jpg HTTP 302
https://mrbolero.com/wp-content/uploads/2021/03/motivation.jpg

Request Chain 109

https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://mrbolero.com/wp-content/uploads/2021/03/mrbolero.jpg HTTP 302
https://mrbolero.com/wp-content/uploads/2021/03/mrbolero.jpg

109 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
mrbolero.com/
Redirect Chain

http://mrbolero.com/
https://mrbolero.com/

32 KB
8 KB

595ms
267ms

Document
text/html

216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache / PHP/7.0.33
Resource Hash: fc21f047074fc0a4f4a7482f9ccdbecebbc1112df213b88c90d797914d9bfd6b

Request headers

Host: mrbolero.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:19 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Link: <https://mrbolero.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7790
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 11 Mar 2021 13:10:19 GMT
Server: Apache
Location: https://mrbolero.com/
Content-Length: 229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK autoptimize_3019c1e5df1ed3cd221e852201ef5e38.css
mrbolero.com/wp-content/cache/autoptimize/css/ 285 KB
46 KB 173ms
172ms Stylesheet
text/css 216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbolero.com/wp-content/cache/autoptimize/css/autoptimize_3019c1e5df1ed3cd221e852201ef5e38.css
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: 48dc37b61627ba85435eca07a34dc20d1646fb6a91e434fc465fe3d7c10cbc24

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Nov 2019 08:17:39 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=10672000, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 46574
Expires: Tue, 01 Mar 2022 13:10:20 GMT

GET
H/1.1 200
OK autoptimize_b6fd9ec333120ec9786fbfb172de1531.css
mrbolero.com/wp-content/cache/autoptimize/css/ 2 KB
941 B 451ms
152ms Stylesheet
text/css 216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbolero.com/wp-content/cache/autoptimize/css/autoptimize_b6fd9ec333120ec9786fbfb172de1531.css
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: a93f23781522203e27310db503a8f2af1a52015419fda8c960b82c90471239d8

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:20 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Aug 2019 06:37:34 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=10672000, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 563
Expires: Tue, 01 Mar 2022 13:10:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mrbolero.com
URL: https://mrbolero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a1088330e7e3f920ad6aacb74d21355d223a195bbf72dee3ed3bddc1a7f8708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49988
x-xss-protection: 0
server: cafe
etag: 3674309925980533368
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 13:10:21 GMT

GET
H/1.1

200
OK

cropped-logo.png
mrbolero.com/wp-content/uploads/2015/06/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_273,h_129/https://mrbolero.com/wp-content/uploads/2015/06/cropped-logo.png
https://mrbolero.com/wp-content/uploads/2015/06/cropped-logo.png

27 KB
28 KB

227ms
164ms

Image
image/png

216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbolero.com/wp-content/uploads/2015/06/cropped-logo.png
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: 5024e180ccfe0422a85a14189f1ac8e912e89d019b445f835a7f8ed079d19dff

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:20 GMT
Last-Modified: Sat, 17 Aug 2019 06:25:06 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 27936

Redirect headers

date: Thu, 11 Mar 2021 13:10:21 GMT
cdn-edgestorageid: 601, 601
access-control-allow-origin: *
x-tag: Domain:mrbolero.com
cdn-cachedat: 2021-03-10 20:28:36
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Fri, 09 Apr 2021 19:28:36 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://mrbolero.com/wp-content/uploads/2015/06/cropped-logo.png
content-type: text/html; charset=UTF-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000, s-maxage=2592000
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: fa028607c5f3b7ed523ea03e5a512098
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

motivation.jpg
mrbolero.com/wp-content/uploads/2021/03/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/03/motivation.jpg
https://mrbolero.com/wp-content/uploads/2021/03/motivation.jpg

4 MB
4 MB

385ms
169ms

Image
image/jpeg

216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbolero.com/wp-content/uploads/2021/03/motivation.jpg
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: fe951a5f89a4e8f2dd900d7d6ae48ca8f0ba71717c63fe08e216d12d09663658

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:20 GMT
Last-Modified: Tue, 02 Mar 2021 07:33:55 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3800005

Redirect headers

date: Thu, 11 Mar 2021 13:10:21 GMT
cdn-edgestorageid: 632
access-control-allow-origin: *
x-tag: Domain:mrbolero.com
cdn-cachedat: 2021-03-11 07:07:33
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sat, 10 Apr 2021 06:07:33 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://mrbolero.com/wp-content/uploads/2021/03/motivation.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000, s-maxage=2592000
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 5f247053d67fc002ce195864c4721fc2
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

mrbolero.jpg
mrbolero.com/wp-content/uploads/2021/03/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/03/mrbolero.jpg
https://mrbolero.com/wp-content/uploads/2021/03/mrbolero.jpg

3 MB
3 MB

387ms
166ms

Image
image/jpeg

216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbolero.com/wp-content/uploads/2021/03/mrbolero.jpg
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: f77ee50083337581d2b7ba4990d5e3e635b7faf9b72c3b24f69fd31dea9b91b2

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:20 GMT
Last-Modified: Tue, 02 Mar 2021 07:17:58 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2621648

Redirect headers

date: Thu, 11 Mar 2021 13:10:21 GMT
cdn-edgestorageid: 565
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:mrbolero.com
cdn-cachedat: 2021-03-06 07:38:54
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://mrbolero.com/wp-content/uploads/2021/03/mrbolero.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=604800
cdn-requestid: b6c8b2edf177de24d4e439aac981d6a8
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

Reklamador.jpg
mrbolero.com/wp-content/uploads/2021/02/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/02/Reklamador.jpg
https://mrbolero.com/wp-content/uploads/2021/02/Reklamador.jpg

559 KB
560 KB

387ms
161ms

Image
image/jpeg

216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbolero.com/wp-content/uploads/2021/02/Reklamador.jpg
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: 80a72807bdbb472d329c117e85b6246c209a57ee114d4afae932e69add6e9906

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:20 GMT
Last-Modified: Sun, 21 Feb 2021 09:02:20 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 572813

Redirect headers

date: Thu, 11 Mar 2021 13:10:21 GMT
cdn-edgestorageid: 632
access-control-allow-origin: *
x-tag: Domain:mrbolero.com
cdn-cachedat: 2021-03-11 07:07:33
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sat, 10 Apr 2021 06:07:33 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://mrbolero.com/wp-content/uploads/2021/02/Reklamador.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000, s-maxage=2592000
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 3fe4130b393cc8c27bf0874dc31d1f72
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

mrbolero-2.jpg
mrbolero.com/wp-content/uploads/2021/02/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/02/mrbolero-2.jpg
https://mrbolero.com/wp-content/uploads/2021/02/mrbolero-2.jpg

4 MB
4 MB

463ms
160ms

Image
image/jpeg

216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbolero.com/wp-content/uploads/2021/02/mrbolero-2.jpg
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: 71f5bf0ce5c378dfce79a39542327134bbe9adaa8e4659523a8609f6f3e672a0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:20 GMT
Last-Modified: Fri, 19 Feb 2021 08:42:40 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3796008

Redirect headers

date: Thu, 11 Mar 2021 13:10:21 GMT
cdn-edgestorageid: 601
access-control-allow-origin: *
x-tag: Domain:mrbolero.com
cdn-cachedat: 2021-03-11 07:07:33
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sat, 10 Apr 2021 06:07:33 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://mrbolero.com/wp-content/uploads/2021/02/mrbolero-2.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000, s-maxage=2592000
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: ccff70228a0bfaeff2dea262d026dc1a
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

Untitled-1-1.jpg
mrbolero.com/wp-content/uploads/2021/02/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/02/Untitled-1-1.jpg
https://mrbolero.com/wp-content/uploads/2021/02/Untitled-1-1.jpg

89 KB
89 KB

618ms
151ms

Image
image/jpeg

216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbolero.com/wp-content/uploads/2021/02/Untitled-1-1.jpg
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: f3c616e513437ad416e69278ed9100bdac86d11cb393a28960f522c731a5ac4f

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:21 GMT
Last-Modified: Thu, 18 Feb 2021 06:56:51 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 91061

Redirect headers

date: Thu, 11 Mar 2021 13:10:21 GMT
cdn-edgestorageid: 722
access-control-allow-origin: *
x-tag: Domain:mrbolero.com
cdn-cachedat: 2021-02-26 18:02:27
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sun, 28 Mar 2021 17:02:27 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://mrbolero.com/wp-content/uploads/2021/02/Untitled-1-1.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000, s-maxage=2592000
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: bbd971ebac53fedabc57908738c3aa3c
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

mrbolero-1.jpg
mrbolero.com/wp-content/uploads/2021/02/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/02/mrbolero-1.jpg
https://mrbolero.com/wp-content/uploads/2021/02/mrbolero-1.jpg

376 KB
377 KB

884ms
154ms

Image
image/jpeg

216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbolero.com/wp-content/uploads/2021/02/mrbolero-1.jpg
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: 332ab1b19a0d708b20172010c2122540f4839a737648b34da9a169130a1fef23

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:21 GMT
Last-Modified: Mon, 15 Feb 2021 09:00:50 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 385492

Redirect headers

date: Thu, 11 Mar 2021 13:10:21 GMT
cdn-edgestorageid: 565
access-control-allow-origin: *
x-tag: Domain:mrbolero.com
cdn-cachedat: 2021-03-11 07:07:35
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sat, 10 Apr 2021 06:07:35 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://mrbolero.com/wp-content/uploads/2021/02/mrbolero-1.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000, s-maxage=2592000
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 32e5dcf32ad540501ca652a9ea8e6235
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

11_20201231_235656_0010.png
mrbolero.com/wp-content/uploads/2021/01/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/01/11_20201231_235656_0010.png
https://mrbolero.com/wp-content/uploads/2021/01/11_20201231_235656_0010.png

156 KB
156 KB

623ms
160ms

Image
image/png

216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbolero.com/wp-content/uploads/2021/01/11_20201231_235656_0010.png
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: fd084029a7c67c037b2d124747a99847a69d22c09513509d63d0a20d7d31bfe3

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:21 GMT
Last-Modified: Sat, 02 Jan 2021 15:40:14 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 159864

Redirect headers

date: Thu, 11 Mar 2021 13:10:21 GMT
cdn-edgestorageid: 601
access-control-allow-origin: *
x-tag: Domain:mrbolero.com
cdn-cachedat: 2021-03-11 07:07:33
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sat, 10 Apr 2021 06:07:33 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://mrbolero.com/wp-content/uploads/2021/01/11_20201231_235656_0010.png
content-type: text/html; charset=UTF-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000, s-maxage=2592000
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: b56200ab114ac1535c2a33efa3ff3b37
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

9_20201231_235656_0008.png
mrbolero.com/wp-content/uploads/2021/01/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://mrbolero.com/wp-content/uploads/2021/01/9_20201231_235656_0008.png
https://mrbolero.com/wp-content/uploads/2021/01/9_20201231_235656_0008.png

68 KB
69 KB

1179ms
154ms

Image
image/png

216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbolero.com/wp-content/uploads/2021/01/9_20201231_235656_0008.png
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: 7f3ac0a3694c1e244b7c3b8e0634a2d07d0b5d3e10dcc235dbfb98b305cac9e8

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:21 GMT
Last-Modified: Sat, 02 Jan 2021 15:30:07 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 70090

Redirect headers

date: Thu, 11 Mar 2021 13:10:21 GMT
cdn-edgestorageid: 632
access-control-allow-origin: *
x-tag: Domain:mrbolero.com
cdn-cachedat: 2021-03-11 07:07:33
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sat, 10 Apr 2021 06:07:33 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://mrbolero.com/wp-content/uploads/2021/01/9_20201231_235656_0008.png
content-type: text/html; charset=UTF-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000, s-maxage=2592000
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 56275ef871d069583178b1f87c0f08d2
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 208ms
172ms Script
application/javascript 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js?pid=125471&wsid=25
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcb9a281c6fe094fb17a7ec2c3a5bc274de05f115579a326d3cad001f48289ea

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 62e505bdedb3ee2f-CDG
date: Thu, 11 Mar 2021 13:10:21 GMT
via: 1.1 google
cf-cache-status: EXPIRED
last-modified: Thu, 11 Mar 2021 11:58:35 GMT
server: cloudflare
etag: W/"b55-5bd4180cecece"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
cf-request-id: 08c301eab00000ee2f283ca000000001
expires: Thu, 11 Mar 2021 14:10:21 GMT

GET
H/1.1 200
OK lazysizes.min.js Show response
mrbolero.com/wp-content/plugins/autoptimize/classes/external/js/ 9 KB
4 KB 156ms
154ms Script
application/javascript 216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbolero.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.7.7
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: 8b88ddfa92e4cb2646d5c7e19274939caa3495dcb33c307f1bbaec31b1d9691a

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Sep 2020 01:09:13 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3961

GET
H/1.1 200
OK autoptimize_71176211e6ce7b42f0235e43ecdc1025.js Show response
mrbolero.com/wp-content/cache/autoptimize/js/ 199 KB
59 KB 170ms
169ms Script
application/javascript 216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbolero.com/wp-content/cache/autoptimize/js/autoptimize_71176211e6ce7b42f0235e43ecdc1025.js
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: f2f56ce59719ea1eca35c21520f4839c7e8ecde0af1853fbe81876d76b12d1b2

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:20 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Aug 2019 06:38:36 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=10672000, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Tue, 01 Mar 2022 13:10:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
987 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Playfair+Display:400,400i,700,700i,900,900i

Requested by

Host: mrbolero.com
URL: https://mrbolero.com/wp-content/cache/autoptimize/css/autoptimize_3019c1e5df1ed3cd221e852201ef5e38.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1effe78205a311ca864e91fe49adbadf8a1bd754f5e6f2f820338b1010cebd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 13:10:21 GMT
server: ESF
date: Thu, 11 Mar 2021 13:10:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 13:10:21 GMT

GET
H2 200 powr.js Show response
www.powr.io/ 13 KB
5 KB 41ms
20ms Script
application/javascript 2606:4700:10::6816:33f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powr.io/powr.js

Requested by

Host: mrbolero.com
URL: https://mrbolero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:33f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55fd32bd9c4920dab9f82daa7d0f73deef8686043874699d7cb5fabf014bf00d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:10:21 GMT
via: 1.1 vegur
cf-cache-status: HIT
age: 16466
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-request-id: 08c301eb500000bef6dc898000000001
last-modified: Wed, 10 Mar 2021 04:52:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: max-age=604800, public
cf-ray: 62e505bee8e1bef6-FRA
expires: Fri, 11 Mar 2022 08:32:52 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
mrbolero.com/wp-includes/js/ 14 KB
5 KB 583ms
169ms Script
application/javascript 216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbolero.com/wp-includes/js/wp-emoji-release.min.js?ver=5.2.9
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:20 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Aug 2019 06:05:39 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4622

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: mrbolero.com
URL: https://mrbolero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5331
date: Thu, 11 Mar 2021 11:41:30 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 11 Mar 2021 13:41:30 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Playfair+Display:400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mrbolero.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:06:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 32627
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 11 Mar 2022 04:06:34 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
23 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Playfair+Display:400,400i,700,700i,900,900i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mrbolero.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:16:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 53661
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Thu, 10 Mar 2022 22:16:00 GMT

GET
H3-Q050 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 44 KB
44 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v22/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Playfair+Display:400,400i,700,700i,900,900i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mrbolero.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 15:06:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:29:37 GMT
server: sffe
age: 511443
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
expires: Sat, 05 Mar 2022 15:06:18 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
mrbolero.com/wp-content/themes/pinwheel/fonts/ 75 KB
76 KB 289ms
157ms Font
font/woff2 216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbolero.com/wp-content/themes/pinwheel/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/wp-content/cache/autoptimize/css/autoptimize_3019c1e5df1ed3cd221e852201ef5e38.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://mrbolero.com
Referer: https://mrbolero.com/wp-content/cache/autoptimize/css/autoptimize_3019c1e5df1ed3cd221e852201ef5e38.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:20 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Aug 2019 06:18:39 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: font/woff2
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/ 225 KB
85 KB 75ms
62ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5146006997767796&plah=mrbolero.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86491
x-xss-protection: 0
server: cafe
etag: 16470564300944896599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 13:10:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/ Frame 2644 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210309/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrbolero.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mrbolero.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 10 Mar 2021 23:47:12 GMT
expires: Wed, 24 Mar 2021 23:47:12 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 48189
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1739.003-3.012/ 587 KB
188 KB 44ms
35ms Script
application/javascript 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5e539ca0a2534c7bef21ec6b3fd67d87edfb8ef96b5564be9d88f84cbf22963

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 62e505bf58d4ee2f-CDG
date: Thu, 11 Mar 2021 13:10:21 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 17:54:06 GMT
server: cloudflare
age: 6822
etag: W/"92b3b-5bd325a6ca9aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
cf-request-id: 08c301eb990000ee2fff13f000000001
expires: Sat, 10 Apr 2021 11:16:38 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
378 B 35ms
21ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1172117422&utmhn=mrbolero.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mr.%20Bolero%20Quotes%20Collections%20-%20Tagalog%20Love%20Quotes&utmhid=2101806248&utmr=-&utmp=%2F&utmht=1615468221362&utmac=UA-9253640-42&utmcc=__utma%3D14466411.1013866369.1615468221.1615468221.1615468221.1%3B%2B__utmz%3D14466411.1615468221.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1874466903&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: mrbolero.com
URL: https://mrbolero.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
642 B 111ms
56ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mrbolero.com&callback=_gfp_s_&client=ca-pub-5146006997767796

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5146006997767796&plah=mrbolero.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

77d234e22ac7b1fcd3badbefc12917542cc9e09ff7e47425ed2d77e8df714e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 47ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mrbolero.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 13:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 45ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mrbolero.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 13:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D780 24 KB
2 KB 105ms
99ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5146006997767796&output=html&adk=1812271804&adf=1573534164&lmt=1615468221&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrbolero.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615468221289&bpp=16&bdt=562&idt=106&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4450049278369&frm=20&pv=2&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=126

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

752313569a50d95cefc1909f6467a624d9d6394a98b6e032409837476eb9349e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5146006997767796&output=html&adk=1812271804&adf=1573534164&lmt=1615468221&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrbolero.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615468221289&bpp=16&bdt=562&idt=106&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4450049278369&frm=20&pv=2&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=126
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrbolero.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mrbolero.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Mar 2021 13:10:21 GMT
server: cafe
content-length: 2134
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 11-Mar-2021 13:25:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Mar 2021 13:10:21 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 37ms
31ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378846156468"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Thu, 11 Mar 2021 13:10:21 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8963 90 KB
24 KB 499ms
498ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5146006997767796&output=html&h=280&slotname=2137049825&adk=2848357274&adf=3025194257&pi=t.ma~as.2137049825&w=1200&fwrn=4&fwrnh=100&lmt=1615468221&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmrbolero.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615468221305&bpp=12&bdt=579&idt=120&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4450049278369&frm=20&pv=1&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JKeImSNCRd&p=https%3A//mrbolero.com&dtd=132

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

b0a69bdfe2868a67fec349e0070d0ccd794511ec3c3c11a20bc9303d8eb34f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5146006997767796&output=html&h=280&slotname=2137049825&adk=2848357274&adf=3025194257&pi=t.ma~as.2137049825&w=1200&fwrn=4&fwrnh=100&lmt=1615468221&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmrbolero.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615468221305&bpp=12&bdt=579&idt=120&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4450049278369&frm=20&pv=1&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JKeImSNCRd&p=https%3A//mrbolero.com&dtd=132
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrbolero.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mrbolero.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Mar 2021 13:10:21 GMT
server: cafe
content-length: 25048
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 11-Mar-2021 13:25:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Mar 2021 13:10:21 GMT
cache-control: private

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/3.012/ 253 KB
80 KB 33ms
33ms Script
application/javascript 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.012/pbice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 62e505c06b23ee2f-CDG
date: Thu, 11 Mar 2021 13:10:21 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 25 Feb 2021 13:31:34 GMT
server: cloudflare
age: 14168
etag: W/"3f394-5bc292b988e82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
cf-request-id: 08c301ec440000ee2fc90a1000000001
expires: Sat, 10 Apr 2021 09:14:13 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 89A3 9 KB
2 KB 192ms
190ms Document
text/html 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0019faeca67a366c60a543a2bf27e49642951cb86d90d694eb86bd741f30b05

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage?pid=null&wsid=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrbolero.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mrbolero.com/

Response headers

date: Thu, 11 Mar 2021 13:10:21 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d8e86d5d74efd5be376a24419f2f452c51615468221; expires=Sat, 10-Apr-21 13:10:21 GMT; path=/; domain=.infolinks.com; HttpOnly; SameSite=Lax
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 08c301ec5c0000ee2fd8878000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 62e505c09b8cee2f-CDG
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
77 B 121ms
120ms Script
text/plain 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=null&wsid=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:10:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 62e505c09b9dee2f-CDG
content-length: 0
cf-request-id: 08c301ec600000ee2f0e1c4000000001

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 40ms
39ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-5146006997767796&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20210309_093804&sat=1615396587541&afm=0&as_count=1&d_count=0&ng_count=0&am_count=1&atf_count=1&mdns=0.082&alldns=0.164&allp=47&fd=(0%2C7%2C1)%2C(1%2C5%2C5)%2C(2%2C0%2C0)&pgh=3424&su=mrbolero.com&r=0.1

Requested by

Host: mrbolero.com
URL: https://mrbolero.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 44ms
30ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mrbolero.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 13:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 45ms
29ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mrbolero.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 13:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 01A3 55 KB
21 KB 276ms
276ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5146006997767796&output=html&h=280&adk=2233788718&adf=2931138512&pi=t.aa~a.947749546~rp.3&w=370&fwrn=4&fwrnh=100&lmt=1615468221&rafmt=1&to=qs&pwprc=2494984760&psa=0&format=370x280&url=https%3A%2F%2Fmrbolero.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615468221596&bpp=1&bdt=869&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8f0ef1da208004a-223505e8beba008d%3AT%3D1615468221%3ART%3D1615468221%3AS%3DALNI_MaT94L1iGVyeoVIgLhQ3EQHwEcUmA&prev_fmts=0x0%2C1200x280&nras=2&correlator=4450049278369&frm=20&pv=1&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=klIML573VR&p=https%3A//mrbolero.com&dtd=13

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0a92c7786e644216cdbe37a7d8c53fded98b1b5a1bce3c635ef57c942196c388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5146006997767796&output=html&h=280&adk=2233788718&adf=2931138512&pi=t.aa~a.947749546~rp.3&w=370&fwrn=4&fwrnh=100&lmt=1615468221&rafmt=1&to=qs&pwprc=2494984760&psa=0&format=370x280&url=https%3A%2F%2Fmrbolero.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615468221596&bpp=1&bdt=869&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8f0ef1da208004a-223505e8beba008d%3AT%3D1615468221%3ART%3D1615468221%3AS%3DALNI_MaT94L1iGVyeoVIgLhQ3EQHwEcUmA&prev_fmts=0x0%2C1200x280&nras=2&correlator=4450049278369&frm=20&pv=1&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=klIML573VR&p=https%3A//mrbolero.com&dtd=13
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrbolero.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mrbolero.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Mar 2021 13:10:21 GMT
server: cafe
content-length: 21069
x-xss-protection: 0
set-cookie: IDE=AHWqTUlUOFFuS1bPC8-EReBNUAKiGLSkPQn7TYElDvO9Cnvq6JuV91jeI9nQDT9V48Q; expires=Tue, 05-Apr-2022 13:10:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Mar 2021 13:10:21 GMT
cache-control: private

GET
H/1.1

200
OK

cropped-logo.png
mrbolero.com/wp-content/uploads/2015/06/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_273,h_129/https://mrbolero.com/wp-content/uploads/2015/06/cropped-logo.png
https://mrbolero.com/wp-content/uploads/2015/06/cropped-logo.png

27 KB
28 KB

905ms
163ms

Image
image/png

216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbolero.com/wp-content/uploads/2015/06/cropped-logo.png
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: 5024e180ccfe0422a85a14189f1ac8e912e89d019b445f835a7f8ed079d19dff

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:21 GMT
Last-Modified: Sat, 17 Aug 2019 06:25:06 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 27936

Redirect headers

date: Thu, 11 Mar 2021 13:10:21 GMT
cdn-edgestorageid: 601
access-control-allow-origin: *
x-tag: Domain:mrbolero.com
cdn-cachedat: 2021-02-28 18:53:44
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Tue, 30 Mar 2021 17:53:44 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://mrbolero.com/wp-content/uploads/2015/06/cropped-logo.png
content-type: text/html; charset=UTF-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000, s-maxage=2592000
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: aefb8e2cf6b25b491393a2170e44f8e9
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5D50
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east

291 B
559 B

75ms
24ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Mar 2021 13:10:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Date: Thu, 11 Mar 2021 13:10:21 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 / Show response
de.tynt.com/deb/ Frame DCD1 75 B
289 B 324ms
108ms Document
text/html 208.100.17.187
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip187.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

cache-control: max-age=86400
expires: Fri, 12 Mar 2021 13:10:21 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Thu, 11 Mar 2021 13:10:20 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 9612
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1

2 KB
3 KB

37ms
37ms

Document
text/html

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ffe32d116e9aab2f7dcb5f39200aadb6c6c1efdb306b5b98746ea62c27801a86

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YEoWvc4AL0-D8rqceeGr8AAA; CMPS=1215
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|45|196|41|73|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1668
Expires: Thu, 11 Mar 2021 13:10:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:21 GMT
Connection: keep-alive
Set-Cookie: CMID=YEoWvc4AL0-D8rqceeGr8AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Mar 2022 13:10:21 GMT CMPS=1215;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 09 Jun 2021 13:10:21 GMT CMPRO=1212;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 09 Jun 2021 13:10:21 GMT CMRUM3=f1604a16bd05a00&1f604a16bd05a00&c4604a16bd05a0&49604a16bd05a00&2d604a16bd05a0&e6604a16bd27600&27604a16bd0b40&29604a16bd05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Mar 2022 13:10:21 GMT CMST=YEoWvWBKFr0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 12 Mar 2021 13:10:21 GMT

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 11 Mar 2021 13:10:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:21 GMT
Connection: keep-alive
Set-Cookie: CMID=YEoWvc4AL0-D8rqceeGr8AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Mar 2022 13:10:21 GMT CMPS=1215;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 09 Jun 2021 13:10:21 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 940E 2 KB
818 B 25ms
24ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=598ce3ddaee8c90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 89A3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=7492956257855341845

35 B
213 B

118ms
118ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=7492956257855341845
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e505c29fe7ee2f-CDG
content-length: 35
cf-request-id: 08c301eda10000ee2f200e6000000001
expires: Wed, 11 Mar 2020 12:10:21 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:21 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.48:80
AN-X-Request-Uuid: de8c0c07-aea6-456f-9314-6add1cab5c2b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=7492956257855341845
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 89A3
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT

35 B
379 B

132ms
131ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e505c27fb3ee2f-CDG
content-length: 35
cf-request-id: 08c301ed8f0000ee2fff168000000001
expires: Wed, 11 Mar 2020 12:10:21 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:21 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 89A3 0
72 B 324ms
106ms Image
text/plain 208.100.17.176
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.176 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip176.208-100-17.static.steadfastdns.net
Software: 33XP002 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-33x-status: 2000208
date: Thu, 11 Mar 2021 13:10:21 GMT
server: 33XP002

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 89A3
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
229 B

119ms
119ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e505c47bbaee2f-CDG
content-length: 35
cf-request-id: 08c301eecc0000ee2fb5bf0000000001
expires: Wed, 11 Mar 2020 12:10:22 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 89A3 0
478 B 116ms
27ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:21 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 89A3
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fmrbolero.com%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fmrbolero.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fmrbolero.com%2F&pid=12306&adnxs_uid=7492956257855341845

95 B
945 B

125ms
31ms

Image
image/png

54.194.137.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2Fmrbolero.com%2F&pid=12306&adnxs_uid=7492956257855341845

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.137.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-137-128.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 11 Mar 2021 13:10:21 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Thu, 11 Mar 2021 13:10:21 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:21 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.10:80
AN-X-Request-Uuid: 9126ab5f-1564-4f38-be2f-1d491760b4d7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fmrbolero.com%2F&pid=12306&adnxs_uid=7492956257855341845
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 89A3 42 B
233 B 268ms
86ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:21 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 89A3
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP228d506b-826b-11eb-a418-06fe47841808
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP228d506b-826b-11eb-a418-06fe47841808&verify=true
https://router.infolinks.com/dyn/outh-usync?uid=y-0eKdU7BE2uGdJkd26_L2fB7wQDyBVezc~A~UP228d506b-826b-11eb-a418-06fe47841808

35 B
476 B

123ms
122ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-0eKdU7BE2uGdJkd26_L2fB7wQDyBVezc~A~UP228d506b-826b-11eb-a418-06fe47841808
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e505c3fa9fee2f-CDG
content-length: 35
cf-request-id: 08c301ee7d0000ee2fcd8d2000000001
expires: Wed, 11 Mar 2020 12:10:22 GMT

Redirect headers

Date: Thu, 11 Mar 2021 13:10:22 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/outh-usync?uid=y-0eKdU7BE2uGdJkd26_L2fB7wQDyBVezc~A~UP228d506b-826b-11eb-a418-06fe47841808
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 89A3
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=3d3509f180698c9e6c6890bd

35 B
218 B

122ms
121ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=3d3509f180698c9e6c6890bd
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e505c2affeee2f-CDG
content-length: 35
cf-request-id: 08c301eda80000ee2fb1881000000001
expires: Wed, 11 Mar 2020 12:10:21 GMT

Redirect headers

Date: Thu, 11 Mar 2021 13:10:21 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=3d3509f180698c9e6c6890bd
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 89A3
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUMwQjk0QUUtMjI1OS00NTNBLUEwRjQtRTI5Q0YyMzRBQUE5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DA922C116-6AE9-40B1-9112-815FDC0426C9
https://router.infolinks.com/dyn/pbm-usync?uid=A922C116-6AE9-40B1-9112-815FDC0426C9

0
211 B

128ms
126ms

Image
text/html

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=A922C116-6AE9-40B1-9112-815FDC0426C9
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 62e505c5ff2aee2f-CDG
content-length: 0
cf-request-id: 08c301efc10000ee2f1a918000000001
expires: Wed, 11 Mar 2020 12:10:22 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/pbm-usync?uid=A922C116-6AE9-40B1-9112-815FDC0426C9
Date: Thu, 11 Mar 2021 13:10:21 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 89A3
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTkyMkMxMTYtNkFFOS00MEIxLTkxMTItODE1RkRDMDQyNkM5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DA922C116-6AE9-40B1-9112-815FDC0426C9
https://router.infolinks.com/dyn/pbm-usync?uid=A922C116-6AE9-40B1-9112-815FDC0426C9

0
66 B

165ms
164ms

Image
text/html

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=A922C116-6AE9-40B1-9112-815FDC0426C9
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 62e505c5ff2eee2f-CDG
content-length: 0
cf-request-id: 08c301efbd0000ee2fda84c000000001
expires: Wed, 11 Mar 2020 12:10:22 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/pbm-usync?uid=A922C116-6AE9-40B1-9112-815FDC0426C9
Date: Thu, 11 Mar 2021 13:10:21 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

bizzc-usync
router.infolinks.com/dyn/ Frame 89A3
Redirect Chain

https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D
https://router.infolinks.com/dyn/bizzc-usync?uid=73fe3d144799391071d615943c2e4b051891c1a5b7bd82bceb0636e9d3589f96

35 B
294 B

119ms
119ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/bizzc-usync?uid=73fe3d144799391071d615943c2e4b051891c1a5b7bd82bceb0636e9d3589f96
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e505c54da5ee2f-CDG
content-length: 35
cf-request-id: 08c301ef4d0000ee2fc4beb000000001
expires: Wed, 11 Mar 2020 12:10:22 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:22 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://router.infolinks.com/dyn/bizzc-usync?uid=73fe3d144799391071d615943c2e4b051891c1a5b7bd82bceb0636e9d3589f96
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame 89A3 0
166 B 123ms
123ms Image
text/plain 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=null&wsid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:10:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 62e505c35955ee2f-CDG
content-length: 0
cf-request-id: 08c301ee190000ee2f2407a000000001

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 89A3
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=1871878968265736413

35 B
213 B

138ms
124ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=1871878968265736413
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e505c45b78ee2f-CDG
content-length: 35
cf-request-id: 08c301eeb60000ee2fcd8d8000000001
expires: Wed, 11 Mar 2020 12:10:22 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=1871878968265736413
Date: Thu, 11 Mar 2021 13:10:22 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sx-usync
router.infolinks.com/dyn/ Frame 89A3
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=22b2015a-826b-11eb-b2eb-1fe3cd8f0d06
https://router.infolinks.com/dyn/sx-usync?uid=22b2011d-826b-11eb-b2eb-1fe3cd8f0d06

35 B
242 B

136ms
123ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sx-usync?uid=22b2011d-826b-11eb-b2eb-1fe3cd8f0d06
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e505c46b9cee2f-CDG
content-length: 35
cf-request-id: 08c301eec30000ee2faf905000000001
expires: Wed, 11 Mar 2020 12:10:22 GMT

Redirect headers

Date: Thu, 11 Mar 2021 13:10:22 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sx-usync?uid=22b2011d-826b-11eb-b2eb-1fe3cd8f0d06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 134
Connection: keep-alive
Content-Length: 0

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 89A3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://router.infolinks.com/dyn/VR-usync?uid=y-I9DX9sJE2uGf2izY_1ZVM_.9AkIupLHC9fC9F5Y-~A

35 B
234 B

119ms
118ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-I9DX9sJE2uGf2izY_1ZVM_.9AkIupLHC9fC9F5Y-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e505c40ac1ee2f-CDG
content-length: 35
cf-request-id: 08c301ee830000ee2f1b306000000001
expires: Wed, 11 Mar 2020 12:10:22 GMT

Redirect headers

Date: Thu, 11 Mar 2021 13:10:22 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/VR-usync?uid=y-I9DX9sJE2uGf2izY_1ZVM_.9AkIupLHC9fC9F5Y-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9612
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEoWvc4AL0_D8rqceeGr8AAABLwAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEoWvc4AL0_D8rqceeGr8AAABLwAAAAB&dcc=t

43 B
433 B

95ms
94ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEoWvc4AL0_D8rqceeGr8AAABLwAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:22 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:22 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEoWvc4AL0_D8rqceeGr8AAABLwAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 9612
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEoWvc4AL0_D8rqceeGr8AAABLwAAAAB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEN2CqSBU_KB0OWsaWhmhcz8&google_cver=1

43 B
315 B

30ms
29ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEN2CqSBU_KB0OWsaWhmhcz8&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 11 Mar 2021 13:10:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEN2CqSBU_KB0OWsaWhmhcz8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9612 70 B
265 B 100ms
31ms Image
image/gif 52.16.108.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_user_id=YEoWvc4AL0-D8rqceeGr8AAA&gdpr=1&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.108.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-108-17.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9612
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEoWvc4AL0-D8rqceeGr8AAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKrPn-hVUh4dUyASqzj9Isw&google_cver=1

43 B
1 KB

30ms
30ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKrPn-hVUh4dUyASqzj9Isw&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Mar 2021 13:10:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKrPn-hVUh4dUyASqzj9Isw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK us.php
gu.dyntrk.com/adx/ie/ Frame 9612 0
215 B 101ms
33ms Image
text/plain 135.125.8.70
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.8.70 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3184584.ip-135-125-8.eu
Software: proxy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
x-rc: 10
server: proxy
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 9612 43 B
408 B 106ms
32ms Image
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS: ams-mon-1.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 13:10:21 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-2
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 YEoWvc4AL0_D8rqceeGr8AAABLwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9612 43 B
839 B 100ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YEoWvc4AL0_D8rqceeGr8AAABLwAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:10:21 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 9612
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6687546211214779942&uid=Q6687546211214779942&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

25ms
25ms

Image
image/gif

23.5.100.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.5.100.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-5-100-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:22 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Thu, 11 Mar 2021 13:10:22 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame 9612 35 B
349 B 196ms
194ms Image
image/gif 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YEoWvc4AL0-D8rqceeGr8AAA%261212
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e505c2c851ee2f-CDG
content-length: 35
cf-request-id: 08c301edc00000ee2fe8bed000000001
expires: Wed, 11 Mar 2020 12:10:21 GMT

GET
H2 200 11334865311486290702
tpc.googlesyndication.com/simgad/ Frame 01A3 145 KB
146 KB 34ms
7ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11334865311486290702

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5146006997767796&output=html&h=280&adk=2233788718&adf=2931138512&pi=t.aa~a.947749546~rp.3&w=370&fwrn=4&fwrnh=100&lmt=1615468221&rafmt=1&to=qs&pwprc=2494984760&psa=0&format=370x280&url=https%3A%2F%2Fmrbolero.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615468221596&bpp=1&bdt=869&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8f0ef1da208004a-223505e8beba008d%3AT%3D1615468221%3ART%3D1615468221%3AS%3DALNI_MaT94L1iGVyeoVIgLhQ3EQHwEcUmA&prev_fmts=0x0%2C1200x280&nras=2&correlator=4450049278369&frm=20&pv=1&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=klIML573VR&p=https%3A//mrbolero.com&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9e93bee32bf4a67a4ff4436abd3e6200e88b795e00615045613dd06afca846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 17:58:29 GMT
x-content-type-options: nosniff
age: 155512
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148967
x-xss-protection: 0
last-modified: Thu, 21 May 2020 04:35:29 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 17:58:29 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame 01A3 17 KB
7 KB 52ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7138
x-xss-protection: 0
server: cafe
etag: 7904608329869157807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 13:08:46 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 01A3 2 KB
1 KB 50ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 13:06:54 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 01A3 112 KB
34 KB 34ms
32ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378840307797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34576
x-xss-protection: 0
expires: Thu, 11 Mar 2021 13:10:21 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 01A3 13 KB
6 KB 48ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 13:07:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 01A3 0
0 16ms
14ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTt-5_Zsb9WyMi7SoibdC2MHvFmfFdTzjzEEF8z_IShWKOqQGn3HLj5ef9uetRtWbI2NT9ZvIx6uczwgJF50UBtE21OjA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5146006997767796&output=html&h=280&adk=2233788718&adf=2931138512&pi=t.aa~a.947749546~rp.3&w=370&fwrn=4&fwrnh=100&lmt=1615468221&rafmt=1&to=qs&pwprc=2494984760&psa=0&format=370x280&url=https%3A%2F%2Fmrbolero.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615468221596&bpp=1&bdt=869&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8f0ef1da208004a-223505e8beba008d%3AT%3D1615468221%3ART%3D1615468221%3AS%3DALNI_MaT94L1iGVyeoVIgLhQ3EQHwEcUmA&prev_fmts=0x0%2C1200x280&nras=2&correlator=4450049278369&frm=20&pv=1&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=klIML573VR&p=https%3A//mrbolero.com&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 01A3 25 KB
11 KB 50ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87f15fba52ba32ff97868fd9de7d33be5e2d88ecea0c9fe648041d8f270be416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 07:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10811
x-xss-protection: 0
server: cafe
etag: 16204982485008532146
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 07:34:56 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 01A3 0
0 63ms
61ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CG88gvRZKYKb0JoiM1wbqsKewCqfQoMphquzvr-IMCxABIO3AjxBg-4GAgIgKoAHxg_2VA8gBA6gDAcgDyQSqBM4BT9B12x3wV7dVBhCThGIk8-5rCxbdpdDTZMxl_9wfPatKZCCyoQFUPq6ZTRYqPJAyxKF_MtG4szNiaANTYfonrZP1dlZM5Fbpq_6mhZD3YC2CcOpSnYMShjWbjj4EJ3torw9d-c4jgxTu1g6iVHHECzkYG-p9EFvbU-BTC7tQ4AyfvhWJ_SqCbZ1zeA6qrYFwA_8JmRHSfPcYnO1xlhEB6igZVNoJTGZoWaxvtkGhw0r9AavVeovhHcCJ6uXb8YO3V1NpgcsLeCSXHOyjz2HABLz4kMGyApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYDgAfP4tOPAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDBxQXSCAkIgOGAEBABGB-ACgHICwHYEwyyFxoKGAgAEhRwdWItNTE0NjAwNjk5Nzc2Nzc5Ng&sigh=UNHnib4D5oU&tpd=AGWhJmvi-1Uw9LNJ2yXBDMnnyhWdYIcSDpnqdA59k3xypoMTSg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5146006997767796&output=html&h=280&adk=2233788718&adf=2931138512&pi=t.aa~a.947749546~rp.3&w=370&fwrn=4&fwrnh=100&lmt=1615468221&rafmt=1&to=qs&pwprc=2494984760&psa=0&format=370x280&url=https%3A%2F%2Fmrbolero.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615468221596&bpp=1&bdt=869&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8f0ef1da208004a-223505e8beba008d%3AT%3D1615468221%3ART%3D1615468221%3AS%3DALNI_MaT94L1iGVyeoVIgLhQ3EQHwEcUmA&prev_fmts=0x0%2C1200x280&nras=2&correlator=4450049278369&frm=20&pv=1&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=klIML573VR&p=https%3A//mrbolero.com&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Mar 2021 13:10:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0EFB 143 B
216 B 24ms
23ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5146006997767796&output=html&h=280&adk=2233788718&adf=2931138512&pi=t.aa~a.947749546~rp.3&w=370&fwrn=4&fwrnh=100&lmt=1615468221&rafmt=1&to=qs&pwprc=2494984760&psa=0&format=370x280&url=https%3A%2F%2Fmrbolero.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615468221596&bpp=1&bdt=869&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8f0ef1da208004a-223505e8beba008d%3AT%3D1615468221%3ART%3D1615468221%3AS%3DALNI_MaT94L1iGVyeoVIgLhQ3EQHwEcUmA&prev_fmts=0x0%2C1200x280&nras=2&correlator=4450049278369&frm=20&pv=1&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=klIML573VR&p=https%3A//mrbolero.com&dtd=13
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl2vavl4AxMN246zI4bqBndYA2OdKr2wUSMNGcMQENr39X9EQdFDE1jOum-Urw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5146006997767796&output=html&h=280&adk=2233788718&adf=2931138512&pi=t.aa~a.947749546~rp.3&w=370&fwrn=4&fwrnh=100&lmt=1615468221&rafmt=1&to=qs&pwprc=2494984760&psa=0&format=370x280&url=https%3A%2F%2Fmrbolero.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615468221596&bpp=1&bdt=869&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8f0ef1da208004a-223505e8beba008d%3AT%3D1615468221%3ART%3D1615468221%3AS%3DALNI_MaT94L1iGVyeoVIgLhQ3EQHwEcUmA&prev_fmts=0x0%2C1200x280&nras=2&correlator=4450049278369&frm=20&pv=1&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=klIML573VR&p=https%3A//mrbolero.com&dtd=13

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Mar 2021 12:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2822
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 01A3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85cc11630b9dd83fe92902c92864abddd575efe86972ab8e2a38574c84ef435f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 8963 2 KB
969 B 49ms
34ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5146006997767796&output=html&h=280&slotname=2137049825&adk=2848357274&adf=3025194257&pi=t.ma~as.2137049825&w=1200&fwrn=4&fwrnh=100&lmt=1615468221&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmrbolero.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615468221305&bpp=12&bdt=579&idt=120&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4450049278369&frm=20&pv=1&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JKeImSNCRd&p=https%3A//mrbolero.com&dtd=132

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 12:28:18 GMT
server: ESF
date: Thu, 11 Mar 2021 13:10:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 13:10:22 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5D50 31 KB
10 KB 32ms
30ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=47708
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9309
Expires: Fri, 12 Mar 2021 02:25:30 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 8963 2 KB
991 B 41ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 13:08:20 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame 8963 17 KB
7 KB 40ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7138
x-xss-protection: 0
server: cafe
etag: 7904608329869157807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 13:08:46 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 8963 2 KB
1 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 13:06:54 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8963 112 KB
34 KB 35ms
34ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378840307797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34576
x-xss-protection: 0
expires: Thu, 11 Mar 2021 13:10:22 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 8963 13 KB
6 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 13:07:56 GMT

GET
H2 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame 8963 26 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 03:08:06 GMT
server: sffe
age: 57195
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:17:07 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 8963 29 KB
29 KB 56ms
13ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTYZbQgrTlRBq1tBkhB4ucbXTBCKg686Ye72LHhC82qGGBIoqhqqmW0qRr_cso&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d59a299571edc4e493eb9e0d249313a96383e4a8cff8640c0760d5cd23c1688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:31:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Dec 2020 13:07:37 GMT
server: sffe
age: 52730
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29676
x-xss-protection: 0
expires: Thu, 10 Mar 2022 22:31:32 GMT

GET
DATA 200
OK truncated
/ Frame 8963 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed9ed6d2ebdbfbf215aa7ebb67ca433f64e776be77aa246bffd6e59d32667703

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 8963 16 KB
16 KB 60ms
18ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQjLTnn46qaJ30s2O0nPU49IVLAu5Jj2_382DqakhmEpjbaCAGYGBK-WWHTNLc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f40bde04eb49d7ef9f75457099eca0d8abdb70df85f9b8df108d80b0d0db59a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 23:03:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Aug 2019 20:19:41 GMT
server: sffe
age: 569234
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15924
x-xss-protection: 0
expires: Fri, 04 Mar 2022 23:03:08 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8963 17 KB
18 KB 55ms
13ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcREpgCjGqzbdHEvXeKWcw45b3pZi6lLcIi4TraMugNVMNODef6WUQvJFu0g9uY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa500da57be69ffd8b8e06d3b1e1529f1f1ab27019b10532dd90f2da2d50a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 09:38:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 07 Mar 2021 09:09:26 GMT
server: sffe
age: 358291
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17728
x-xss-protection: 0
expires: Mon, 07 Mar 2022 09:38:51 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8963 24 KB
24 KB 55ms
13ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRnORpEEUlZ_u411ff-mbIFsJxs_RK24fkGBmeiV9_qrjhufls4aKozq8hC0Q&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c6985f2549e4e370ee30c29078efa24d6f1527181c3b05127c31e3e023f71d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 09:00:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Jun 2018 17:37:20 GMT
server: sffe
age: 533404
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24613
x-xss-protection: 0
expires: Sat, 05 Mar 2022 09:00:18 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 8963 21 KB
21 KB 62ms
21ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQy3i9-Cu8wKA5n7JFAW-sFrb9SAyOC2qCLeQjRhBubi0jdbL5pgXcOE6plTg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf260c46b393e38f8d5615a437fe424590cbe440c10df4d384281f97ad0f6248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 23:05:06 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 09:23:16 GMT
server: sffe
age: 50716
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21260
x-xss-protection: 0
expires: Thu, 10 Mar 2022 23:05:06 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 8963 27 KB
28 KB 55ms
13ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQEQdYeH1m2Va0idhDKG9wHQgkkOGgAX38HIcHl4TEsvKSvV8to&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cec62a56539c8799012b5b3777ec47abfca5d7c5009e9003be6a14e1e7aa5533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 23:03:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 13:56:59 GMT
server: sffe
age: 569225
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28132
x-xss-protection: 0
expires: Fri, 04 Mar 2022 23:03:17 GMT

GET
H3-Q050

200

9179879348336548343
tpc.googlesyndication.com/simgad/ Frame 8963
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrq5yjRxCwCRiwCTIIFDZR_jqtCm4
https://tpc.googlesyndication.com/simgad/9179879348336548343

70 KB
70 KB

7ms
7ms

Image
image/jpeg

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9179879348336548343

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec24c654f0e2575395675bd259dd78049b429ea254686a0cea8ddc55317f320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 18:01:01 GMT
x-content-type-options: nosniff
age: 155361
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71581
x-xss-protection: 0
last-modified: Wed, 19 Dec 2018 10:27:13 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 18:01:01 GMT

Redirect headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 07:15:14 GMT
x-content-type-options: nosniff
server: cafe
age: 21308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/9179879348336548343
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Apr 2021 07:15:14 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8963 0
0 82ms
60ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWtYTvRZKYMKUHZuX1gbmhq7YCpy5_-BhsbTI8coMs7fzg6EaEAEg7cCPEGD7gYCAiAqgAbDS15kDyAEJqQJo22BQCQS0PqgDAcgDywSqBL8BT9D9mkV_NtJgKC5J6SbvO2KMYrOmnb4YR4WcYvYwrhmNWU_MSQXt8OTdOuU-NIT8uHgGkWqjkZt-3I1dzEdUkIU58EQI1EteFO1_DWMmQO4ghDh0JM0OE3SrDp8OiFgk1RvDVkCGNsweKkgmhLllanjgxnxzrwidBPxUvOSQijoyOr-I9JY1moGzcL4r9EJHula1-QTKSgj4IJUu-u0zMV9yqJOa0A5RMJsplWYCtNS3Vx9mc-6kSfiKRbfTjEHABPO2m6StA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeYmMsmqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCgkwfSCAkIgOGAEBABGB-ACgHICwHYEwyyFxoKGAgAEhRwdWItNTE0NjAwNjk5Nzc2Nzc5Ng&sigh=RzprrzMX724&template_id=494&tpd=AGWhJmukOj0G3e0d48MH_OcheUois32gIm99gwaOm4h4O_dsJg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5146006997767796&output=html&h=280&slotname=2137049825&adk=2848357274&adf=3025194257&pi=t.ma~as.2137049825&w=1200&fwrn=4&fwrnh=100&lmt=1615468221&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmrbolero.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615468221305&bpp=12&bdt=579&idt=120&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4450049278369&frm=20&pv=1&ga_vid=1013866369.1615468221&ga_sid=1615468221&ga_hid=2101806248&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21066433%2C21066923%2C21068496&oid=3&pvsid=4151241866720551&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JKeImSNCRd&p=https%3A//mrbolero.com&dtd=132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Mar 2021 13:10:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0EFB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

33ms
31ms

Document
text/html

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl2vavl4AxMN246zI4bqBndYA2OdKr2wUSMNGcMQENr39X9EQdFDE1jOum-Urw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Mar 2021 13:10:22 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 11-Mar-2021 14:10:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Mar 2021 13:10:22 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Mar 2021 13:10:22 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js Show response
pagead2.googlesyndication.com/bg/ Frame EB68 14 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 08:39:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 189024
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5656
x-xss-protection: 0
expires: Wed, 09 Mar 2022 08:39:58 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5D50 284 B
536 B 100ms
26ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/jpg

GET
DATA 200
OK truncated
/ Frame 8963 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed19f72952db3675b86ae305201096203f70d82ae45f4b8a61d6a6e236ef9029

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 8963 20 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 581336
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:26 GMT

GET
H3-Q050 200 KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B96F 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 08:39:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 189024
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5656
x-xss-protection: 0
expires: Wed, 09 Mar 2022 08:39:58 GMT

GET
H/1.1

200
OK

motivation.jpg
mrbolero.com/wp-content/uploads/2021/03/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://mrbolero.com/wp-content/uploads/2021/03/motivation.jpg
https://mrbolero.com/wp-content/uploads/2021/03/motivation.jpg

4 MB
4 MB

158ms
156ms

Image
image/jpeg

216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbolero.com/wp-content/uploads/2021/03/motivation.jpg
Requested by: Host: mrbolero.com
URL: https://mrbolero.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: fe951a5f89a4e8f2dd900d7d6ae48ca8f0ba71717c63fe08e216d12d09663658

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:22 GMT
Last-Modified: Tue, 02 Mar 2021 07:33:55 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3800005

Redirect headers

date: Thu, 11 Mar 2021 13:10:23 GMT
cdn-edgestorageid: 722
access-control-allow-origin: *
x-tag: Domain:mrbolero.com
cdn-cachedat: 2021-03-11 07:07:35
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sat, 10 Apr 2021 06:07:35 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://mrbolero.com/wp-content/uploads/2021/03/motivation.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000, s-maxage=2592000
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 0bd5f24369f292c652a0c53b91443a2f
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8963 42 B
479 B 69ms
54ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIixwFtk2VH6FgzptlYavUWIQ6r4yyH0Q8IxKoup8RMwGwi1PH-oO0QSI0NvncbDQVbliodrOEj9O9Nj9x5gegjOUAV8mjtyeE4ZHP77BMA8jQrgI_NXhG7sRCeQ&sai=AMfl-YTXXdpXREzNoxcaIbL07R8igsqFZbblnSnoqKP3MUwG7EQNANlYh7W_XLC-KGGMGme4T5-lPyParvWY&sig=Cg0ArKJSzJ4qNTgTza9pEAE&id=osdim&mcvt=1001&p=76,0,356,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210310&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2848357274&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1615468221441&dlt=556&rpt=118&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 37ms
17ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210309&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1f138a276827f179bb7a884d7125ab615e888c9935537791e8db739ce436428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 13:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6499
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 11 Mar 2021 13:10:26 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame E4CA 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrbolero.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mrbolero.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 11 Mar 2021 13:09:53 GMT
expires: Fri, 11 Mar 2022 13:09:53 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 33
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js Show response
pagead2.googlesyndication.com/bg/ Frame E4CA 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 13:02:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 473
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
expires: Fri, 11 Mar 2022 13:02:33 GMT

GET
H/1.1

200
OK

mrbolero.jpg
mrbolero.com/wp-content/uploads/2021/03/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://mrbolero.com/wp-content/uploads/2021/03/mrbolero.jpg
https://mrbolero.com/wp-content/uploads/2021/03/mrbolero.jpg

3 MB
3 MB

165ms
165ms

Image
image/jpeg

216.218.206.41
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbolero.com/wp-content/uploads/2021/03/mrbolero.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.218.206.41 Cazadero, United States, ASN6939 (HURRICANE, US),
Reverse DNS: fmt13.web.com.ph
Software: Apache /
Resource Hash: f77ee50083337581d2b7ba4990d5e3e635b7faf9b72c3b24f69fd31dea9b91b2

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 13:10:25 GMT
Last-Modified: Tue, 02 Mar 2021 07:17:58 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2621648

Redirect headers

date: Thu, 11 Mar 2021 13:10:26 GMT
cdn-edgestorageid: 632
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:mrbolero.com
cdn-cachedat: 2021-03-06 07:46:45
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-723
cdn-requestpullcode: 302
x-purge: 1
location: https://mrbolero.com/wp-content/uploads/2021/03/mrbolero.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=604800
cdn-requestid: 1a9312299815ce6e013cd6a399061984
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 40ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210309&jk=4151241866720551&bg=!e3ileDvNAAUO7zDoDjsAKQB2-DxamsP0ofAi_JEMUiD5Chy39hlV9m9OhidjSNd4SzXpYJni91GtAgAAAFhSAAAAC2gBBwoAYrWl3kLuX9dH3fNZIJEVTKgXxyLwXOV_vzg_iQbmwuBos4WNl-Zoq2_7AI9nju_mBk0HHDXMPbSTuZ7F0C5ZCdTdc55A4HkllQTW-03kUSIcr65oUp9QgjojYXxnSyynvaZPmQIDSub2oInTuZdmDNIBpO885hOdI7R6lqCurenwbLtAzs7pejTu2fXpNmRMxQaAvCjnGJCjLcLNiz1Coij7ggw8qphXB1iZHFurWwJATe3nwq5qgwXW_RsS1ZtNC5ZONb8AFvIg_9mwlL4SnMwaJcLjIOvHI-KeCiDSop5SypGjBS4xJXXnZfy0vt1-lwdpeP3IHIKBJY-t6HEySYCi6qCB7IHR7VOqToCEXn1eIwAm9DUmvj-IKALHgoA71aH97HyhoM_-dBsAj8AS5-8jgy9N3hhGFrwPXrfVopc5k3OqFvt3qiMXjrwjmn21JE7bd0jUvnwOIn9o3L8BdnT1uquIXSut9MQZHmJ3mp56Qjn8J_lwmGw-RSgsAaSfmq6F1V9OQBGW6MKE7KVw_IxQF7snDY-GPJJ0BkjKN0-cSiWf5HAxHzELJtv6-ucmo1Xa7pIIxfJXMG3CneHpiNvjNyHf5dguMvIQXyEb00y_i0izD3QZhQ_b526Ee05dSYSZFpKLDI4j2qY0QaEiCCsKZy_iXh0rlOUV6Ci2NZ8uoq3IhCEF82soE3oIt4e18xfIb5DJjMWp0_JU10eatahgE3a5ugagcEaG7LitJOKvkbmpx6qBuhkc2UWjwV-StXmLkTJM2kXNEtKaJjga1imeTHuLawodTvjUmEpYYlp4ce2zOH3Hg-A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrbolero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 13:10:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://mrbolero.com/wp-content/cache/autoptimize/js/autoptimize_71176211e6ce7b42f0235e43ecdc1025.js(Line 8) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js(Line 1) Message: [object Object]
console-api	log	URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js(Line 1) Message: Failed to log to loggly because of this exception: SecurityError: Blocked a frame with origin "https://mrbolero.com" from accessing a cross-origin frame.
console-api	log	URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js(Line 1) Message: Failed log data: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ap.lijit.com
b1sync.zemanta.com
cdn.shortpixel.ai
cm.adgrx.com
cm.g.doubleclick.net
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gu.dyntrk.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
match.adsrvr.org
mrbolero.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pr-bh.ybp.yahoo.com
px.owneriq.net
resources.infolinks.com
router.infolinks.com
s.amazon-adsystem.com
s.cpx.to
secure-assets.rubiconproject.com
ssc-cms.33across.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
sync.1rx.io
sync.go.sonobi.com
sync.search.spotxchange.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us.ck-ie.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.powr.io
135.125.8.70
142.250.186.130
172.217.18.98
172.67.39.17
174.137.133.49
178.162.133.149
18.156.0.31
184.30.20.241
185.59.220.198
185.64.189.110
185.64.189.114
185.64.190.79
185.94.180.125
193.0.160.129
208.100.17.176
208.100.17.187
213.19.147.151
216.218.206.41
216.52.2.39
23.37.42.132
23.5.100.175
2606:4700:10::6816:33f5
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
37.252.172.36
51.89.9.254
52.16.108.17
52.28.239.147
52.46.130.13
54.194.137.128
63.251.232.170
69.173.144.165
70.42.32.95
88.214.193.83
0a92c7786e644216cdbe37a7d8c53fded98b1b5a1bce3c635ef57c942196c388
0c9e93bee32bf4a67a4ff4436abd3e6200e88b795e00615045613dd06afca846
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aa500da57be69ffd8b8e06d3b1e1529f1f1ab27019b10532dd90f2da2d50a92
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1effe78205a311ca864e91fe49adbadf8a1bd754f5e6f2f820338b1010cebd40
293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d59a299571edc4e493eb9e0d249313a96383e4a8cff8640c0760d5cd23c1688
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
332ab1b19a0d708b20172010c2122540f4839a737648b34da9a169130a1fef23
3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48dc37b61627ba85435eca07a34dc20d1646fb6a91e434fc465fe3d7c10cbc24
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
5024e180ccfe0422a85a14189f1ac8e912e89d019b445f835a7f8ed079d19dff
55fd32bd9c4920dab9f82daa7d0f73deef8686043874699d7cb5fabf014bf00d
597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748
61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
71f5bf0ce5c378dfce79a39542327134bbe9adaa8e4659523a8609f6f3e672a0
752313569a50d95cefc1909f6467a624d9d6394a98b6e032409837476eb9349e
77d234e22ac7b1fcd3badbefc12917542cc9e09ff7e47425ed2d77e8df714e5e
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7ec24c654f0e2575395675bd259dd78049b429ea254686a0cea8ddc55317f320
7f3ac0a3694c1e244b7c3b8e0634a2d07d0b5d3e10dcc235dbfb98b305cac9e8
80a72807bdbb472d329c117e85b6246c209a57ee114d4afae932e69add6e9906
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85cc11630b9dd83fe92902c92864abddd575efe86972ab8e2a38574c84ef435f
87f15fba52ba32ff97868fd9de7d33be5e2d88ecea0c9fe648041d8f270be416
8b88ddfa92e4cb2646d5c7e19274939caa3495dcb33c307f1bbaec31b1d9691a
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9a1088330e7e3f920ad6aacb74d21355d223a195bbf72dee3ed3bddc1a7f8708
a1f138a276827f179bb7a884d7125ab615e888c9935537791e8db739ce436428
a3c6985f2549e4e370ee30c29078efa24d6f1527181c3b05127c31e3e023f71d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e539ca0a2534c7bef21ec6b3fd67d87edfb8ef96b5564be9d88f84cbf22963
a93f23781522203e27310db503a8f2af1a52015419fda8c960b82c90471239d8
b0019faeca67a366c60a543a2bf27e49642951cb86d90d694eb86bd741f30b05
b0a69bdfe2868a67fec349e0070d0ccd794511ec3c3c11a20bc9303d8eb34f8c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bcb9a281c6fe094fb17a7ec2c3a5bc274de05f115579a326d3cad001f48289ea
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
cec62a56539c8799012b5b3777ec47abfca5d7c5009e9003be6a14e1e7aa5533
cf260c46b393e38f8d5615a437fe424590cbe440c10df4d384281f97ad0f6248
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed19f72952db3675b86ae305201096203f70d82ae45f4b8a61d6a6e236ef9029
ed9ed6d2ebdbfbf215aa7ebb67ca433f64e776be77aa246bffd6e59d32667703
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
f2f56ce59719ea1eca35c21520f4839c7e8ecde0af1853fbe81876d76b12d1b2
f3c616e513437ad416e69278ed9100bdac86d11cb393a28960f522c731a5ac4f
f40bde04eb49d7ef9f75457099eca0d8abdb70df85f9b8df108d80b0d0db59a0
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe
f77ee50083337581d2b7ba4990d5e3e635b7faf9b72c3b24f69fd31dea9b91b2
fc21f047074fc0a4f4a7482f9ccdbecebbc1112df213b88c90d797914d9bfd6b
fd084029a7c67c037b2d124747a99847a69d22c09513509d63d0a20d7d31bfe3
fe951a5f89a4e8f2dd900d7d6ae48ca8f0ba71717c63fe08e216d12d09663658
ffe32d116e9aab2f7dcb5f39200aadb6c6c1efdb306b5b98746ea62c27801a86

mrbolero.com Open in urlscan Pro 216.218.206.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

34 %IPv6

36 Domains

50 Subdomains

35 IPs

6 Countries

18909 kBTransfer

20631 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mrbolero.com Open in urlscan Pro
216.218.206.41 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

34 %
IPv6

36
Domains

50
Subdomains

35
IPs

6
Countries

18909 kB
Transfer

20631 kB
Size

0
Cookies

109 HTTP transactions
3 data transactions