pelotainvernal.com Open in urlscan Pro
52.22.201.165 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pelotainvernal.com/
Submission: On November 25 via api (November 25th 2022, 8:09:36 am UTC) from DO — Scanned from DE

Summary HTTP 233 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 59 IPs in 10 countries across 43 domains to perform 233 HTTP transactions. The main IP is 52.22.201.165, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pelotainvernal.com. The Cisco Umbrella rank of the primary domain is 349334.
TLS certificate: Issued by Amazon on August 5th 2022. Valid for: a year.

This is the only time pelotainvernal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	52.22.201.165 52.22.201.165	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4b43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	3.5.20.187 3.5.20.187	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::ac43:b7f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	99.86.4.108 99.86.4.108	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	104.18.131.145 104.18.131.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 32	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	23.53.169.70 23.53.169.70	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	18.165.160.89 18.165.160.89	16509 (AMAZON-02) (AMAZON-02)
2 4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2 4	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:b000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.215.75.170 34.215.75.170	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2	99.81.181.127 99.81.181.127	16509 (AMAZON-02) (AMAZON-02)
3 11	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
9	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:8400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.211.171.170 52.211.171.170	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.122 185.86.137.122	201081 (SMARTADSE...) (SMARTADSERVER)
8	2600:1f13:800... 2600:1f13:800:7780:93a2:ac09:2e07:a55d	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	72.251.241.206 72.251.241.206	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	95.101.200.23 95.101.200.23	16625 (AKAMAI-AS) (AKAMAI-AS)
233	59

6 52.22.201.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-201-165.compute-1.amazonaws.com

pelotainvernal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4b43 (United States)

ASN13335 (CLOUDFLARENET, US)

flower-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 3.5.20.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3.us-east-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:b7f8 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-conectate.kiskoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-108.fra6.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.131.145 (None, )

ASN13335 (CLOUDFLARENET, US)

t.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.169.70 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-169-70.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.160.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-160-89.man51.r.cloudfront.net

cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.82 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:b000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.75.170 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-75-170.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.181.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-181-127.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:8400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.171.170 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-171-170.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f13:800:7780:93a2:ac09:2e07:a55d (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (Bad Krozingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.200.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-200-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 147 ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com ade.googlesyndication.com — Cisco Umbrella Rank: 281	563 KB
37	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 191 ad.doubleclick.net — Cisco Umbrella Rank: 168 stats.g.doubleclick.net — Cisco Umbrella Rank: 94 cm.g.doubleclick.net — Cisco Umbrella Rank: 207 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294	382 KB
21	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com	313 KB
15	amazonaws.com s3.amazonaws.com	145 KB
12	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 598 static.adsafeprotected.com — Cisco Umbrella Rank: 560 dt.adsafeprotected.com — Cisco Umbrella Rank: 511	98 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 274	246 KB
7	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 528 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 540 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 450 dsum.casalemedia.com — Cisco Umbrella Rank: 1395	6 KB
7	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 381 mug.criteo.com — Cisco Umbrella Rank: 2612	9 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 178	310 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 52	4 KB
6	pelotainvernal.com pelotainvernal.com — Cisco Umbrella Rank: 349334	30 KB
5	seedtag.com t.seedtag.com — Cisco Umbrella Rank: 12578 s.seedtag.com — Cisco Umbrella Rank: 5766	135 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 208	4 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 2123 mp.4dex.io — Cisco Umbrella Rank: 2342	25 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7898	1 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2351	791 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1143 id5-sync.com — Cisco Umbrella Rank: 492	17 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1002 pixel.quantserve.com — Cisco Umbrella Rank: 680	10 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 747	404 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1272 cs.media.net — Cisco Umbrella Rank: 1386	1016 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 40	20 KB
2	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 20208 cdn.firstimpression.io — Cisco Umbrella Rank: 20285	96 KB
2	kiskoo.com cdn-conectate.kiskoo.com — Cisco Umbrella Rank: 174118	3 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	36 KB
2	flower-ads.com flower-ads.com — Cisco Umbrella Rank: 555719	165 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 400	42 KB
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1333	283 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 10681	60 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 863	75 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1445	584 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1876	173 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 39964	608 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 471	861 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 601	13 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 2605	904 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 940	1 KB
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 495	8 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 620	650 B
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1250	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	702 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 67	43 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 677	30 KB
233	43

	Domain	Requested by
32	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
27	pagead2.googlesyndication.com	pelotainvernal.com pagead2.googlesyndication.com googleads.g.doubleclick.net ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com s0.2mdn.net
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net pelotainvernal.com ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
15	s3.amazonaws.com	pelotainvernal.com
10	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
9	s0.2mdn.net	pelotainvernal.com s0.2mdn.net
8	dt.adsafeprotected.com	ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
7	www.googletagservices.com	pelotainvernal.com googleads.g.doubleclick.net ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net flower-ads.com
6	fonts.googleapis.com	pelotainvernal.com googleads.g.doubleclick.net
6	pelotainvernal.com	pelotainvernal.com
5	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	2 redirects flower-ads.com googleads.g.doubleclick.net
4	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
4	www.google.com	2 redirects ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com tpc.googlesyndication.com
4	gum.criteo.com	2 redirects static.criteo.net
4	fonts.gstatic.com	fonts.googleapis.com
3	mug.criteo.com	pelotainvernal.com
3	t.seedtag.com	flower-ads.com t.seedtag.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	pelotainvernal.com
2	match.360yield.com	2 redirects
2	static.adsafeprotected.com	pixel.adsafeprotected.com ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
2	pixel.adsafeprotected.com	ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
2	s.seedtag.com	t.seedtag.com
2	onetag-sys.com	flower-ads.com
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	script.4dex.io	flower-ads.com script.4dex.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn-conectate.kiskoo.com	pelotainvernal.com
2	cdnjs.cloudflare.com	pelotainvernal.com
2	flower-ads.com	pelotainvernal.com flower-ads.com
2	cdn.jsdelivr.net	pelotainvernal.com
1	cs.media.net
1	cm.adgrx.com
1	dsum.casalemedia.com	1 redirects
1	ade.googlesyndication.com
1	m.exactag.com	ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
1	ssbsync.smartadserver.com	ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
1	ssum-sec.casalemedia.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	tr.blismedia.com	ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	sync.mathtag.com	1 redirects
1	id5-sync.com	cdn.id5-sync.com
1	ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	pixel.quantserve.com	pelotainvernal.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	t.seedtag.com
1	prebid.media.net	flower-ads.com
1	mp.4dex.io	flower-ads.com
1	fastlane.rubiconproject.com	flower-ads.com
1	ap.lijit.com	flower-ads.com
1	htlb.casalemedia.com	flower-ads.com
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	stats.g.doubleclick.net	www.google-analytics.com
1	widgets.outbrain.com	pelotainvernal.com
1	ad.doubleclick.net	pelotainvernal.com
1	ecdn.firstimpression.io	pelotainvernal.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	pelotainvernal.com
1	code.jquery.com	pelotainvernal.com
233	68

This site contains links to these domains. Also see Links.

Domain
www.conectate.com.do
emisorasdominicanasonline.com

Subject Issuer	Validity	Valid
pelotainvernal.com Amazon	`2022-08-05` - `2023-09-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2021-11-21` - `2022-12-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-28` - `2023-04-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
id.sharedid.org Amazon	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-10-16` - `2023-01-14`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-11-04` - `2023-12-03`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://pelotainvernal.com/
Frame ID: EE133927DE7776900A9E08D69D808F85
Requests: 90 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 323EEC75DBE7A8A95BCBC4E414557FE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1669363769&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769314&bpp=3&bdt=257&idt=268&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=7750487750825&frm=20&pv=2&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LP5JG2isTv&p=https%3A//pelotainvernal.com&dtd=286
Frame ID: DAB87B8B1F524FFEE2B0AFE6049649CB
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1669363769&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769320&bpp=1&bdt=262&idt=286&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=7750487750825&frm=20&pv=1&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MgsUv02AGs&p=https%3A//pelotainvernal.com&dtd=290
Frame ID: E6D751A1ACBDE5D6B274CAC1D2DFAF20
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=250&slotname=9665504044&adk=3379964164&adf=185437339&pi=t.ma~as.9665504044&w=300&lmt=1669363769&rafmt=12&format=300x250&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769321&bpp=1&bdt=263&idt=293&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100%2C728x90&correlator=7750487750825&frm=20&pv=1&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1149&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=z49oRm62Dr&p=https%3A//pelotainvernal.com&dtd=296
Frame ID: BFB94CE2F254B2D2FD7C970D54890B10
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&adk=1812271804&adf=3025194257&lmt=1669363769&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fpelotainvernal.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769766&bpp=2&bdt=709&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100%2C728x90%2C300x250&nras=1&correlator=7750487750825&frm=20&pv=1&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=9
Frame ID: FB322CF269194BA45872AFA66FDCE7F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0854C83CE9D585C1B7B7FF22ABCCB5B9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 9FAE227DE339B5801DD79DE3E13D1258
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: B4E30F514AFBD405AAFFEF50F9B6B7DA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4EF9B1221063095112086B7EB86B1DA1
Requests: 13 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: EAA45911102AAAF9C09522FB82F0495C
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 5BB8A91507464F8FE85AF6E27B394B3E
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 23AE301DA61DB6E9F761DB4970A6CA5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 68584AB16490CB0A634B36B961279EAB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 9614DDBB599D1B08ED7AB6F21EFB1876
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: B9E3BF2F02E5FFD9FFC99D0A235FE8B3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 528BFE74181D736ACA87435810DA3303
Requests: 1 HTTP requests in this frame

Frame: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F915176B85E93A6480439DFB12DCA5D9
Requests: 28 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pelotainvernal.com
Frame ID: 7E172B14CD25A0D3545FEC7ACDDE31E5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY9MiavQEwAQ&v=APEucNVo3hGK5s6xQ2fcoG_eEFlkYqHZQOz57_UDG6UbBQYSad43Pw7AS3JY36QYzHyw2JEZhDmD_TumNubMr0KYoOcNQtxisCvEtoMyCzAUrbTD9Jn3lBnfQ62qp5_kAcn_IssjNlRd7pZatBqCOKATvMxs7BlIQB5zE_wuuRK4jCAAIhNrnRw
Frame ID: 69274A9322CA3898C358CCB61BDF2324
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 03D534B050783FDEA575F56E997F410A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CF42BE79D119BC3857CCE3FCCD70AD34
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: E56D98B7BE35CBD4686E99C40D91ECA8
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10870759898001676874/index.html?e=69&leftOffset=0&topOffset=0&c=C9p2tW30qq&t=1&renderingType=2&ev=01_247
Frame ID: 93FAE3D12194572B8B0F1276C24AEA71
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 5FB19F9FEFC8BB6A5713A8B2D4E3C615
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C382B975A9A2CCDDBA223F2CC94E4474
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D527B88C8CA36EFEBC5EC26AE3C0FD98
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PelotaInvernal.com | Resultados, Calendarios y Posiciones

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

233
Requests

93 %
HTTPS

52 %
IPv6

43
Domains

68
Subdomains

59
IPs

10
Countries

2791 kB
Transfer

7536 kB
Size

35
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.conectate.com.do/articulo/campeones-beisbol-invernal-dominicano/?swcfpc=1
Title: campeón del torneo invernal Dominicano

Search URL Search Domain Scan URL

URL: https://emisorasdominicanasonline.com/
Title: EmisorasDominicanasOnline.com

Search URL Search Domain Scan URL

URL: https://www.conectate.com.do/articulo/estadio-quisqueya-santo-domingo-republica-dominicana/
Title: Estadio Quisqueya Juan Marichal de Santo Domingo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=np3z83xjdy9DUFBFdmdIWm9MaThEem11U2swRWNoa0dYb3A4dkNOb0l2Q3N0cFMzc3V2aUdEdkx6YWxUdmJnR3JDa3M4SlpYQS8zdGhSY1RWSWszbktvK0Uza29JdDlFVllLMERqR2dWaTgwZWhPTlljdm91SFVZY1NZUFBsVGRyY2dOQ1doVVcrZDZZUnpVOW1panZrYU1Zd2xIQXh1bWlINTdsQncvTXVEOEZuN1pkd1BJOGJLajl3d3RySTk3WVVrdEhuckc5a0VCN0dicFVGSFZ4U0ZvRkJCM0R6c21MSWI1ZUM5NEU3V2RyWEZESHJXWm9TNDZYQ2EyQStmTVBReTVqfA&cppv=2

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 151

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 166

https://gum.criteo.com/sid/json?origin=publishertagids&domain=pelotainvernal.com&sn=ChromeSyncframe&so=3&topUrl=pelotainvernal.com&bundle=6T9FXl9SVTZQZGJJMWR0WVpHa2s0dDhxaENCTEhXMGNyb0gxQ3c0NmVmYTlIeWtCUFBMaEtMcWFIWm8zTlcwUnpKVGgyTUM4Qm9CQiUyQnJCZWsxdCUyQnpKZXFwRTEwNmYlMkZCVVVNd1ZYUmpVcEZ3SmVmV1JWM216V2M1Tk9SUFdGRkF0MjZ6RA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ZRtlenxNYUNxTnU3U0pwS0F1ZDZtcmFjS0NmcWdicDB3bms0dU5IZDY0L2x6WU1Eb0pSSkcvVE5FZ2RVVzFUQnBseFhjWUFTMzYvL1ZReDkyMVYyZ2FWMTd1VUIvWWlidWZDc3VCU2Q3V1BydFhpdFJZc2dleE9WSUtuZDQ4MzlRZjFsbDJualM0MkFwQVJIVTU0STJkRm0xMUd4UFVRTmRXYWxsWi90MWZLdXcrcnNGNTl6bllYN1A2NlgvWWxrYUVndGlWanJ3TU9RNEhpZUVNU3VRVjNGTnpHajFyb3EyOWgxU0poRlgvdFNTMjdSVHdtcWhaVEhUcHBuQTV5UHM0aWdDNzBIbEVKTzgrWFp5cEJyWE03NHB4cVhTdlNjS3o0K0ZSNldKbDFlWHZ0ND18&cppv=2

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQMVD7k6rUIRaPiUL20u34&google_cver=1

Request Chain 176

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4B4O.HXio-xJTCGVOkdTwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQMVD7k6rUIRaPiUL20u34&google_cver=1&google_hm=2

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKGnKPO_xrmc7Yk9pTB9fww&google_cver=1

Request Chain 178

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5MjQ4MTI5ODI3ODE4NjgxMA%3D%3D

Request Chain 187

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDF0Ox_TCmHkP_zpgu7VC8I&google_cver=1&google_push=ASkJ3FaBfZl_kipyCq60wKqrTnxDoxlJg-tRGu9aupHoWNa5eZ3pvpnba4bYJDD7e0uJIWf1uHYjOEPm41TOI4P0eocdoSvyTO3I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaBfZl_kipyCq60wKqrTnxDoxlJg-tRGu9aupHoWNa5eZ3pvpnba4bYJDD7e0uJIWf1uHYjOEPm41TOI4P0eocdoSvyTO3I

Request Chain 188

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBCu7Z4jow_PKdxc1UI1FLs&google_cver=1&google_push=ASkJ3FbSHAIOYkQh9--5btBzt5IYdA7hOOxofFkywsey9JzKHFRiQFm1luBL-UWCIZsygoOMaXVD6Qnri07nOrGSBl4l1AGkrWMO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbSHAIOYkQh9--5btBzt5IYdA7hOOxofFkywsey9JzKHFRiQFm1luBL-UWCIZsygoOMaXVD6Qnri07nOrGSBl4l1AGkrWMO&google_hm=QkkebRq-RFm7jeoeILIc8KI

Request Chain 190

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEML-b6u4SclWSLOscZHYNuQ&google_cver=1&google_push=ASkJ3FZJ95mcxRlCR6pFyGRJMCDglilzo5mmLvkNwdqkawjVsURzolwzYo1CqlmSpHrIacOXqzKQGmkwYHsTRdAxBhHSS_l4_g6w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2OTg2MjgwNTg2OTQ5MjM2NA%3D%3D&google_push=ASkJ3FZJ95mcxRlCR6pFyGRJMCDglilzo5mmLvkNwdqkawjVsURzolwzYo1CqlmSpHrIacOXqzKQGmkwYHsTRdAxBhHSS_l4_g6w

Request Chain 191

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPogtKDkJVm3hV062Pqtsu0&google_cver=1&google_push=ASkJ3FZyMCAv49e9uB5kqVk-qpeS8kjEWq1er7OrPYIum5s9R-xCJ8s2ZejmkZBnStTBKO5me5T_ecZdk9hkXN2AlEezO77BNQ8i HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPogtKDkJVm3hV062Pqtsu0&google_hm=Y4B4O-HXio_xJTCGVOkdTwAABJwAAAAB&google_nid=index&google_push=ASkJ3FZyMCAv49e9uB5kqVk-qpeS8kjEWq1er7OrPYIum5s9R-xCJ8s2ZejmkZBnStTBKO5me5T_ecZdk9hkXN2AlEezO77BNQ8i

Request Chain 192

https://match.360yield.com/match/ebda?google_gid=CAESECGpRyCf286gKniyiaXSQu4&google_cver=1&google_push=ASkJ3FZThDhBxP_pTm7MKj6E_iuqyp2-Xa8lpttUG8yI65IW5oESYoMLUAxHwYVOg9fHtvxVJnDLJ3hX4bjX-cXevH6VzFwuaPxB HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECGpRyCf286gKniyiaXSQu4&google_cver=1&google_push=ASkJ3FZThDhBxP_pTm7MKj6E_iuqyp2-Xa8lpttUG8yI65IW5oESYoMLUAxHwYVOg9fHtvxVJnDLJ3hX4bjX-cXevH6VzFwuaPxB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=iVMXv7dZQi2mqtmVqnX0fw&google_push=ASkJ3FZThDhBxP_pTm7MKj6E_iuqyp2-Xa8lpttUG8yI65IW5oESYoMLUAxHwYVOg9fHtvxVJnDLJ3hX4bjX-cXevH6VzFwuaPxB

Request Chain 238

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=0

233 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pelotainvernal.com/ 87 KB
16 KB 489ms
255ms Document
text/html 52.22.201.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.201.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-201-165.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 828afa4f1d92f10b3290885eb515207174be45f56c19b47743b1b795410c1f75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 25 Nov 2022 08:09:28 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/ 160 KB
25 KB 66ms
28ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/bootstrap.min.css

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd558b6b0fa8256504d6f1796203c55c540013d7d4021f79241476f3ac49dac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21509258
x-jsd-version: 5.1.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19165-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"28033-Lut6yvcPnqX8AiDhXoU9TgvRAp8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOc8kISvZ0%2B0pfHl1REj5kboFtgSH8M8jbfksrplWVupxCaxtcSIXFenrfr8l27MsZrqgZ3dkEQSYGimbyBd6%2FFpBlDpKzQzOYrh2GfMJ%2BaBxc9CBNkqQgdhiJm2y8rKaenNq4TGJkPm7bDki%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76f8e704ece49191-FRA

GET
H2 200 responsiveslides.css
pelotainvernal.com/vendor/slider/ 490 B
421 B 110ms
109ms Stylesheet
text/css 52.22.201.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/vendor/slider/responsiveslides.css
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.201.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-201-165.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2017 10:38:14 GMT
server: nginx
etag: W/"59dca316-1ea"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 site.css
pelotainvernal.com/css/ 18 KB
4 KB 112ms
111ms Stylesheet
text/css 52.22.201.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/css/site.css?v=2.50
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.201.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-201-165.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d74835ebc144bb92d18a970ca79cae0840c356a5967bb1d1d9428c32c183cdb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: gzip
last-modified: Sun, 26 Dec 2021 10:53:15 GMT
server: nginx
etag: W/"61c8499b-4711"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 141ms
51ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 07:21:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 08:09:29 GMT

GET
H2 200 smart-app-banner.css
pelotainvernal.com/js/smartapp/ 6 KB
1 KB 112ms
112ms Stylesheet
text/css 52.22.201.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/js/smartapp/smart-app-banner.css
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.201.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-201-165.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 43ed01782a52f74351b31f996f02f0761540c3af7cdbd0693891a3e5abcfa3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 12:50:23 GMT
server: nginx
etag: W/"5bc8818f-17b9"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 166ms
83ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8240816fc4f0aee7a3cf5fa5b14f43e7079afc941f4988e1f7700b09c3fe5d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49296
x-xss-protection: 0
server: cafe
etag: 8510319293057173108
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 08:09:29 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 129ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1402 / 766 of 1000 / last-modified: 1669244741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 25 Nov 2022 08:09:29 GMT

GET
H2 200 pelotainvernal.js Show response
flower-ads.com/tag/pelotainvernal/ 227 KB
68 KB 437ms
228ms Script
application/x-javascript 2606:4700:20::ac43:4b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c6db40b1b69c1b5e2d8f6c5ead3e19e6b99819d70b3d24e3e07b9a88632b02e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 19:39:25 GMT
server: cloudflare
etag: W/"38c49-637e76ed-0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OHWIwF6%2FZXcu0bG%2FFBflZDy610tl%2BmkcjatjkdyFXXx5ypMsZBCmscU%2FDaxitl7ntD%2Bcsl1dd3LcVp8zu54PRV8uNeBAfhr007REKs%2BGZXpHNnWrbJDAO4jXuK4uPd2nQ89SMlZTxh0tmOy"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=300
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 76f8e707790dbb50-FRA
expires: Fri, 25 Nov 2022 08:12:50 GMT

GET
H/1.1 200
OK 7902d366eeaba88fdaf00c9aad70217a.png
s3.amazonaws.com/cdn.baseball-new.com/ 4 KB
5 KB 352ms
123ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/7902d366eeaba88fdaf00c9aad70217a.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ffe1619d0cddcd71c73eb41dcf1bf9219646f36b90667b3746c8a6771375fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Sun, 22 Nov 2020 13:46:40 GMT
Server: AmazonS3
x-amz-request-id: 7WMGTJ5DSCYM8VW1
ETag: "883334535bb63d443032135b065e0884"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 4585
x-amz-id-2: m1UB87n8rPEYIjeOJCI0YzZpiVHtljsKdkQckYegPU0umW3X8dcsuilueoxUAAzyQWExyHDoIg1gyoHf3ABJIg==

GET
H/1.1 200
OK f0fb0b8bc2a38afca24fa01fd5f74635.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
12 KB 350ms
121ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/f0fb0b8bc2a38afca24fa01fd5f74635.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 87ec184cd9b3cfb5ccbf631c766fc0d6b01d8811184a5f6f49f2ec528429dad4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Sat, 14 Nov 2020 22:58:57 GMT
Server: AmazonS3
x-amz-request-id: 7WMQB4FN7HRFRT9M
ETag: "c8fac8558e3e9e13ca76375e6b1e95fa"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 11566
x-amz-id-2: ZmyJg4CHpDLinK4d8FD+o2HGh4EW8pT0hv9oBX7UtGs2fFriBrdR47BgxYzU8cgFIIg9yLrg8zEz7IeTLVn9Ag==

GET
H/1.1 200
OK bc83c5669a23ea41ef5f755bfbd50ebd.png
s3.amazonaws.com/cdn.baseball-new.com/ 12 KB
13 KB 353ms
124ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/bc83c5669a23ea41ef5f755bfbd50ebd.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 19737707017ce7f188707e1e6fbae40088945cb235a8c37971b507b97d771a4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:20 GMT
Server: AmazonS3
x-amz-request-id: 7WMNFV2DDJDS9N73
ETag: "97c26d2ba9057f036660b0f2c8b181ab"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 12564
x-amz-id-2: wiCQs14BmxPiAc8aoq4GhUYGiD3AM8nHEUJGTzYl4vRJ4GVAywobtbz1IIRN3t8AVbTsKclmBwp+OEuhDqP93A==

GET
H/1.1 200
OK 0d180431331e93a791f23a77d4b94122.png
s3.amazonaws.com/cdn.baseball-new.com/ 12 KB
12 KB 351ms
122ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/0d180431331e93a791f23a77d4b94122.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a67612c801d54b2817687d2155b63f849b671d96ffd423cb77b36b0b66fa2192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:14 GMT
Server: AmazonS3
x-amz-request-id: 7WMTEKD8NGHPDQD5
ETag: "1fc02092dc83a776e055b8df83f64b50"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 11790
x-amz-id-2: ahxWhILjSiEnUvttsSyupUnwPDUSwhxpNjP24F1jliXG6HzzDdRy7ivRbnidT0b685f5KcJIkZ2nfG7o6cNKgA==

GET
H/1.1 200
OK 3657a463e594aec7d83697355ad2e541.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
11 KB 339ms
122ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/3657a463e594aec7d83697355ad2e541.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 09778ab5d08d1983b0ba1d423603b1b0f2214947ed465534dcc9ac047bf929ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:02 GMT
Server: AmazonS3
x-amz-request-id: 7WMVHV9EYG1PGXF8
ETag: "1375b3cdbbeb3aa10a2abef1543beafd"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 11177
x-amz-id-2: RGF36A2KOro1UNUrdLopwiCDr2epo0Z5vlnVetwH2NINyUtWt77u0xMDPcTctGDRjQtiMlByONFZPulPfTa7RQ==

GET
H/1.1 200
OK d8b8a0a312b685f33e63d453b0d2db83.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
11 KB 338ms
121ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/d8b8a0a312b685f33e63d453b0d2db83.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bac0705d11ffc896d765dc3507e2ad3abb961795b05bb857039ca92f649a0745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:09 GMT
Server: AmazonS3
x-amz-request-id: 7WMVCVN1FY4QMZXA
ETag: "d00fe6039c67811cd9e76529a3d298df"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10968
x-amz-id-2: 6b8iGdUx6JVdENvSeVRz4+XJ9asnlrknbMkq4CIyuFwCwC2R9sNK/S0fIqX3cAinWJQuogalqR9FuJu1KA9iKQ==

GET
H/1.1 200
OK 9888ecc384811ab5781b0310ae9401a9.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
11 KB 128ms
127ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/9888ecc384811ab5781b0310ae9401a9.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 36c2343f3359688c9948184e631420db683b3d1a105206fcf76f1354c106425e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Sat, 14 Nov 2020 22:58:50 GMT
Server: AmazonS3
x-amz-request-id: 7WMPXX6Q8VM1Q938
ETag: "25b21a978a769c711a8cc5c6fe2b22a9"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10966
x-amz-id-2: qoginpn07D2x6AznXZvAsRiiZBXBSWwe37YOJm/5n1wUHzyBb9320zrXmT9x7RF1tWaJAJDNwSY0LuUOaLjltA==

GET
H/1.1 200
OK c7c5d314bd780195ca2739e007b04e63.png
s3.amazonaws.com/cdn.baseball-new.com/ 10 KB
10 KB 126ms
125ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/c7c5d314bd780195ca2739e007b04e63.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 47f719c1691461a5d778135c0512d51c87f8eea39be7ddad829830925902674b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Tue, 15 Dec 2020 13:21:55 GMT
Server: AmazonS3
x-amz-request-id: 7WMSR1KDFWZW1R3S
ETag: "344653c6dda80cd480444be1aef2a807"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10027
x-amz-id-2: 5SEiRyeqAiQJ+SwTgntP97YWX1+SIfjjVxoOSZmgYyz/kxxe8p6k1jHhHVQh35fX4+VK8UF7c+2+jTX1Ty50Wg==

GET
H/1.1 200
OK 8f6f2a20b0b9cd88bcff3b93bdd9c615.png
s3.amazonaws.com/cdn.baseball-new.com/ 8 KB
8 KB 126ms
126ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/8f6f2a20b0b9cd88bcff3b93bdd9c615.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bdbbb447bf69f791cb6717a186852f2b9661ca900a74d8235d37ef9ed65ac0dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:04 GMT
Server: AmazonS3
x-amz-request-id: 7WMG5V5M6J9STYF1
ETag: "f372c04545a398bbcfd0256f8e49d1ac"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 7971
x-amz-id-2: qL8Ev81GUPE4KJDlw4uEmIimjGCIG7cjWNO8vUAVmn5mefRNE81sglmij5iUjyB+VhfKMKJECRHZh+fEj9V0bA==

GET
H/1.1 200
OK fa5ccb26f0dc095843644942bde4b7cd.png
s3.amazonaws.com/cdn.baseball-new.com/ 10 KB
10 KB 122ms
122ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/fa5ccb26f0dc095843644942bde4b7cd.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3aa5cdd18374b285ddc76c94ee1735df8b3e518cb7202fa7feec77a3b13437a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:20 GMT
Server: AmazonS3
x-amz-request-id: 7WMNKZSB11XWF53A
ETag: "687caec8c60c4146282dc57feb116506"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 9897
x-amz-id-2: WgXtkrdL9+B96wY0bg8Rl8HUWmS3ZKW6VFvRBTe1C9hpjUccua5BMZAyC3Xs2rXnw7Ft9bJgNziZx793QYZLsA==

GET
H/1.1 200
OK 0ac73fe9baac5a44d5760cf8eca6394f.png
s3.amazonaws.com/cdn.baseball-new.com/ 10 KB
11 KB 117ms
117ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/0ac73fe9baac5a44d5760cf8eca6394f.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cd257ced5860b54b3c71dd2e1c9704a552f0c2be8e63ef42cdf47e05293da1bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Sat, 14 Nov 2020 22:57:44 GMT
Server: AmazonS3
x-amz-request-id: 7WMGZH593E56P8VW
ETag: "757f209841921bd84efe00e6415c5118"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10369
x-amz-id-2: HQIAzuxoB2wtfTHfGCPlMha9Uj/ErgQS2KBhViNoJuLTC/uE1nga4vd4b6xt+4f74bditokJEJL7iAo24hzSfA==

GET
H/1.1 200
OK 4a9533cbf5e05f2abc7515331906d891.png
s3.amazonaws.com/cdn.baseball-new.com/ 8 KB
8 KB 117ms
117ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/4a9533cbf5e05f2abc7515331906d891.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 52084175f1ddbd7e4168245880f4dd0c69cedbcac6096306ecae4e56181ad545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:12 GMT
Server: AmazonS3
x-amz-request-id: 7WMV0KBYRW185YPG
ETag: "aad87560e4512c4693466db607703d76"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 8155
x-amz-id-2: AcPZvxahiGVXU5pLHwWS+d0+KziXeaWBGhbJFz8Ll7aY4jx0Fis1UqTu3pqBnvMAtms+GlxONfd+K9tSojmGng==

GET
H/1.1 200
OK 45017492450cd1f4a0003643f186f5a3.png
s3.amazonaws.com/cdn.baseball-new.com/ 6 KB
7 KB 115ms
115ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/45017492450cd1f4a0003643f186f5a3.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b59274b06fc793177aedbfa4b52d6d2571528266198414ae2b1795d7d87bff48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:30 GMT
Server: AmazonS3
x-amz-request-id: 7WMZTE1P9H2B50JR
ETag: "d5e4057bad41787bb08c8c943e446a95"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 6654
x-amz-id-2: zxPgRgMZOhmBoUQuGaxyC+GnC7bNEIQ4CijGnYBvd2dD0d9LhmyPg65n6n/R/S4Y854fOhzc7CN9p1NVO9zD+A==

GET
H/1.1 200
OK 0ac7c75550df48fba0d82e80f05a0e63.png
s3.amazonaws.com/cdn.baseball-new.com/ 7 KB
8 KB 116ms
115ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/0ac7c75550df48fba0d82e80f05a0e63.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 14fa937604e0fd3f7f1f8fa5daa5ab7e25052e1b1b826688b0109fac4251bf6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:47 GMT
Server: AmazonS3
x-amz-request-id: 7WMXV72M59SX1A1D
ETag: "e5144af4c4398b7856b08750c111a29f"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 7432
x-amz-id-2: yjZ7Gq0uusO1+aZNJIwj/NJs0LNqAEIyf09CiHygPypP8kcOrtqnbCDTH/rN7zZ3XD8vrJqmVAZWGlO7lK3SEQ==

GET
H/1.1 200
OK b91a8061b0b3557371fed15068f48586.png
s3.amazonaws.com/cdn.baseball-new.com/ 8 KB
8 KB 115ms
114ms Image
image/png 3.5.20.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/b91a8061b0b3557371fed15068f48586.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.20.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee735ad9351455e1417cd144ed24de18f6311c98a1284b55cd59fd0d25489d22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Last-Modified: Fri, 28 Oct 2022 15:31:56 GMT
Server: AmazonS3
x-amz-request-id: 7WMTS5ZF54D7CR3Z
ETag: "780b528b59b0bc2a422527bb6507da39"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 7952
x-amz-id-2: Aij+PJjpeAweeMQT04lgdky4IxmmdAhXFV5hhsMf3rtiAn/dfCi/BO1O4uuSjVIHV5xJhffplqz59cvKqSGTXA==

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 69ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15283"
vary: Accept-Encoding
x-hw: 1669363769.dop226.am5.t,1669363769.cds222.am5.hn,1669363769.cds255.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/ 58 KB
17 KB 30ms
28ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/bootstrap.min.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e9276746ee6d70a75d8362ddd8e20aa1ce8a008c8e39c66a9e05b758f636d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21508918
x-jsd-version: 5.1.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19178-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"e753-WcAbHa+/9xO8ID8ILaCWP92iBPQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C42pe9hOONgfkCshN%2BhIngWdFMVL%2BN2Tt3hwMdlw3TkwfGCTAHfQOESn8HAAYjx%2Btt%2BgyBiX8jBlzE3snawMbr996DoSANRxM3pBtY8qKZKuzGO6vqRP035Crpvqiaf5VYJq74UhDhdvy5QI0Js%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76f8e7060f539191-FRA

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ 50 KB
16 KB 43ms
24ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/moment.min.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5744239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15476
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-c909"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkoGisiJAbhnysd0AtQcBwXbXFXp8N%2B7b8tGD2XRULNjrdDCkaxq2jnyYuUfMEGrwhnL5tUgAwLVKrlVczpspN0ZG99USk8H5PJ1rhRpRyY%2FJJjYuirazQi3wMyrz3KuSdkrU1bfVu%2F88RM2CVcNQwCe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76f8e70649a59bbc-FRA
expires: Wed, 15 Nov 2023 08:09:29 GMT

GET
H2 200 knockout-min.js Show response
cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/ 59 KB
20 KB 44ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/knockout-min.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 20093290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19879
last-modified: Mon, 04 May 2020 16:11:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ecf-ebc2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FUBXX4MfyJCnT%2Fd87e8oVl3GMHZqKho7wjXvi6Crnhgn%2BpllmCzf3CaKDCOW9Bq4OFDtE2nH7kuu4NnVxWG1SHkqA1jTbrwfut7o4B2KdBxIFaPA4wW9pu3pGwGwo4pAZuhS5KFlbf1ADETPf1ZQvjg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76f8e70649a89bbc-FRA
expires: Wed, 15 Nov 2023 08:09:29 GMT

GET
H2 200 knockout-switch-case.min.js Show response
cdn-conectate.kiskoo.com/web/js/ 3 KB
2 KB 66ms
20ms Script
application/javascript 2606:4700:3031::ac43:b7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-conectate.kiskoo.com/web/js/knockout-switch-case.min.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74df90f5f0e27dd5df2470215692754169878aa5443c25a3515e1768e3db03b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JGR84PJB36PP8GBG
age: 4511
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4k3loKRuxczW5xhVHJs+HyNSmhgrgl1AGrbwBTEpXRd9T5F1aFn47ksIkJKNNJsG9z7MQQcnd+k=
last-modified: Sat, 13 Oct 2018 08:10:55 GMT
server: cloudflare
etag: W/"c6682e07d18a5a4b0209d9351134154e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzCaP1FkaSKwVrD3RhbQy5mWs13pqttyC8L7aVxgbPqJcP5yFdYK3hNGu0wfFyyllV%2BRu2JYiC2JO3NyFsF7NznV1SVAGsHebg0PfQCxOXmo8ud%2FxfpURaHt1W3%2Fr2Sx%2FLf9d7eEHL8v6ANG0mReZSDk9hhY4CQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 76f8e7067c485cb0-FRA

GET
H2 200 game-socket.js Show response
cdn-conectate.kiskoo.com/modules/sport/frontend/assets/js/ 1 KB
916 B 281ms
236ms Script
application/javascript 2606:4700:3031::ac43:b7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-conectate.kiskoo.com/modules/sport/frontend/assets/js/game-socket.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 008be15ff7db879ddccb3bf415d1143924af4eca6d1dd5250726ac423624f9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XSDSJ9C8FEV4K8AB
x-amz-storage-class: REDUCED_REDUNDANCY
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6Pvc2fEBgkNR2sZTwZJ66sKgEgDsg0vyL0NV0jYtAupeHqaLGApzs1eWS5G66138wvnRLS5lFbc=
last-modified: Wed, 24 Aug 2022 17:10:05 GMT
server: cloudflare
etag: W/"0b6216bc1faa63361b5940d7cea9db21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LbVlU%2BZ%2BA7hSHJjY9xNdpENFIiKCrTUrs2E3t%2B2bdLwEu1PcFEVgrs1UbvFz1JK6gIAOH8u9VMmKVYzK9kxqXzWrq9z1hmy7c6%2BKjuwatWvN2MJWA2oP7i6FSgU3%2BRsCq8U4s%2BWEGZnWV1oTQ3bq7kOXslFC3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 76f8e7067c4a5cb0-FRA

GET
H2 200 responsiveslides.min.js Show response
pelotainvernal.com/vendor/slider/ 3 KB
2 KB 112ms
109ms Script
application/javascript 52.22.201.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/vendor/slider/responsiveslides.min.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.201.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-201-165.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2017 10:38:14 GMT
server: nginx
etag: W/"59dca316-d44"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 smart-app-banner.js Show response
pelotainvernal.com/js/smartapp/ 17 KB
7 KB 113ms
110ms Script
application/javascript 52.22.201.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/js/smartapp/smart-app-banner.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.201.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-201-165.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1e894e7cf7187c224f386656a508446013f4cd6edea742f5241ce57258db06c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 12:50:23 GMT
server: nginx
etag: W/"5bc8818f-444b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 132ms
50ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-19230497-1

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

efac88c2f2439222107ca2ae41d82544bb7ed444eb6caaf7413e0288dbbb983a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43607
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Nov 2022 08:09:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 323E 10 KB
5 KB 120ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:56:45 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 15:56:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 199 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 120ms
37ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pelotainvernal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 44834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 19:42:15 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 170ms
93ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80093605a22befa775b690e52747978417f06c28b7af86c4d7664d8c55fa2c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119597
x-xss-protection: 0
server: cafe
etag: 697907229813480627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 08:09:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 108ms
47ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pelotainvernal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 314677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 16:44:52 GMT

GET
H2 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 20:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Nov 2023 20:48:02 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 127 B
719 B 153ms
71ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pelotainvernal.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c54527742912dc24ffdbc35d926d8d76f016b8258e9ebb94dfb50a729d6901df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84
x-xss-protection: 0
expires: Fri, 25 Nov 2022 08:09:29 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
702 B 128ms
45ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pelotainvernal.com&callback=_gfp_s_&client=ca-pub-3139134883708761&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c264c6738cab783ca0323d51c3d2d534f323e0934b9e6be5a13839b9029c6617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 130ms
47ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 137ms
49ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DAB8 117 KB
34 KB 1017ms
937ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1669363769&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769314&bpp=3&bdt=257&idt=268&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=7750487750825&frm=20&pv=2&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LP5JG2isTv&p=https%3A//pelotainvernal.com&dtd=286

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

361126b8b4218f682addf50e6ff5aca6840ac9f877b24a667959dd66dfd71aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34964
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 08:09:30 GMT
expires: Fri, 25 Nov 2022 08:09:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E6D7 78 KB
30 KB 732ms
661ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1669363769&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769320&bpp=1&bdt=262&idt=286&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=7750487750825&frm=20&pv=1&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MgsUv02AGs&p=https%3A//pelotainvernal.com&dtd=290

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50437c317b35574b3e8d2a76ecaa4776636a8751b0b38907e9f8f2905738866c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31028
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 08:09:30 GMT
expires: Fri, 25 Nov 2022 08:09:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BFB9 99 KB
33 KB 1615ms
1551ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=250&slotname=9665504044&adk=3379964164&adf=185437339&pi=t.ma~as.9665504044&w=300&lmt=1669363769&rafmt=12&format=300x250&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769321&bpp=1&bdt=263&idt=293&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100%2C728x90&correlator=7750487750825&frm=20&pv=1&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1149&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=z49oRm62Dr&p=https%3A//pelotainvernal.com&dtd=296

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86738ba26e3464849f369a4a436f56f6ee61c177be2ca956953da66b1f83f86a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33442
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 08:09:31 GMT
expires: Fri, 25 Nov 2022 08:09:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 347 KB
92 KB 46ms
8ms Script
application/javascript 99.86.4.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-108.fra6.r.cloudfront.net

Software

nginx/1.20.0 / PHP/8.0.14

Resource Hash

1c702086d4312dd034fbad878dcf1074ced6df886ff52d564f71269d71067360

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:21:57 GMT
content-encoding: br
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Fri, 25 Nov 2022 07:21:57 UTC
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 2852
x-powered-by: PHP/8.0.14
etag: W/"7753f1c2f09978ffbd644c815b8cf78f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: rbFDoU-vhNF3RD-M29L_ZvuTed1FtsKYBZlclFRCX0mdHTYmEjtiUA==
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 0
503 B 163ms
81ms Other
application/webbundle 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=552620077383395&correlator=1540526664644126&wbsu=b2394db6-c13a-42cf-926e-9969d972503e&callback=googletag.wbn1&eid=31070919%2C31070839&output=wbn&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=40135427%2Cpelotainvernal_Video_Intext&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=1276542802&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1669363769749&lmt=1669363769&dlt=1669363769058&idt=567&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=1600x1200&msz=1x-1&fws=0&ohw=0&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 473
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: application/webbundle
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
UUID-IN-PACKAGE 200
OK b2394db6-c13a-42cf-926e-9969d972503e Show response
/ 599 B
725 B 163ms
163ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

uuid-in-package:b2394db6-c13a-42cf-926e-9969d972503e

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

UUID-IN-PACKAGE

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

7d2d7d3c2d107114254de2051e79592b36ce970050abc6763356b9322d66613c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpelotainvernal.com%2F&tn=NAV&id=w0&cls=navbar%20navbar-dark%20fixed-top%20bg-dark&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB32 271 KB
66 KB 621ms
619ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&adk=1812271804&adf=3025194257&lmt=1669363769&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fpelotainvernal.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769766&bpp=2&bdt=709&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100%2C728x90%2C300x250&nras=1&correlator=7750487750825&frm=20&pv=1&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45d92b59f4c6b5da2eb86bc68bf0de0ed05551977d488b00adda78f0b6e33441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 67480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 08:09:30 GMT
expires: Fri, 25 Nov 2022 08:09:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-19230497-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 07:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2680
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 25 Nov 2022 09:24:49 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1402 / 653 of 1000 / last-modified: 1669244741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 25 Nov 2022 08:09:30 GMT

GET
H2 200 prebid7.25.0.pelotainvernal.js Show response
flower-ads.com/tag/pelotainvernal/ 316 KB
97 KB 199ms
199ms Script
application/x-javascript 2606:4700:20::ac43:4b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3521616fbd1415fd86988bfc9773f6044497f54354e0b924f7db878f91c1af83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=324455
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 18:22:14 GMT
server: cloudflare
etag: W/"4f367-6373d8d6-0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SYPsA%2BxVzcKBAGAWcMea92uv4kanN8TgIh1YkPM1ySrnOzRj%2F%2BhgR%2FZs6ocFAB7R97PA9gYiMkLPNTWXSXRVbAR%2BTDqTQYbATRkWdYzNISUmcx9VNAhLh663itrE0HD53fvgniXkX4vVyB3"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=300
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 76f8e70ccc25bb50-FRA
expires: Fri, 25 Nov 2022 08:13:23 GMT

GET
H2 200 2717-2424-01.js Show response
t.seedtag.com/t/ 41 KB
13 KB 103ms
65ms Script
application/javascript 104.18.131.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/t/2717-2424-01.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.131.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e534b2d451a43296a69ebbcf1aa5145ac5167cc5f4b0f2ea5e6f824446a84d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"a2a2-lJsuCzoGCJaX0aQqI9tf/W/zxCg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
cf-ray: 76f8e70d4e0f90b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 25 Nov 2022 08:29:30 GMT

GET
H2 200 4670604829633432176
tpc.googlesyndication.com/simgad/ Frame E6D7 15 KB
15 KB 135ms
50ms Image
image/gif 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4670604829633432176

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1669363769&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769320&bpp=1&bdt=262&idt=286&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=7750487750825&frm=20&pv=1&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MgsUv02AGs&p=https%3A//pelotainvernal.com&dtd=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6a1d3901e4cba2c5f626079b5099734731dae57084f5c00630f257547778763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 23:42:51 GMT
x-content-type-options: nosniff
age: 462399
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15063
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Nov 2023 23:42:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame E6D7 23 KB
10 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 07:15:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E6D7 3 KB
1 KB 82ms
50ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 07:15:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E6D7 18 KB
7 KB 76ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:34:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6D7 154 KB
47 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 08:09:30 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E6D7 34 KB
13 KB 113ms
80ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 17:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: cafe
etag: 7011066814545187240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 17:43:01 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 121ms
33ms Image
image/x-icon 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 14:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 14:43:14 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 83ms
23ms Image
image/svg+xml 23.53.169.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.53.169.70 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-53-169-70.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Sun, 25 Dec 2022 08:09:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E6D7 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXEzTOXiAY-yULKGQ-cAPro-C2AeqsPTJbf35g4fPENrZHhABIK2Q9B5gleKQgqAHoAGe2_vJA8gBA6kCmCP7z1x3sT6oAwHIA8kEqgTTAU_Q5OyaJ0ngfJ3qVdC-2oLy9B3wSnrj64PssE15hyeu26KhopliyAt8q7svDOYm7nicJ5ihIv3wGhdm_IVM1GREjWO2ve8pUudHJh9_r5z6NIbbtT6sC4LObuVGhDfH-fqvLCpzOShvlCG7SBjlmGpMl_zcxC1-BJZh7h1aUVD0YmncyhBH-PiTnE28gmqE9AlgJtnbNuU6xel5D50c0Kr_bCawZ0Gq6bKq_pUV3TbqN-4QzfwKzxFOYv0bQU1WP1-UMqgPL2ilqCKL50IoP50aOHPABNyHhs61BJIFBAgEGAGSBQQIBRgEoAYDgAfKpIQ2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQoqgC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMzEzOTEzNDg4MzcwODc2MRgA&sigh=1rZPtV9cvMg&uach_m=[UACH]&cid=CAQSGwDq26N99FfDMSGUdTksyOR4_eUxKMT7ebyJxRgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1669363769&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769320&bpp=1&bdt=262&idt=286&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=7750487750825&frm=20&pv=1&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MgsUv02AGs&p=https%3A//pelotainvernal.com&dtd=290
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 08:09:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Nov 2022 08:09:30 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 121ms
44ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1080671558&t=pageview&_s=1&dl=https%3A%2F%2Fpelotainvernal.com%2F&ul=en-us&de=UTF-8&dt=PelotaInvernal.com%20%7C%20Resultados%2C%20Calendarios%20y%20Posiciones&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=2090275502&gjid=1818905697&cid=481211934.1669363770&tid=UA-19230497-1&_gid=745338117.1669363770&_r=1&gtm=2oub90&z=5420159

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 150 KB
51 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

790082e0d7a95987417ab26e229da916eb4e43693be4544a390eee1d23255666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52286
x-xss-protection: 0
server: cafe
etag: 11845637822931053480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 08:09:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
70ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-3139134883708761&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 st_3.d9c9c717a0f6e769af45.js Show response
t.seedtag.com/c/ 66 KB
21 KB 45ms
28ms Script
application/javascript 104.18.131.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_3.d9c9c717a0f6e769af45.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/2717-2424-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.131.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dd7bad01d529426722b766813c687eb80660b53a21e6637cf096dfc236df6c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 56258
x-guploader-uploadid: ADPycdsa3ERhejqNxbmOIHSQglixBRos6U3y-9L57QGKdhRpCvpFGD5NHf15IA7bE52lKevD5bEOSq9bXTXmwTiqi1Ef0A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Nov 2022 16:31:47 GMT
server: cloudflare
etag: W/"eb25eed13d125f6c31ee2e6b8f9f94be"
vary: Accept-Encoding
x-goog-hash: crc32c=1XJBiA==, md5=6yXu0T0SX2wx7i5rj5+Uvg==
x-goog-generation: 1669307507756343
content-type: application/javascript
cache-control: public, max-age=31479739
x-goog-stored-content-length: 19737
cf-ray: 76f8e70debb49be9-FRA
expires: Fri, 24 Nov 2023 16:31:49 GMT

GET
H3 200 st_2.841a2baf17caaeb79653.js Show response
t.seedtag.com/c/ 372 KB
100 KB 60ms
43ms Script
application/javascript 104.18.131.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_2.841a2baf17caaeb79653.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/2717-2424-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.131.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da1abeb8c4f5f548266e9ee92b607d967800e90b253cee51463371335946989f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 56258
x-guploader-uploadid: ADPycdviDpxwyFntdOSKDF0WvO6jG72gP1FTK7SolnSp7zjIEebx1thVBOQa1N3PnmRgs0rZkTG8PBaaep8HWtPNUGxVcg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Nov 2022 16:31:47 GMT
server: cloudflare
etag: W/"0edb193ed08069fe01dfdf41404560f1"
vary: Accept-Encoding
x-goog-hash: crc32c=7AyiYQ==, md5=DtsZPtCAaf4B399BQEVg8Q==
x-goog-generation: 1669307507780501
content-type: application/javascript
cache-control: public, max-age=31479739
x-goog-stored-content-length: 103067
cf-ray: 76f8e70debb79be9-FRA
expires: Fri, 24 Nov 2023 16:31:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0854 143 B
166 B 41ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1669363769&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769320&bpp=1&bdt=262&idt=286&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=7750487750825&frm=20&pv=1&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MgsUv02AGs&p=https%3A//pelotainvernal.com&dtd=290
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 07:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E6D7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 766fd13c6ac2660275fb24db492b6300363ce343f9a07604402f2cf3a09fc852

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 46ms
15ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 25 Nov 2022 08:09:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 394682
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=np3z83xjdy9DUFBFdmdIWm9MaThEem11U2swRWNoa0dYb3A4dkNOb0l2Q3N0cFMzc3V2aUdEdkx6YWxUdmJnR3JDa3M4SlpYQS8zdGhSY1RWSWszbktvK0Uza29JdDlFVllLMERqR2dWaTgwZWhPTlljdm91SFVZY1NZUF...

362 B
651 B

48ms
17ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=np3z83xjdy9DUFBFdmdIWm9MaThEem11U2swRWNoa0dYb3A4dkNOb0l2Q3N0cFMzc3V2aUdEdkx6YWxUdmJnR3JDa3M4SlpYQS8zdGhSY1RWSWszbktvK0Uza29JdDlFVllLMERqR2dWaTgwZWhPTlljdm91SFVZY1NZUFBsVGRyY2dOQ1doVVcrZDZZUnpVOW1panZrYU1Zd2xIQXh1bWlINTdsQncvTXVEOEZuN1pkd1BJOGJLajl3d3RySTk3WVVrdEhuckc5a0VCN0dicFVGSFZ4U0ZvRkJCM0R6c21MSWI1ZUM5NEU3V2RyWEZESHJXWm9TNDZYQ2EyQStmTVBReTVqfA&cppv=2

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c23043e71b8b0a30570fadfb9f496ef2dcc111217eb12b83e47be244e187b592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1526764
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=np3z83xjdy9DUFBFdmdIWm9MaThEem11U2swRWNoa0dYb3A4dkNOb0l2Q3N0cFMzc3V2aUdEdkx6YWxUdmJnR3JDa3M4SlpYQS8zdGhSY1RWSWszbktvK0Uza29JdDlFVllLMERqR2dWaTgwZWhPTlljdm91SFVZY1NZUFBsVGRyY2dOQ1doVVcrZDZZUnpVOW1panZrYU1Zd2xIQXh1bWlINTdsQncvTXVEOEZuN1pkd1BJOGJLajl3d3RySTk3WVVrdEhuckc5a0VCN0dicFVGSFZ4U0ZvRkJCM0R6c21MSWI1ZUM5NEU3V2RyWEZESHJXWm9TNDZYQ2EyQStmTVBReTVqfA&cppv=2
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 997523
content-length: 0
expires: 0

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
764 B 63ms
31ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Nov 2022 15:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142699
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tP5II5b1UqAwpEwwyb3CuxSf65Rz608%2BWlnNWLU2wYdFIy9UxkHD1cNKRJeF33g2r9zJYn6C8g9s24oVitinkuUftt7NIlE1R8STwkias%2BVjl8QNndMIc58uxHUwIY1avxluQpBvJl%2B6KQFj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 76f8e70eb9189229-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 71ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-19230497-1&cid=481211934.1669363770&jid=2090275502&gjid=1818905697&_gid=745338117.1669363770&_u=YAhAAUAAAAAAACAAI~&z=1657260004

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 25 Nov 2022 08:09:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DAB8 2 KB
535 B 130ms
49ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1669363769&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769314&bpp=3&bdt=257&idt=268&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=7750487750825&frm=20&pv=2&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LP5JG2isTv&p=https%3A//pelotainvernal.com&dtd=286

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 06:18:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 08:09:30 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DAB8 2 KB
765 B 138ms
55ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:55:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame DAB8 23 KB
9 KB 126ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 07:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DAB8 3 KB
1 KB 101ms
54ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 07:15:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DAB8 18 KB
7 KB 122ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:34:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAB8 154 KB
47 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 08:09:30 GMT

GET
H2 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame DAB8 34 KB
14 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 15:35:45 GMT

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 19 KB
5 KB 128ms
50ms XHR
application/json 18.165.160.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7293&url=%2F&charset=UTF-8&ch=8&ref=pelotainvernal.com&viewerId=null&referer=&_firid=97853918
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.160.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-160-89.man51.r.cloudfront.net
Software: nginx/1.20.0 / PHP/8.0.14
Resource Hash: 10d573521f4086736b19e2231a27c55f1f45eefc1184f7e8882293b2e4587c1f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: gzip
via: 1.1 555e22b3a85753def956e3f6736d03c8.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P2
x-powered-by: PHP/8.0.14
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: nginx/1.20.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: 0fkDHkvbTpHZzrxVIzU4vhrbPj9lPeBytBKgKKJBjIy1ylxPqGtotQ==
expires: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DAB8 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cjx_wOXiAY_CZK5KgzQab7onwDqrD1spt67S6sbEQn9-xwLgyEAEgrZD0HmCV4pCCoAegAcSvlcgByAEJqQIb8hCF1tN5PqgDAcgDywSqBNEBT9C8BsMr29pacZoCNn-Jk7h3q4rXCGGpMTTpuorxd8hTFX-fCOqrfbvGOHCESZY4vfFlwnShmpWn3quX67dhDzmLcF47fDKOY6MyexK0xYgjsxXYc3XWoBxiZiondb_msfvSFVNGuwwQMo5WnuSdcvHPAtbpQ95zwY_3mL-srbA900cKlJLzFja4VNNmtwHkOWV-uZcerEGrZ90YMk9Yzj_PytUkT2yOgHcYIt4XJi_TM-r2lSG4zuh08LWfCjZDmcsMNVkAAS4qK6C-oxAwkMvABN6-lY6aBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAek0Oq3AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCy5BXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMTM5MTM0ODgzNzA4NzYxGAA&sigh=P3anSj4Pnkc&uach_m=[UACH]&cid=CAQSGwDq26N9rKyAIo6mpn9i6Qbg1BqSpFL7LtFWRhgBIBM&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1669363769&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769314&bpp=3&bdt=257&idt=268&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=7750487750825&frm=20&pv=2&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LP5JG2isTv&p=https%3A//pelotainvernal.com&dtd=286
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 08:09:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0854
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
52ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 08:09:30 GMT
expires: Fri, 25 Nov 2022 08:09:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 08:09:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FAE 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 21:21:22 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-3139134883708761&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 123ms
47ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 124ms
48ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame B4E3 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77133
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 4EF9 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77133
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DAB8 20 KB
21 KB 120ms
37ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQGUXlN1L_2aNRl2FzZNVYIeOMXPlapUq5GRoLtKIQHw1F_otYben0ieg-MTw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e4e5c0fac4536eff17b006936dea02a3df5792cb31d28b802ae79091279b293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 07:44:42 GMT
x-content-type-options: nosniff
age: 433488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20825
x-xss-protection: 0
last-modified: Fri, 27 May 2022 01:26:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 20 Nov 2023 07:44:42 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame DAB8 17 KB
18 KB 135ms
38ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSqc0J1hFF9dfKi-xe39LyvuJvJwOR0HFAAOTZ5HpxSxaQ6V079nDrIKU14Fw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a743cd50ba72a41a51ab872a12cc5baa0bf3607b33a8d61b711f2dd23ad9205c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 17:12:48 GMT
x-content-type-options: nosniff
age: 140202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17624
x-xss-protection: 0
last-modified: Sat, 06 Aug 2022 06:12:08 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Nov 2023 17:12:48 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DAB8 16 KB
16 KB 168ms
85ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQczberGQeWY_4n8ePaMghpzk8ZlmOaGgBQVck8Zq2Q5GRdKomxRBn7hAHWUA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96ad677197ced49544bf472a19d75623b544c51c5f9093707a286775662665e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:28:03 GMT
x-content-type-options: nosniff
age: 589287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15970
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 05:27:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 18 Nov 2023 12:28:03 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DAB8 18 KB
18 KB 155ms
72ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQsVKKmI2S3zd2NoV9cAO9dnoKjEMTqUgLZh8yDpsOWN6X8QwPslrVegubSyQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f274ac3b912b6364eb221514fd4bae116deb09922a69a9c2f0d13680a1c95074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 08:03:35 GMT
x-content-type-options: nosniff
age: 173155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18122
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 10:42:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Nov 2023 08:03:35 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame DAB8 15 KB
15 KB 133ms
37ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSEnFH_qLnClaMDycHz7XkRI0OVsj8Hz2oPO58ZK6vQ6YU_QlSobleWHko5hto&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd323c3986d208d5ca7998a7f51b50a617d8ef180d40fd75a505d0639c9e0875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 14:53:57 GMT
x-content-type-options: nosniff
age: 407733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15077
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 02:27:59 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 20 Nov 2023 14:53:57 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DAB8 13 KB
13 KB 193ms
111ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTS82YOFbDpV9J2Z6f-pWQicaRG1uaCPciaog4AuhkmcoT9YPLBLOkEx9y20bI&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb273d2093f8ec722d627efbcc773ecd5ed1537f22458a2467f66da02038d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 07:13:20 GMT
x-content-type-options: nosniff
age: 435370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13451
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 03:36:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 20 Nov 2023 07:13:20 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DAB8 16 KB
16 KB 178ms
97ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRRnUUARq1zunaY756r6L_2Ta_RdYR_RNHuZT8UWWFwsnPCtYypmWfRgq_X9w&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02c0de7eaefc489c307ac59ca20691e454735b53ea2f294e293c6f3ac06fbb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 06:52:11 GMT
x-content-type-options: nosniff
age: 523039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16538
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 07:51:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 Nov 2023 06:52:11 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame DAB8 14 KB
14 KB 145ms
49ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSDYCB1l2i1NppqWPBav3QQqpygTQSEhY9jcTyZeLIYzqmOz_ZWwJ7bp7nylQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21fdf846072eadb48dc73730231263480638eb75fcdc8b08f90d796fd2dee769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 17:53:50 GMT
x-content-type-options: nosniff
age: 483340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14513
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 15:28:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 Nov 2023 17:53:50 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
569 B 80ms
41ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=910000
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6812f88d73481c15bf95dace7b4ac17c6b2e58fa2ec683a1ca28ace4914750da

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6er5sV1YWaFB75opkNfPk7twPA2u6bvbNilz78RKbnBarSDsHYDRYDIfioSNTtFWC4ls%2BV2zQDhqUxzMYee%2BpFP8brY3u7%2Bk4c9sRa%2F4bCxaLm%2FjboOFRUxeuA0OfsjZZDfnogp%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 76f8e70fa8025cb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
650 B 76ms
37ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.25.0
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: ed2be51d264b2ea89ef0f7935ab1c3a9b0ed4ec3d2f0a72dc5e5c9008d39f320

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 25 Nov 2022 08:09:30 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://pelotainvernal.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 14 KB
8 KB 292ms
235ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24930&site_id=447118&zone_id=2620778&size_id=2&rp_schain=1.0,1!flower-ads.com,fw0108,1,,,&eid_pubcid.org=cd9f8358-618a-41af-b088-1f6a5467e9e8%5E1&rf=https%3A%2F%2Fpelotainvernal.com%2F&kw=pelotainvernal%2Cposicionespelotainvernal%2Ccalendariopelotainvernal&tg_i.page=https%3A%2F%2Fpelotainvernal.com%2F&tg_i.domain=pelotainvernal.com&tg_i.pbadslot=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&tk_flint=pbjs_lite_v7.25.0&x_source.tid=6d1217ae-7bae-4a17-bbe2-b6d7cab46102&l_pb_bid_id=6567731f4e9b0f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&slots=1&rand=0.1159421934381768
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fcf335290e0360f129801b9f94c5d17a2b9c3ff67a6d92157f37d51f4a3a6899

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
449 B 106ms
67ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a22f99e7019dcec40ef476ac0ce548fccc14ab8ff1eed2a23dc669e66263c31a

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:30 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 76f8e70fbc745c20-FRA
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
606 B 113ms
41ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU15JWV5
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: af5a5de4c1ff78fa4511a8b783e0e623109185441875e3cc364fdce1c290c64e

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 25 Nov 2022 08:09:30 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
366 B 35ms
10ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
837 B 50ms
16ms XHR
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

35e5b0ce5c9825b95615f030bf41dcffdcaae8480341cf2c1388d04f279edec0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 08:09:30 GMT
AN-X-Request-Uuid: 92d531a9-b3f9-44af-b3d4-ae25284308c5
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 157ms
22ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 25 Nov 2022 08:09:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 596227
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 pv Show response
s.seedtag.com/c/ 987 B
1 KB 86ms
28ms XHR
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/pv?token=2717-2424-01&device=desktop&fullUrl=https%3A%2F%2Fpelotainvernal.com%2F&cache=1669363770807&v=-&ft=true
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.841a2baf17caaeb79653.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: af9474e5a7a9093351569e5cb64b9b34596d02e5cd1ede8ead7acf41740f76cf

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
etag: W/"3db-d56IUQUr0/Vgjj1mzqd29BR6edI"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pelotainvernal.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 adagio.js Show response
script.4dex.io/ 74 KB
23 KB 66ms
36ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4DTB9JJ2NTDF1YQK
age: 250835
x-amz-id-2: w6Tib7TuwkFQhbY6jJVUrIfy8/ni00IrCXkH3qwf0IEzBgnLaQiLbE/eGAIn9gQJSi9KNdI0gjg=
last-modified: Tue, 22 Nov 2022 09:44:15 GMT
server: cloudflare
etag: W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLsgBMfvhKVi9rvYMhjySPNtlGsiI8tPMDsGwQRyzhi6XGRMYv1V%2FYvptNnmq5j5EUHl7yqVQvFcBwo%2FYeS%2FNNJd7lN48kyL%2B1i7tzy6wBpYrfGYSrWw3bryc1aMMnJUIbaDZ5%2B1S1g1er7%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 76f8e7100d559a11-FRA

GET
H3 200 css2
fonts.googleapis.com/ Frame B4E3 4 KB
636 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 06:57:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 08:09:30 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B4E3 205 B
229 B 117ms
41ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 01:48:39 GMT
x-content-type-options: nosniff
age: 22851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Nov 2023 01:48:39 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B4E3 604 B
628 B 117ms
41ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 00:26:21 GMT
x-content-type-options: nosniff
age: 27789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Nov 2023 00:26:21 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame B4E3 19 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:55:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4EF9 4 KB
621 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 07:40:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 08:09:30 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4EF9 2 KB
765 B 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:55:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4EF9 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ8ItOXiAY7CcMoKjiQaQ_42gDtr2yZdov8ivrL8OzMeapv0IEAEgrZD0HmCV4pCCoAegAbC6odcDyAEJqQKYI_vPXHexPqgDAcgDywSqBNUBT9Delm635XpzOTZTi2gmHMMKlaOYvbvpOCQdOQ4dOBc6VqhmjSW8B1RqQjy7i_QZfG57LyGShqzNlcxwO1ZlqfkLFQH4Ii0R4B5mQMHm4YzCotV6cue61Q38mXJqwsgkQ8xNjYs1dN_CV9OGNSbnA-I3RbUMk3mTSoeDpFTP3KYCPVOMDJbk9p0t-odh-LFFp0Q-DCIlNLaAmeKyxzosYZs2Q2z-wt2tZvaC-LWwZfu1ORoc98swSwhCiW8-L_eutflKxIKQEQV3Rh5T9Ni13SiEcShWwATJmKmq4AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxfetPqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC01AXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi0zMTM5MTM0ODgzNzA4NzYxGAA&sigh=B_Zn5CF2NG4&uach_m=[UACH]&cid=CAQSGwDq26N9RgELP8OlGAYIEaMz5QlzdYSG37FwuRgBIBM&template_id=494

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 08:09:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 4EF9 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 07:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4EF9 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 07:15:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4EF9 18 KB
7 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:34:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4EF9 154 KB
47 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 08:09:30 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 4EF9 34 KB
14 KB 103ms
38ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 15:35:45 GMT

GET
DATA 200
OK truncated
/ Frame 4EF9 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 4EF9
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

40ms
40ms

Image
image/png

2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 16:26:49 GMT
x-content-type-options: nosniff
age: 488562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Nov 2023 16:26:49 GMT

Redirect headers

date: Thu, 24 Nov 2022 18:59:52 GMT
x-content-type-options: nosniff
server: cafe
age: 47378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 24 Dec 2022 18:59:52 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame EAA4 25 KB
10 KB 54ms
8ms Script
application/javascript 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.841a2baf17caaeb79653.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: gzip
etag: "nAbmxtqHqaYrwBiADJAeFg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 02 Dec 2022 08:09:31 GMT

GET
DATA 200
OK truncated
/ Frame DAB8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06d0490ec82249a34d6533998690bb7b68c6b9a9d216762c0c1fac73b79af792

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame DAB8 20 KB
20 KB 113ms
37ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 208603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 22:12:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5BB8 8 KB
895 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 07:36:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 08:09:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5BB8 2 KB
765 B 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:55:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 5BB8 23 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 07:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5BB8 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 07:15:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5BB8 18 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:34:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BB8 154 KB
47 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 08:09:31 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 5BB8 34 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 15:35:45 GMT

GET
DATA 200
OK truncated
/ Frame 4EF9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 506ed8396a11ac105eee94142f5ed54c9725b8e84e1854acb5863ef3f0bcd914

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 rules-p-PFW5FesqXn206.js Show response
rules.quantcount.com/ Frame EAA4 1 KB
1 KB 49ms
10ms Script
application/javascript 2600:9000:223c:b000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:b000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:40:57 GMT
content-encoding: gzip
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 15:36:52 GMT
server: AmazonS3
etag: W/"a521a7bf6d17b50bc9827eaad4be8ecc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: M7dyURDkRaNSX16iX85cbBR1IdxslHCStbFkkfOqKTZ99tADYkRMJQ==

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 23AE 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 21:21:22 GMT

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 0
357 B 78ms
77ms Other
application/webbundle 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=552620077383395&correlator=1973072053587401&wbsu=29b3d685-ec67-4fb9-aa89-d9df33b1bc28&callback=googletag.wbn2&eid=31070919%2C31070839&output=wbn&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=40135427%2Cpelotainvernal_Video_Intext&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=8&adks=1276542802&sfv=1-0-40&ris=1&rcs=1&eri=1&sc=1&cookie=ID%3Dce1e6d94fa777c28%3AT%3D1669363769%3AS%3DALNI_MYI83i6pUGnYQQqvOquwV2YbGIw-Q&gpic=UID%3D00000b86c5c5e936%3AT%3D1669363769%3ART%3D1669363769%3AS%3DALNI_MauspntqU4os8C1eYOFWXclprFlyw&abxe=1&dt=1669363771146&lmt=1669363771&dlt=1669363769058&idt=567&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=1600x1200&msz=1x-1&fws=0&ohw=0&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 328
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: application/webbundle
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
UUID-IN-PACKAGE 200
OK 29b3d685-ec67-4fb9-aa89-d9df33b1bc28 Show response
/ 351 B
477 B 79ms
79ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

uuid-in-package:29b3d685-ec67-4fb9-aa89-d9df33b1bc28

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

UUID-IN-PACKAGE

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

439c145e487173b205235b16fd6b4c189b7491e1352623a64f477caee582dde1

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 0
10 KB 414ms
414ms Other
application/webbundle 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=552620077383395&correlator=1973072053587401&wbsu=e0ade5ec-6b81-48ef-803f-2e6ae133210e&callback=googletag.wbn3&eid=31070919%2C31070839&output=wbn&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=22304838115%2Cpelotainvernal%2Cdesktop_inread_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=9&adks=1811199381&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D1698530af6ff6b7%26hb_bidder_rubicon%3DITBHB%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D1698530af6ff6b7%26hb_bidder%3DITBHB&eri=1&sc=1&cookie=ID%3Dce1e6d94fa777c28%3AT%3D1669363769%3AS%3DALNI_MYI83i6pUGnYQQqvOquwV2YbGIw-Q&gpic=UID%3D00000b86c5c5e936%3AT%3D1669363769%3ART%3D1669363769%3AS%3DALNI_MauspntqU4os8C1eYOFWXclprFlyw&abxe=1&dt=1669363771151&lmt=1669363771&dlt=1669363769058&idt=567&adxs=275&adys=486&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=975x90&msz=975x90&fws=0&ohw=0&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10183
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: application/webbundle
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
UUID-IN-PACKAGE 200
OK e0ade5ec-6b81-48ef-803f-2e6ae133210e Show response
/ 20 KB
20 KB 415ms
415ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

uuid-in-package:e0ade5ec-6b81-48ef-803f-2e6ae133210e

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

UUID-IN-PACKAGE

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

ac9d40b769acbb4de78d1fe79327691803180e3762d74109f764fd680885eb3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6858 143 B
166 B 40ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 07:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9614 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 21:21:22 GMT

GET
H2 200 pixel;r=655513976;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpelotainvernal.com%2F;ref=https%3A%2F%2Fpelotainvernal.com%2F;uht=2;fpan=1;fpa=P0-108496029-1669363771139;pbc=cd9f8358-618a-...
pixel.quantserve.com/ Frame EAA4 35 B
372 B 19ms
9ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=655513976;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpelotainvernal.com%2F;ref=https%3A%2F%2Fpelotainvernal.com%2F;uht=2;fpan=1;fpa=P0-108496029-1669363771139;pbc=cd9f8358-618a-41af-b088-1f6a5467e9e8;ns=1;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;d=pelotainvernal.com;dst=0;et=1669363771285;tzo=0;ogl=;ses=24928f3a-b7a6-4429-aac9-4f7c41382ca3

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BFB9 2 KB
535 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=250&slotname=9665504044&adk=3379964164&adf=185437339&pi=t.ma~as.9665504044&w=300&lmt=1669363769&rafmt=12&format=300x250&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769321&bpp=1&bdt=263&idt=293&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100%2C728x90&correlator=7750487750825&frm=20&pv=1&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1149&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=z49oRm62Dr&p=https%3A//pelotainvernal.com&dtd=296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 06:21:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 08:09:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame BFB9 2 KB
765 B 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:55:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame BFB9 23 KB
9 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 07:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame BFB9 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 07:15:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame BFB9 18 KB
7 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:34:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BFB9 154 KB
47 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 08:09:31 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame BFB9 34 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 15:35:45 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6858
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
48ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 08:09:31 GMT
expires: Fri, 25 Nov 2022 08:09:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 08:09:31 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame B9E3 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 21:21:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BFB9 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDxwsOXiAY6WuLI-4Z_WlorAKqsPWym3rtLqxsRCf37HAuDIQASCtkPQeYJXikIKgB6ABxK-VyAHIAQmpAnIGet7QzHk-qAMByAPLBKoE0wFP0L08pyZWUNF7Bk3zPBIN_l20FkXTzlcfcWVZgb7kF2EafL6fAJciJGLbI-WR-O_0t3jPVoDIpUl5WR4UlXLJQ6O-mgCVpqXMs68j0omK7TMrXA1TzZ7bJ4egYSM-v4stcfelLzUWUEtJM6H55QsrkEsCEHsJQcqGPDXCGN8OipvES7bjh-48hYsqBShu-AXbUVagkdL8Wngv2T7vvDb00Mqb6lslRvlvK5ZQpcQDp_wznjHz_vdHuDNKAsmIHHvKNh5Gnjx4p9VHf58McHWgZIwxwATevpWOmgSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHpNDqtwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ8egW0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItMzEzOTEzNDg4MzcwODc2MRgA&sigh=QYPvrb2xhVk&uach_m=[UACH]&cid=CAQSGwDq26N99UJZa3I_kJ3yVw7rPhltGWB_cQW7XBgBIBM&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=250&slotname=9665504044&adk=3379964164&adf=185437339&pi=t.ma~as.9665504044&w=300&lmt=1669363769&rafmt=12&format=300x250&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669363769321&bpp=1&bdt=263&idt=293&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100%2C728x90&correlator=7750487750825&frm=20&pv=1&ga_vid=481211934.1669363770&ga_sid=1669363770&ga_hid=1080671558&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1149&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44778780%2C44770880&oid=2&pvsid=552620077383395&tmod=1459500539&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=z49oRm62Dr&p=https%3A//pelotainvernal.com&dtd=296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 08:09:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame BFB9 18 KB
18 KB 120ms
40ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSMXQTQmZiQtGm9yIaDRO1mxAVcFRfT13o0ljsPkRIir651i9O54vZA7dtA_94&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5276234948424c98f983ac0a155860a14d58b1e54f01a5a81526b8958c0dd5ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 07:43:18 GMT
x-content-type-options: nosniff
age: 519973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18728
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 10:09:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 Nov 2023 07:43:18 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame BFB9 17 KB
17 KB 118ms
42ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRUmwGubySsTpD3k7KK3sO3Ksk4ipqvNpAHpSrGSamlWkjnn8sEbPca3xRAVw&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f55c61b063748e1322e70b92475fe9055ef3c718122c0f50c11d2f6f0a851f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 06:18:29 GMT
x-content-type-options: nosniff
age: 438662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17352
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 02:30:22 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 20 Nov 2023 06:18:29 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame BFB9 17 KB
17 KB 113ms
37ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSqc0J1hFF9dfKi-xe39LyvuJvJwOR0HFAAOTZ5HpxSxaQ6V079nDrIKU14Fw&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a743cd50ba72a41a51ab872a12cc5baa0bf3607b33a8d61b711f2dd23ad9205c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 17:12:48 GMT
x-content-type-options: nosniff
age: 140203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17624
x-xss-protection: 0
last-modified: Sat, 06 Aug 2022 06:12:08 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Nov 2023 17:12:48 GMT

GET
DATA 200
OK truncated
/ Frame BFB9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ca6d86905f286b9f306a0e092d8477ee962fabcc97d9828abbdd640a9c1f8c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame BFB9 20 KB
20 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 208603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 22:12:48 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 528B 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 21:21:22 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 74ms
30ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: AS623DQBY0CG4WQ2
age: 2673
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 76f8e714bfa79b64-FRA
x-amz-id-2: opH3n6Ss4TlDtfyjukoygT4YC9ks6ezIdzU29iyaBzEnETZcFBMAM6rnMr/Jv2PsgS8/3mqoHZ4=

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 561ms
176ms Script
application/javascript 34.215.75.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.215.75.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-215-75-170.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:32 GMT
cache-control: public, max-age=86400
last-modified: Tue, 22 Nov 2022 19:18:19 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 54ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Nov 2022 08:09:31 GMT

GET
H2 200 container.html Show response
ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F915 6 KB
3 KB 175ms
47ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 08:09:31 GMT
expires: Sat, 25 Nov 2023 08:09:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7E17 15 KB
6 KB 15ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pelotainvernal.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 08:09:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 678404
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 31ms
8ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Fri, 25 Nov 2022 08:09:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7E17
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=pelotainvernal.com&sn=ChromeSyncframe&so=3&topUrl=pelotainvernal.com&bundle=6T9FXl9SVTZQZGJJMWR0WVpHa2s0dDhxaENCTEhXMGNyb0gxQ3c0NmVmYTl...
https://mug.criteo.com/sid?cpp=ZRtlenxNYUNxTnU3U0pwS0F1ZDZtcmFjS0NmcWdicDB3bms0dU5IZDY0L2x6WU1Eb0pSSkcvVE5FZ2RVVzFUQnBseFhjWUFTMzYvL1ZReDkyMVYyZ2FWMTd1VUIvWWlidWZDc3VCU2Q3V1BydFhpdFJZc2dleE9WSUtuZD...

452 B
672 B

22ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ZRtlenxNYUNxTnU3U0pwS0F1ZDZtcmFjS0NmcWdicDB3bms0dU5IZDY0L2x6WU1Eb0pSSkcvVE5FZ2RVVzFUQnBseFhjWUFTMzYvL1ZReDkyMVYyZ2FWMTd1VUIvWWlidWZDc3VCU2Q3V1BydFhpdFJZc2dleE9WSUtuZDQ4MzlRZjFsbDJualM0MkFwQVJIVTU0STJkRm0xMUd4UFVRTmRXYWxsWi90MWZLdXcrcnNGNTl6bllYN1A2NlgvWWxrYUVndGlWanJ3TU9RNEhpZUVNU3VRVjNGTnpHajFyb3EyOWgxU0poRlgvdFNTMjdSVHdtcWhaVEhUcHBuQTV5UHM0aWdDNzBIbEVKTzgrWFp5cEJyWE03NHB4cVhTdlNjS3o0K0ZSNldKbDFlWHZ0ND18&cppv=2

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

93e7300f8566366b9bb54f262137a84dfe7c7057a47b20e0e28a4d7a9d8a5b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2995482
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ZRtlenxNYUNxTnU3U0pwS0F1ZDZtcmFjS0NmcWdicDB3bms0dU5IZDY0L2x6WU1Eb0pSSkcvVE5FZ2RVVzFUQnBseFhjWUFTMzYvL1ZReDkyMVYyZ2FWMTd1VUIvWWlidWZDc3VCU2Q3V1BydFhpdFJZc2dleE9WSUtuZDQ4MzlRZjFsbDJualM0MkFwQVJIVTU0STJkRm0xMUd4UFVRTmRXYWxsWi90MWZLdXcrcnNGNTl6bllYN1A2NlgvWWxrYUVndGlWanJ3TU9RNEhpZUVNU3VRVjNGTnpHajFyb3EyOWgxU0poRlgvdFNTMjdSVHdtcWhaVEhUcHBuQTV5UHM0aWdDNzBIbEVKTzgrWFp5cEJyWE03NHB4cVhTdlNjS3o0K0ZSNldKbDFlWHZ0ND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 603750
content-length: 0
expires: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6927 624 B
245 B 78ms
77ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY9MiavQEwAQ&v=APEucNVo3hGK5s6xQ2fcoG_eEFlkYqHZQOz57_UDG6UbBQYSad43Pw7AS3JY36QYzHyw2JEZhDmD_TumNubMr0KYoOcNQtxisCvEtoMyCzAUrbTD9Jn3lBnfQ62qp5_kAcn_IssjNlRd7pZatBqCOKATvMxs7BlIQB5zE_wuuRK4jCAAIhNrnRw

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 08:09:31 GMT
expires: Fri, 25 Nov 2022 08:09:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F915 86 KB
35 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ByG9pJLzQOSi_o_009CgIsh8jBBL35ypxyVxrbHaoKibv4U9eSoBccKgOTz9JgPyt9IDu3vBd2faEyjt0THUw1rl7q_gM8EslWVADIKStz08rQwFQtw2-3GSEeJXY2v9AUmQSBnxVnn0JV1F0eIWlhUJ1vK6jwDfOWnNfq8Gl5u1MFXJE&dbm_d=AKAmf-AxCthKDgXiLdBluWnXf4gBs2QU5yFGopTrVzXErB96BMHXSX_RSzN6zv69FwlFdUd5U5-rehVq4vP5PLAAkXxtqGdNhilaEJs62flCaIFJPyER6PuBMJsZMwZisEnL3oI1abj1Dqv5IJ2G3HJ8jWdIlUmHgrw-_nH_ccxCjsOrywh-HJD1YJRhoilxp65QXNOWWHokxcD7y6vvQBYYK0WncLg967EcdgF_FiX-5OusAnqFzrIlIioXP5vSI8Si2GJgPSj9nrIY3HgKElcqAPNEF8qC6EwYegUQCW3_F8hL-_nXCFnfLMrbthfef3IbEYqGRpw3QN2HBH227NG_iql9PyOw216fi-Fv_gComXt-tdFu-LIWBi0H7rJ_Ma8P42kYmupeIiXg9_YwweX0DFqbInoQyuUr3hMJjpdxdY4UY5O3rqwk8LtG6Yxrbqrp-1rOhJkRD_5haGmI-vc1G20SHM0g6Bpkvba35y95Khi5XIcXQFOdge5COMhzBiZPaGUew0mvxlVk-WthGi9d4qbptw6nI1fXnkUPe_GQD5XISKcOD9HSxNnTFtyukhxkRO85EUgjpXJ0ai6A45W9z-Et_Bx0sE73drN-ub6LYEB4q0zMZDbFaQBLZ9SypAlj5OX5KPbIC2LSib5JrBNiUokoXDUj4Vfgfi2HWqFmmNFVUR1R3D2yDm5zGR-8t6pg8Dw75ebdOKMnyb192RQIamf_uBfkp76kXUCkFLLh4sNs8Crh9Vs0RsQ16ob-GYYmxSB72DmHkyeNeE4tgl2krFrI1KSp5ptnM6wTLDGOR-O5Q_62LuG_4Wx1pYNwITvSieD8KmlczC-1LOMBNpwbO01_w-GhM_518YRy7XtEpyrJEPlO4KCekECJSLLDm9PzczWMBKsAaMppc5O_VP1cUCnGmjshtzjCMBjmY-Cd93kj-44PKEHD5EAOHMsh4R7_nvfwHEB6YZkZbtftuT4VA6wZvI6jhrhG48kDILjzQft_L0no1jS07ryNyFzUqUPz72jWD7IsT6PRrwWcEE-hxgtWt_VIeUH2oe1f_-ZCkSd19NRKO2NziB-LOKVqQoRei-h9VdQpj1VuJcu6_Dao3Omgbu49h6UCD-r5JDSurlLZuW1ffyCL9MLyGf7tX7s9oIufAyQhek99RSkVLCPLWauOf57jtRjJP0JDMoxLx6RG9TaF4kAOSvLGr7-8h5eZ_QgRRnqRM7YDBdZcuWpy7xKUJ56jMTOTcJNZkilMANKPhx0M7uLBnJxumzwJrDqXf8LXLHPbY63hwHQdzpIKi3d6eCYuMoo7lHXi-UviG8BZaaz9mzxNxw62qR8RTZGae35T_yHNIqM4oPRwuE4G-ZIId2RKw52hDNGdxaevv4VBgniAw7_89yqU2QDgkvpLnrB8OxHHVvA0kJuzS9Momu5-2xxgO7VoWHUWrkXGWPdzzipEiqZA2Gkd9ZubFcApYIa0XB5Bze9prqkLiF9Q5RT_nCL6pVCFmfuOQajz2-LDUgF4xj2lHba289OtlIcGREaWD0Mn0E6P_UpZQl8WTJt_oMfQq5nWer6QS5lPsboA-puiznqSCe1Igk-EyqV1945kGPPdj-jpvTNOZPh_tx3zp2a4PfOxkoWm_GVwRywMvbhSgq7u437gd3YRPguyvPX7eLM0fyAt2-3IB1PNiQsAARBSx4DhIpzaC26CfsSFQa1yIu6EI2XHkSSl5GsLKKRki0JrCph3WwvCY4hrc7orZUJz7q81j_uWF_WJWN41EmDkSBmMRhbf3yuPOw72xYlg5EUyGhmhLYtk6qJSuCW8Q2JBXp0BM0SGyZAgONB7GyRZjqRS-SL5mgmWi1e_0h6cuWHSuWvBnhM5UBWc_7VU61nxHIy2xduPSpVBllKUKjJh7nzhJ1GmSq_kG2EjdWreNf4oZsO0MDz6QDJKUXB9-t_O8du265gtPkSg58RZvE7X4GFaoeNm0Lr1GbXp1riM5e-lQJmCTdynm_zIPo7DQnFj53zKocG6cEtRV808-nzX0N7f7bNAisWJb2M-hMunuLLlBR4Rid1FU1eKqSxKE7Mjg9X3qCx8CniYQhc-uwbdn8AJvznc-rxCVtt1KeJVVrlSOAHPYuj4N5ecHfBNjw7nMnxFBVym_ogLOhqe3nGuyIB9BfglZz6bJg1sVZW2YtCSmjuEOcw47oQc8QMyfSPX9br41oTpuGUKvJ8teWwlmn7_FOtU0scrMy5k5YPVJ4e_A0929SGKGQZjHdmq_ODbe2yFdZ2kA8M0GRBm7RVIX4WJA9zEqPP75YLwfVlYDRB5WNDFp4Gh19y2c721nGJdtKDuMssf25Hwxv1C496uc-1r9ifFHDLlRwqAA2PI2BRJKG3WV9z9Nd4OfzDsT9d_Op97lv4aWTMYY5whERjKZdCYJGzM084G3ZxFGzc29merTnpN2XttEGMouOX2nVct7ZNGcolnk837z1zXkHIhX_wrRUjfa4ezaktkKS8J0KulpbX06AYtvmW9FWjyaHZ6aXU0cN41uKK_LoscIzzRM6Bv6YVssGsgN2veY0p9hFTKKWHGoPnKy3-UfhtrFnmjj5d2Zzhjau3m6Q-CJxP8RGoGeYOQ6Bq_JF5RHMOEZgnaO8g-aXem3EJNVrWavYJ5wDryY2-eHPYxNre-Nj9rQQ1BiCJ28vsNtn5hMOnqkEjNXQuLISFOmNQlWv4Lr-1Tb4suzftjg-Jp_5d3crnhtm9ml_m_ZlY0HuHLlv8OG0U2MD9Dvv-xUDs_wMiygm0HYtt2heNWibHEyO7EWueJcClUwhaXwSKXq2rDTzf-slhO9GtpKy4_iU_xSK3cHHQw3LSL0FufNRgsYWxIfTsMWxHcGC602lmrGr7j4NjWh6ZJUlJSQg1lsk-jtuSwcWwxlRht8nnovdrBK3wn3amoRpnPivkgPPFoVcgBf-WD-rU_L7QWnndUMB0nKfz3kZt6VJ12BFfi9dJAVxLL8WopIAQqEr1_pmh8PVnMg9TJAuStqIu99oM_QlttghT3bNgXtJuBrThldC7s6g1iSeVAxPwtd2esnoFLjLMwLkcFlYuM-MXJ2opnSgF0HBuSf7UV_BTV6Ge68HB3Z_xRnFSEYtISXR7Z_Yu4Uc1YXdkJAnvjrVEyhXG-YHe27vhHoL0qwF_IELgxGsDnIt3JYGbmHTZwtMhJZCeOg1VIfzHPjhoxM1-ed9qaLqFTrOHZBned-XZhjMpNu_2FgklFJv4vNrqsmAD_JY398M-BfUBpL9DdW0M9wW4SW6s5FJp7OktWoMBVDDLFoBemYRkuZKwzXAlilwGLl-TV1c0OqcLRw_iU3vidhqXGtfM2-BeBhaj8UzodZAIPdKDu5Psb7obWJts&cid=CAQSPADq26N9YgwdD3WieMunp7S0DRPA89nqZQtPKAtar27j_xBTJHzuXruU0bTKsA-FOCvosxxPMt9movAQwBgBIBM&rfl=1%2Chttps%253A%252F%252Fpelotainvernal.com%252F%240

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30756d02ae18e96fa487b8ef232eef201f9d0941155dc26e4ab58f65829a9a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35629
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F915 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AkU9xM3oWH4VesY3ub3YHOUGHbaogPUsGfY11gee9rUerEHrufQ-nTLJXC5ogZ2S0FJvJud-DUJY0wuiRu1U5PKkMepNh5tSPfgkITsPXI3FGXwwY

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame F915 47 KB
13 KB 151ms
63ms Script
application/javascript 99.81.181.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15487730381&pubId=1&placementId=396797044&adsafe_par&bundleId=&dealId=&bidurl=https://pelotainvernal.com/
Requested by: Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.181.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-181-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cc8bc6e96c681a05f2b0df7c592db41636a2dd5a29bd8a989184b1f6a4abd9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F915 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 07:15:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F915 18 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:34:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F915 0
0 48ms
47ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNXFfYVK2c70kLOcGPhNkwj6q-hpASXJd847TNBEsdMPL04zpAh3R6r_OH4TSW0ijQrNL2jfN4ZIDg6EfATMTxqIWfGA
Requested by: Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F915 154 KB
47 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 08:09:31 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6927
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQMVD7k6rUIRaPiUL20u34&google_cver=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQMVD7k6rUIRaPiUL20u34&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY9MiavQEwAQ&v=APEucNVo3hGK5s6xQ2fcoG_eEFlkYqHZQOz57_UDG6UbBQYSad43Pw7AS3JY36QYzHyw2JEZhDmD_TumNubMr0KYoOcNQtxisCvEtoMyCzAUrbTD9Jn3lBnfQ62qp5_kAcn_IssjNlRd7pZatBqCOKATvMxs7BlIQB5zE_wuuRK4jCAAIhNrnRw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 08:09:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQMVD7k6rUIRaPiUL20u34&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6927
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4B4O.HXio-xJTCGVOkdTwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQMVD7k6rUIRaPiUL20u34&google_cver=1&google_hm=2

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQMVD7k6rUIRaPiUL20u34&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY9MiavQEwAQ&v=APEucNVo3hGK5s6xQ2fcoG_eEFlkYqHZQOz57_UDG6UbBQYSad43Pw7AS3JY36QYzHyw2JEZhDmD_TumNubMr0KYoOcNQtxisCvEtoMyCzAUrbTD9Jn3lBnfQ62qp5_kAcn_IssjNlRd7pZatBqCOKATvMxs7BlIQB5zE_wuuRK4jCAAIhNrnRw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 08:09:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQMVD7k6rUIRaPiUL20u34&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6927
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKGnKPO_xrmc7Yk9pTB9fww&google_cver=1

43 B
1020 B

132ms
132ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKGnKPO_xrmc7Yk9pTB9fww&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY9MiavQEwAQ&v=APEucNVo3hGK5s6xQ2fcoG_eEFlkYqHZQOz57_UDG6UbBQYSad43Pw7AS3JY36QYzHyw2JEZhDmD_TumNubMr0KYoOcNQtxisCvEtoMyCzAUrbTD9Jn3lBnfQ62qp5_kAcn_IssjNlRd7pZatBqCOKATvMxs7BlIQB5zE_wuuRK4jCAAIhNrnRw

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 08:09:32 GMT
AN-X-Request-Uuid: 8fd60a50-dcc7-4b4b-a50f-c550802178d4
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKGnKPO_xrmc7Yk9pTB9fww&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6927
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5MjQ4MTI5ODI3ODE4NjgxMA%3D%3D

170 B
502 B

107ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5MjQ4MTI5ODI3ODE4NjgxMA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 08:09:31 GMT
AN-X-Request-Uuid: 0aa1fa2b-866e-48c9-a8f3-81a757680151
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5MjQ4MTI5ODI3ODE4NjgxMA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F915 170 KB
59 KB 119ms
37ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
Origin: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 10:22:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame F915 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ByG9pJLzQOSi_o_009CgIsh8jBBL35ypxyVxrbHaoKibv4U9eSoBccKgOTz9JgPyt9IDu3vBd2faEyjt0THUw1rl7q_gM8EslWVADIKStz08rQwFQtw2-3GSEeJXY2v9AUmQSBnxVnn0JV1F0eIWlhUJ1vK6jwDfOWnNfq8Gl5u1MFXJE&dbm_d=AKAmf-AxCthKDgXiLdBluWnXf4gBs2QU5yFGopTrVzXErB96BMHXSX_RSzN6zv69FwlFdUd5U5-rehVq4vP5PLAAkXxtqGdNhilaEJs62flCaIFJPyER6PuBMJsZMwZisEnL3oI1abj1Dqv5IJ2G3HJ8jWdIlUmHgrw-_nH_ccxCjsOrywh-HJD1YJRhoilxp65QXNOWWHokxcD7y6vvQBYYK0WncLg967EcdgF_FiX-5OusAnqFzrIlIioXP5vSI8Si2GJgPSj9nrIY3HgKElcqAPNEF8qC6EwYegUQCW3_F8hL-_nXCFnfLMrbthfef3IbEYqGRpw3QN2HBH227NG_iql9PyOw216fi-Fv_gComXt-tdFu-LIWBi0H7rJ_Ma8P42kYmupeIiXg9_YwweX0DFqbInoQyuUr3hMJjpdxdY4UY5O3rqwk8LtG6Yxrbqrp-1rOhJkRD_5haGmI-vc1G20SHM0g6Bpkvba35y95Khi5XIcXQFOdge5COMhzBiZPaGUew0mvxlVk-WthGi9d4qbptw6nI1fXnkUPe_GQD5XISKcOD9HSxNnTFtyukhxkRO85EUgjpXJ0ai6A45W9z-Et_Bx0sE73drN-ub6LYEB4q0zMZDbFaQBLZ9SypAlj5OX5KPbIC2LSib5JrBNiUokoXDUj4Vfgfi2HWqFmmNFVUR1R3D2yDm5zGR-8t6pg8Dw75ebdOKMnyb192RQIamf_uBfkp76kXUCkFLLh4sNs8Crh9Vs0RsQ16ob-GYYmxSB72DmHkyeNeE4tgl2krFrI1KSp5ptnM6wTLDGOR-O5Q_62LuG_4Wx1pYNwITvSieD8KmlczC-1LOMBNpwbO01_w-GhM_518YRy7XtEpyrJEPlO4KCekECJSLLDm9PzczWMBKsAaMppc5O_VP1cUCnGmjshtzjCMBjmY-Cd93kj-44PKEHD5EAOHMsh4R7_nvfwHEB6YZkZbtftuT4VA6wZvI6jhrhG48kDILjzQft_L0no1jS07ryNyFzUqUPz72jWD7IsT6PRrwWcEE-hxgtWt_VIeUH2oe1f_-ZCkSd19NRKO2NziB-LOKVqQoRei-h9VdQpj1VuJcu6_Dao3Omgbu49h6UCD-r5JDSurlLZuW1ffyCL9MLyGf7tX7s9oIufAyQhek99RSkVLCPLWauOf57jtRjJP0JDMoxLx6RG9TaF4kAOSvLGr7-8h5eZ_QgRRnqRM7YDBdZcuWpy7xKUJ56jMTOTcJNZkilMANKPhx0M7uLBnJxumzwJrDqXf8LXLHPbY63hwHQdzpIKi3d6eCYuMoo7lHXi-UviG8BZaaz9mzxNxw62qR8RTZGae35T_yHNIqM4oPRwuE4G-ZIId2RKw52hDNGdxaevv4VBgniAw7_89yqU2QDgkvpLnrB8OxHHVvA0kJuzS9Momu5-2xxgO7VoWHUWrkXGWPdzzipEiqZA2Gkd9ZubFcApYIa0XB5Bze9prqkLiF9Q5RT_nCL6pVCFmfuOQajz2-LDUgF4xj2lHba289OtlIcGREaWD0Mn0E6P_UpZQl8WTJt_oMfQq5nWer6QS5lPsboA-puiznqSCe1Igk-EyqV1945kGPPdj-jpvTNOZPh_tx3zp2a4PfOxkoWm_GVwRywMvbhSgq7u437gd3YRPguyvPX7eLM0fyAt2-3IB1PNiQsAARBSx4DhIpzaC26CfsSFQa1yIu6EI2XHkSSl5GsLKKRki0JrCph3WwvCY4hrc7orZUJz7q81j_uWF_WJWN41EmDkSBmMRhbf3yuPOw72xYlg5EUyGhmhLYtk6qJSuCW8Q2JBXp0BM0SGyZAgONB7GyRZjqRS-SL5mgmWi1e_0h6cuWHSuWvBnhM5UBWc_7VU61nxHIy2xduPSpVBllKUKjJh7nzhJ1GmSq_kG2EjdWreNf4oZsO0MDz6QDJKUXB9-t_O8du265gtPkSg58RZvE7X4GFaoeNm0Lr1GbXp1riM5e-lQJmCTdynm_zIPo7DQnFj53zKocG6cEtRV808-nzX0N7f7bNAisWJb2M-hMunuLLlBR4Rid1FU1eKqSxKE7Mjg9X3qCx8CniYQhc-uwbdn8AJvznc-rxCVtt1KeJVVrlSOAHPYuj4N5ecHfBNjw7nMnxFBVym_ogLOhqe3nGuyIB9BfglZz6bJg1sVZW2YtCSmjuEOcw47oQc8QMyfSPX9br41oTpuGUKvJ8teWwlmn7_FOtU0scrMy5k5YPVJ4e_A0929SGKGQZjHdmq_ODbe2yFdZ2kA8M0GRBm7RVIX4WJA9zEqPP75YLwfVlYDRB5WNDFp4Gh19y2c721nGJdtKDuMssf25Hwxv1C496uc-1r9ifFHDLlRwqAA2PI2BRJKG3WV9z9Nd4OfzDsT9d_Op97lv4aWTMYY5whERjKZdCYJGzM084G3ZxFGzc29merTnpN2XttEGMouOX2nVct7ZNGcolnk837z1zXkHIhX_wrRUjfa4ezaktkKS8J0KulpbX06AYtvmW9FWjyaHZ6aXU0cN41uKK_LoscIzzRM6Bv6YVssGsgN2veY0p9hFTKKWHGoPnKy3-UfhtrFnmjj5d2Zzhjau3m6Q-CJxP8RGoGeYOQ6Bq_JF5RHMOEZgnaO8g-aXem3EJNVrWavYJ5wDryY2-eHPYxNre-Nj9rQQ1BiCJ28vsNtn5hMOnqkEjNXQuLISFOmNQlWv4Lr-1Tb4suzftjg-Jp_5d3crnhtm9ml_m_ZlY0HuHLlv8OG0U2MD9Dvv-xUDs_wMiygm0HYtt2heNWibHEyO7EWueJcClUwhaXwSKXq2rDTzf-slhO9GtpKy4_iU_xSK3cHHQw3LSL0FufNRgsYWxIfTsMWxHcGC602lmrGr7j4NjWh6ZJUlJSQg1lsk-jtuSwcWwxlRht8nnovdrBK3wn3amoRpnPivkgPPFoVcgBf-WD-rU_L7QWnndUMB0nKfz3kZt6VJ12BFfi9dJAVxLL8WopIAQqEr1_pmh8PVnMg9TJAuStqIu99oM_QlttghT3bNgXtJuBrThldC7s6g1iSeVAxPwtd2esnoFLjLMwLkcFlYuM-MXJ2opnSgF0HBuSf7UV_BTV6Ge68HB3Z_xRnFSEYtISXR7Z_Yu4Uc1YXdkJAnvjrVEyhXG-YHe27vhHoL0qwF_IELgxGsDnIt3JYGbmHTZwtMhJZCeOg1VIfzHPjhoxM1-ed9qaLqFTrOHZBned-XZhjMpNu_2FgklFJv4vNrqsmAD_JY398M-BfUBpL9DdW0M9wW4SW6s5FJp7OktWoMBVDDLFoBemYRkuZKwzXAlilwGLl-TV1c0OqcLRw_iU3vidhqXGtfM2-BeBhaj8UzodZAIPdKDu5Psb7obWJts&cid=CAQSPADq26N9YgwdD3WieMunp7S0DRPA89nqZQtPKAtar27j_xBTJHzuXruU0bTKsA-FOCvosxxPMt9movAQwBgBIBM&rfl=1%2Chttps%253A%252F%252Fpelotainvernal.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:31:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame F915 29 KB
11 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 13:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66785
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 13:36:26 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F915 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245651
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 11:55:20 GMT

GET
H2 200 main.19.8.366.js Show response
static.adsafeprotected.com/ Frame F915 196 KB
61 KB 47ms
8ms Script
application/javascript 2600:9000:223f:8400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.366.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15487730381&pubId=1&placementId=396797044&adsafe_par&bundleId=&dealId=&bidurl=https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 21:37:52 GMT
x-amz-version-id: DTz7DAGx5H1oATkuvwxjIs9w8gvuFjKB
content-encoding: gzip
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 297100
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 21 Nov 2022 19:50:49 GMT
server: AmazonS3
etag: W/"ca4194ffbaa3712186a83d16b497895d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: rZgaq7P6CqHLUmoRgEQGMksUMnzRl_R6g7uhCGdojrllMDdJyucHIw==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 03D5 1 KB
643 B 37ms
37ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:56:16 GMT
etag: 48472445140208031
expires: Fri, 25 Nov 2022 15:56:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F915 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc2a9fb153f659b963260a8ad21ac2a1132472815314c1e83ba1f151214d8a59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CF42 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 245652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 11:55:20 GMT
expires: Wed, 22 Nov 2023 11:55:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03D5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDF0Ox_TCmHkP_zpgu7VC8I&google_cver=1&google_push=ASkJ3FaBfZl_kipyCq60wKqrTnxDoxlJg-tRGu9aupHoWNa5eZ3pvpnba4bYJDD7e0uJIWf1uHYjOEPm41TOI4P0...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaBfZl_kipyCq60wKqrTnxDoxlJg-tRGu9aupHoWNa5eZ3pvpnba4bYJDD7e0uJIWf1uHYjOEPm41TOI4P0eocdoSvyTO3I

170 B
188 B

56ms
54ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaBfZl_kipyCq60wKqrTnxDoxlJg-tRGu9aupHoWNa5eZ3pvpnba4bYJDD7e0uJIWf1uHYjOEPm41TOI4P0eocdoSvyTO3I

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 25 Nov 2022 08:09:32 GMT
Server: MT3 169 32252b7 master cdg-pixel-x24 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaBfZl_kipyCq60wKqrTnxDoxlJg-tRGu9aupHoWNa5eZ3pvpnba4bYJDD7e0uJIWf1uHYjOEPm41TOI4P0eocdoSvyTO3I
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 25 Nov 2022 08:09:31 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03D5
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBCu7Z4jow_PKdxc1UI1FLs&google_cver=1&google_push=ASkJ3FbSHAIOYkQh9--5btBzt5IYdA7hOOxofFkywsey9JzKHFRiQFm1luBL-UWCIZsygoOMaXVD6Qnri07...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbSHAIOYkQh9--5btBzt5IYdA7hOOxofFkywsey9JzKHFRiQFm1luBL-UWCIZsygoOMaXVD6Qnri07nOrGSBl4l1AGkrWMO&google_hm=QkkebRq-RFm7jeoeILIc8KI

170 B
188 B

55ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbSHAIOYkQh9--5btBzt5IYdA7hOOxofFkywsey9JzKHFRiQFm1luBL-UWCIZsygoOMaXVD6Qnri07nOrGSBl4l1AGkrWMO&google_hm=QkkebRq-RFm7jeoeILIc8KI

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:31 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbSHAIOYkQh9--5btBzt5IYdA7hOOxofFkywsey9JzKHFRiQFm1luBL-UWCIZsygoOMaXVD6Qnri07nOrGSBl4l1AGkrWMO&google_hm=QkkebRq-RFm7jeoeILIc8KI
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 03D5 0
173 B 108ms
39ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEF-T1dpqBKfOdJPh6wDCk-A&google_cver=1&google_push=ASkJ3FYuETvT8Vyns9MaxgMLd-nWM-zrFJBLi8jWC5G2MZU8p3Fav9zHVbF1tlKagFksvjTjLzNtFTGKRuKzQtrFREHEF7atRynV
Requested by: Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03D5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEML-b6u4SclWSLOscZHYNuQ&google_cver=1&google_push=ASkJ3FZJ95mcxRlCR6pFyGRJMCDglilzo5mmLvkNwdqkawjVsURzolwzYo1CqlmSpHrIacOXqzKQGmkwYHsTRd...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2OTg2MjgwNTg2OTQ5MjM2NA%3D%3D&google_push=ASkJ3FZJ95mcxRlCR6pFyGRJMCDglilzo5mmLvkNwdqkawjVsURzolwzYo1CqlmSpHrIacOXqzKQGmkwYHsTRdAxBh...

170 B
188 B

65ms
51ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2OTg2MjgwNTg2OTQ5MjM2NA%3D%3D&google_push=ASkJ3FZJ95mcxRlCR6pFyGRJMCDglilzo5mmLvkNwdqkawjVsURzolwzYo1CqlmSpHrIacOXqzKQGmkwYHsTRdAxBhHSS_l4_g6w

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2OTg2MjgwNTg2OTQ5MjM2NA%3D%3D&google_push=ASkJ3FZJ95mcxRlCR6pFyGRJMCDglilzo5mmLvkNwdqkawjVsURzolwzYo1CqlmSpHrIacOXqzKQGmkwYHsTRdAxBhHSS_l4_g6w
Date: Fri, 25 Nov 2022 08:09:32 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03D5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPogtKDkJVm3hV062Pqtsu0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPogtKDkJVm3hV062Pqtsu0&google_hm=Y4B4O-HXio_xJTCGVOkdTwAABJwAAAAB&google_nid=index&google_push=ASkJ3FZyMCAv49e9uB5kqVk-qpeS8kjEWq1er...

170 B
188 B

55ms
55ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPogtKDkJVm3hV062Pqtsu0&google_hm=Y4B4O-HXio_xJTCGVOkdTwAABJwAAAAB&google_nid=index&google_push=ASkJ3FZyMCAv49e9uB5kqVk-qpeS8kjEWq1er7OrPYIum5s9R-xCJ8s2ZejmkZBnStTBKO5me5T_ecZdk9hkXN2AlEezO77BNQ8i

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJoQUdPYvaeKxo3QgprXaWYDPtB5cefjA4bSPEs5I6%2F%2BaJsWIq3C74zcFQELMuU6D%2FRAUjVV2beVjGLrg2YbemxzT1h6YKgp%2FXefXCSUM8ASGn4gOpnP4AqsyWoPCXQhy4MvBExMsezQNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPogtKDkJVm3hV062Pqtsu0&google_hm=Y4B4O-HXio_xJTCGVOkdTwAABJwAAAAB&google_nid=index&google_push=ASkJ3FZyMCAv49e9uB5kqVk-qpeS8kjEWq1er7OrPYIum5s9R-xCJ8s2ZejmkZBnStTBKO5me5T_ecZdk9hkXN2AlEezO77BNQ8i
cache-control: no-cache
cf-ray: 76f8e7177d009110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03D5
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESECGpRyCf286gKniyiaXSQu4&google_cver=1&google_push=ASkJ3FZThDhBxP_pTm7MKj6E_iuqyp2-Xa8lpttUG8yI65IW5oESYoMLUAxHwYVOg9fHtvxVJnDLJ3hX4bjX-cXevH6VzF...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECGpRyCf286gKniyiaXSQu4&google_cver=1&google_push=ASkJ3FZThDhBxP_pTm7MKj6E_iuqyp2-Xa8lpttUG8yI65IW5oESYoMLUAxHwYVOg9fHtvxVJnDLJ3hX4bjX-cXe...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=iVMXv7dZQi2mqtmVqnX0fw&google_push=ASkJ3FZThDhBxP_pTm7MKj6E_iuqyp2-Xa8lpttUG8yI65IW5oESYoMLUAxHwYVOg9fHtvxVJnDLJ3hX4bjX-cX...

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=iVMXv7dZQi2mqtmVqnX0fw&google_push=ASkJ3FZThDhBxP_pTm7MKj6E_iuqyp2-Xa8lpttUG8yI65IW5oESYoMLUAxHwYVOg9fHtvxVJnDLJ3hX4bjX-cXevH6VzFwuaPxB

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=iVMXv7dZQi2mqtmVqnX0fw&google_push=ASkJ3FZThDhBxP_pTm7MKj6E_iuqyp2-Xa8lpttUG8yI65IW5oESYoMLUAxHwYVOg9fHtvxVJnDLJ3hX4bjX-cXevH6VzFwuaPxB
access-control-allow-origin: *
date: Fri, 25 Nov 2022 08:09:32 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 03D5 0
75 B 90ms
17ms Image
text/plain 185.86.137.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMU50yF-5QaCUZRBgw-ixPU&google_cver=1&google_push=ASkJ3FYSVa6ZnAccCqAMTltbK73uYE_daePlst2tIkrYkNfVMaIcllCjLCJj27VQzT_t4ovj4LRN9lMUEDVTPgFIMs6QwvnWunZu
Requested by: Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:32 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 03D5 0
12 B 127ms
47ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlfJBS3WrdyC8G-IoCz-hyQCA7z46di_vHxuIqGTzfRH13WHaN3EzSQGCwFeklCV61C3H7

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame E56D 91 KB
23 KB 8ms
8ms Script
application/javascript 2600:9000:223f:8400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5589196
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 6vBzYe7hn29O8QQy-GUaprrfC8bBgbKIetPJDHn7ygxB02NcJ45cdA==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame F915 43 B
216 B 35ms
35ms Image
image/gif 99.81.181.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=15487730381&pubId=1&placementId=396797044&adsafe_par&bundleId=&dealId=&bidurl=https://pelotainvernal.com/&adsafe_url=https%3A%2F%2Fpelotainvernal.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpelotainvernal.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:519ceb50-9241-0da5-99ea-4fde83c95d94,c:uXRDw7,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5dc864c74-tx2n9,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:87,mot:0,app:0,maw:0,fm:tobuggw+11%7C121%7C131%7C132%7C141%7C15%7C1611%7C1612%7C171%7C18%7C19%7C1a*.925113%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:108,oid:7dbfe435-6c98-11ed-a231-72ae5a1ea890,v:19.8.366,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.181.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-181-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
server: nginx
x-server-name: app18.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F915 43 B
215 B 572ms
175ms Image
image/gif 2600:1f13:800:7780:93a2:ac09:2e07:a55d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=519ceb50-9241-0da5-99ea-4fde83c95d94&tv=%7Bc:uXRDwy,pingTime:-3,time:134,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:107%7D,%7Bpiv:0,vs:o,r:l,t:133%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:134,n:133,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:107,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~728.90%5D%7D%7D,%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tobuggw+11%7C121%7C131%7C132%7C141%7C15%7C1611%7C1612%7C171%7C18%7C19%7C1a*.925113%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:109%7D&br=c
Requested by: Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:93a2:ac09:2e07:a55d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F915 43 B
215 B 567ms
175ms Image
image/gif 2600:1f13:800:7780:93a2:ac09:2e07:a55d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=519ceb50-9241-0da5-99ea-4fde83c95d94&tv=%7Bc:uXRDwz,pingTime:-6,time:135,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:135,n:133,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:107,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~728.90%5D%7D%7D,%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tobuggw+11%7C121%7C131%7C132%7C141%7C15%7C1611%7C1612%7C171%7C18%7C19%7C1a*.925113%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:109%7D&tpiLookup=ao:pelotainvernal.com*&br=c
Requested by: Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:93a2:ac09:2e07:a55d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F915 43 B
216 B 558ms
174ms Image
image/gif 2600:1f13:800:7780:93a2:ac09:2e07:a55d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=519ceb50-9241-0da5-99ea-4fde83c95d94&tv=%7Bc:uXRDwL,pingTime:0,time:147,type:pf,im:%7Bsf:0%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:107%7D,%7Bpiv:0,vs:o,r:l,t:133%7D,%7Bpiv:100,vs:i,r:,t:146%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:146,n:133,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:107,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~728.90%5D%7D%7D,%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B12~0%5D,as:%5B12~728.90%5D%7D%7D,%7Bsl:i,t:146,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tobuggw+11%7C121%7C131%7C132%7C141%7C15%7C1611%7C1612%7C171%7C18%7C19%7C1a*.925113%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:109%7D&br=c
Requested by: Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:93a2:ac09:2e07:a55d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F915 43 B
215 B 556ms
174ms Image
image/gif 2600:1f13:800:7780:93a2:ac09:2e07:a55d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=519ceb50-9241-0da5-99ea-4fde83c95d94&tv=%7Bc:uXRDwO,pingTime:-2,time:150,type:a,im:%7Bpom:1,prf:%7BbeA:369,beZ:370,mfA:456,cmA:457,inA:457,inZ:462,prA:462,prZ:471,si:477,poA:477,poZ:490,cmZ:490,mfZ:490,loA:504,loZ:508,ltA:518,ltZ:518,mdA:370,mdZ:425%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:107%7D,%7Bpiv:0,vs:o,r:l,t:133%7D,%7Bpiv:100,vs:i,r:,t:146%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:4,o:146,n:133,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:107,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~728.90%5D%7D%7D,%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B12~0%5D,as:%5B12~728.90%5D%7D%7D,%7Bsl:i,t:146,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4~100%5D,as:%5B4~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tobuggw+11%7C121%7C131%7C132%7C141%7C15%7C1611%7C1612%7C171%7C18%7C19%7C1a*.925113%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:109,sinceFw:41,readyFired:true%7D&br=c
Requested by: Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:93a2:ac09:2e07:a55d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10870759898001676874/ Frame 93FA 1 KB
619 B 128ms
48ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10870759898001676874/index.html?e=69&leftOffset=0&topOffset=0&c=C9p2tW30qq&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e05e2ee52939cb84c40aed78f963f60184ecd9ba996e88b11ad10eebfcc55a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 591
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 08:09:32 GMT
expires: Sat, 25 Nov 2023 08:09:32 GMT
last-modified: Mon, 25 Apr 2022 12:27:54 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F915 0
0 188ms
86ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPJ4ixApLFHEGkRGcn118fpjiF8Geg-_T0S2I1gyb0xJew04O3uDj_iaiHbi0e00mVA63HJmOrPaHcr7ILzZFburhJagbBDKPpLiI4FlPHP8g7m5hIJVgVPe-Bixa_QvLhWKwZyntwfHGVoPCTTfAGeRQD2uJN7vdqr_N4aFcZcw4E4RpnfRCGuMhMPhpk3WwCi8qRjWr8WuEgv27pXVsfqUX8p6wKNbkcK5RY2H1dxbnG0gSZZwPKb5aQk1LLtsdhkJgyZTBhVQFVvAv1fj0AMAQjMDQ59mxxns_IPWbqNqfDjB9oidu7IBvYkDpCq2lknVdmkTbciU20W6niX702yC_eoqP1kFxBQNUkBC3f1cmpTVUDlbLtoNQA_aoM-AD9I8-mpMalPizUE3lyRn_XAWMT00hx3XPbVNScHqw_Ld20eVJ4r4aOu32IOv-tQv5f_sKc-Rd5zAOOaMPOIgZdzwR7tkXkCAZZcfYm-7GhpgUKZa3-ijfgx52UPCRA2DYQgXvNPHRWkb3l_YNaTuL7UHQkes5uXCgBA0PYFhdG7knyfSdJ2iEJ-UYcmzJN5pDANPJaZh9xLjHetqg_4Av2SkbC41jXKkZC3FLi2ikDhg4K0QfKTUBFGk913apGW_Ba3eNgGP6-awzdmjcv-jrzJs0Fg0ROi0HlpxqZGiUc4eoezwGcfDx5l8zvAf5ikv4eM8NXE96FYgQkdzAJc5KvkEL71KI9dVpcF30KZWwCkPvqdQ9ov_24A3p39uVVJ1FwQO2vsgaepXMc9ztp_j_yhK3Vaf0UL_4h6VM5GhZlovB5IrnJDl-5w6pHzJneTK95aCcdI1AaNQvjd4zpIqrfys-jhBSHdzrj2PQplXNzcYLnkTGwIcK4FJeM_alOlQDaj60ZvLi3CnhrFLjjuVd7jBO7XEYTSKqjdtnRp9ohoe7DaGi8rv6Niv9HHWMNokLihU0MV_HxH29A9Bgyh8JgU7AbjCSncVPk5sSqu1twy5gddJZ7gnlfZulmA9beIYuQQjGvdFnSCQkxSFZ1AcL92cExUc5LhcKiGAnS47hU34JrZYzYrMFELR9wbQ0Ik1IuqDUtbNItOAn-utgrUBBPEMVTTqq2PIPof7BKOXlEFIRZuylz4Bw5t9MfUABH3qj9eY5fI6B7n2BozqcpQHGoVq9DfeH07wZmoDLaUl5mRG1aSgN_Gaf0isumEuT58AXwwWTGecnFofT0ujsYDooNHZ1PG442wTCNeKJNpIY0NVnmdKAm-6LQrmDazg&sai=AMfl-YSnpYwssV_hmi6vpF6My8qRnHfoSAOtW59Bts1g_pEGKmcd6Xy_Go-MtZ1JBShFPFBv9PFTqkB7nIbf-nKxwxK8MVXkehY8i4k5euAawNnv7C1eeKKawspro_I-vFvQa3-O0_n5Vl08SQElwX3xgqj1IccHM7AQ_C6qyNtDEKPXvnNlqfz2Tfim3nD1efGAspvtNRYrzVnCxNfktFPIVo_nX-PKJZMLeydwgZ0j_DI98x1L6qZjP3FbD9AhOJP2nffbLlJDif9bKQ&sig=Cg0ArKJSzJ6BF5JS60gdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=208&cbvp=1&cstd=203&cisv=r20221110.54083&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 08:09:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Nov 2022 08:09:32 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame F915 60 B
60 B 102ms
16ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26964075&extCr=162822806&extPm=322786191&gdpr_consent=&gdpr=

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 Bad Krozingen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 08:09:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 25 Nov 2022 08:09:32 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1119
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame CF42 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 21:21:22 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4EF9 42 B
64 B 158ms
77ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuelu-RTGNtjzZMlbnLLy_C61wMcgdCCpgpnZ4QSTQyxWhPDf877QRkNHqw_O5FfRWDyQS7G7rPWNgAGzbHJFApkR4RyGNFYPCtcrJNl5UnNOIcMlUvZkMEp0n5vOwdXnIbVyDAw&sai=AMfl-YRgUkXJX2agHSvWukl_zinSOjOWCujCFx8moPg1sJvDCFExITAVCwjkVtjECK-cmlvyPyQ_Xt2GJ2uRqr4&sig=Cg0ArKJSzPVKLWeezwgFEAE&cid=CAQSGwDq26N9RgELP8OlGAYIEaMz5QlzdYSG37FwuRgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=114,721,1000,1009,1009&tos=114,607,279,9,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669363770738&rpt=394&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DAB8 42 B
64 B 95ms
76ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQsLLpgDms98ZyT8dH3YB26AMuzVz2KgEIHeMm3ajutyKxhJuK6d_gnBrlHDag1SqLMos0FZai-A2E_UUxjILlzHS_GE--0LGWiJksrHLn6K2PThMO4bvmJFJC_WU9t94UqUjvGg&sai=AMfl-YQjTN3OeYoRr7-u30vLm13cHdxgCqFfAxzqwvpMPNMtM0ljlpSmaPHsUFjr-Aw8cMQeqoEzRDW055W8HMs&sig=Cg0ArKJSzLbsTcSwEv8bEAE&cid=CAQSGwDq26N9rKyAIo6mpn9i6Qbg1BqSpFL7LtFWRhgBIBM&id=lidar2&mcvt=1000&p=0,0,100,1298&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=88850195&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669363769602&rpt=1598&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 93FA 118 KB
40 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10870759898001676874/index.html?e=69&leftOffset=0&topOffset=0&c=C9p2tW30qq&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10870759898001676874/index.html?e=69&leftOffset=0&topOffset=0&c=C9p2tW30qq&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 06:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 06:28:55 GMT

GET
H3 200 preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 93FA 64 KB
16 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10870759898001676874/index.html?e=69&leftOffset=0&topOffset=0&c=C9p2tW30qq&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10870759898001676874/index.html?e=69&leftOffset=0&topOffset=0&c=C9p2tW30qq&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16579
x-xss-protection: 0
last-modified: Mon, 12 Feb 2018 18:09:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 08:09:32 GMT

GET
H3 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 93FA 112 KB
38 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10870759898001676874/index.html?e=69&leftOffset=0&topOffset=0&c=C9p2tW30qq&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10870759898001676874/index.html?e=69&leftOffset=0&topOffset=0&c=C9p2tW30qq&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 08:09:32 GMT

GET
H3 200 de_DE_polite.js Show response
s0.2mdn.net/creatives/assets/2377528/ Frame 93FA 87 KB
27 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10870759898001676874/index.html?e=69&leftOffset=0&topOffset=0&c=C9p2tW30qq&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10870759898001676874/index.html?e=69&leftOffset=0&topOffset=0&c=C9p2tW30qq&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27518
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 13:34:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 08:24:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF42 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhN9uO3iAY720MdG5x_APh7-Y6AkAAAAAOAHgBAI&bg=!OjmlOX3NAAbvMpMzzzI7ACkAdvg8WnSX5mwNqwS93dB7JaX--Edz2uArFB9RH3KpACGOgsFAEH27yAIAAABXUgAAAAJoAQcKABrFnAcEYl6sYHiBr2OuZx_06-pTEBCU1czeUZkC8GJFta9IOQUjRV-qnJmbMhew7TOvHdOn7UDjBeVOEOsufw_wVueFfYmDLDMjyiZm3xKmqwibNZh9mxDfjWP6UObN01knB1s6c4vEpRRTZZszU_IrddVT19kg5wtPTUCyoYNvYtNaO2tTTZrA2-hcSdLF6It0PMxkLHPXhPAggD0ssmMNYM6IsXfTYo3qCAHU5i5mjDyMS90r5KVYdqcENvOPkstBMOoe9KpjDOw-0pp9OzBmzjVs47QYoBz-WlJA234FpV-03HBJ5bPqmm7N9Jn--7NQdubAlP_rkRyQ6BHbqKSLvp-dTs2Y96SeX1ND947TJJjyPKhtA4W0D6Xx-5SbB_FwLb4-D64EFF2bHU9Vzsvl4FY9x-i0e9Fonztwb2tCCAcrDGH-GjdHb8WXznnjA18lN0FXxRQgq3SrnCo3TTm54cFIBG8Qjos5ll1d9pCWdZvSxls3BSftS-2CLzLv4aUoV2ha-cMQyZeUbd09Pfid-WCTDNRnCFYSsqdXFjk1Vj_q4U35ets3UIBhN99nC7-Ah1zP3OADzbjxVJbfjyv7nBRtyC9sZ2jCCNrnysGoHi0sTjtHK7E0luSbu8Bzi4bC3peWjcp-2yX-JKDAVKGVp-FSYH1_Bt_GNT4hUpESlP0bvpyyoM0taJndfFXcPrVA_TTVzt9oLw0LHK13PQnCoXgQtOVOpmemlItrYFu9M2xW4ZHRjDdsQYZazq4F53ZeUrGnmZDuykfg4_KmYCab5TogtP2ZSuUv5azRED_bvlLy_v0RiBgeb1RbW3h5dd__2N5QURz1AVFiCJQx3flee9ri_qp5yr25hXIVmwSBPVplufHuUlOV9li8ORU8hxVm8Lt34AKoDrcSFI0JAq1aFmWu4p1Oxyc-LiMjvAyeNw1NzATqHGhE4t0vI5zDK1iKAiOfqpCa3XhNjhTmyVPxAHiyZJOYR65jKkdcoWLtEfSBFSYm_E70x6SDu61N1fejhnMHzdn71vDfbZvh

Requested by

Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F915 0
0 165ms
78ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPJ4ixApLFHEGkRGcn118fpjiF8Geg-_T0S2I1gyb0xJew04O3uDj_iaiHbi0e00mVA63HJmOrPaHcr7ILzZFburhJagbBDKPpLiI4FlPHP8g7m5hIJVgVPe-Bixa_QvLhWKwZyntwfHGVoPCTTfAGeRQD2uJN7vdqr_N4aFcZcw4E4RpnfRCGuMhMPhpk3WwCi8qRjWr8WuEgv27pXVsfqUX8p6wKNbkcK5RY2H1dxbnG0gSZZwPKb5aQk1LLtsdhkJgyZTBhVQFVvAv1fj0AMAQjMDQ59mxxns_IPWbqNqfDjB9oidu7IBvYkDpCq2lknVdmkTbciU20W6niX702yC_eoqP1kFxBQNUkBC3f1cmpTVUDlbLtoNQA_aoM-AD9I8-mpMalPizUE3lyRn_XAWMT00hx3XPbVNScHqw_Ld20eVJ4r4aOu32IOv-tQv5f_sKc-Rd5zAOOaMPOIgZdzwR7tkXkCAZZcfYm-7GhpgUKZa3-ijfgx52UPCRA2DYQgXvNPHRWkb3l_YNaTuL7UHQkes5uXCgBA0PYFhdG7knyfSdJ2iEJ-UYcmzJN5pDANPJaZh9xLjHetqg_4Av2SkbC41jXKkZC3FLi2ikDhg4K0QfKTUBFGk913apGW_Ba3eNgGP6-awzdmjcv-jrzJs0Fg0ROi0HlpxqZGiUc4eoezwGcfDx5l8zvAf5ikv4eM8NXE96FYgQkdzAJc5KvkEL71KI9dVpcF30KZWwCkPvqdQ9ov_24A3p39uVVJ1FwQO2vsgaepXMc9ztp_j_yhK3Vaf0UL_4h6VM5GhZlovB5IrnJDl-5w6pHzJneTK95aCcdI1AaNQvjd4zpIqrfys-jhBSHdzrj2PQplXNzcYLnkTGwIcK4FJeM_alOlQDaj60ZvLi3CnhrFLjjuVd7jBO7XEYTSKqjdtnRp9ohoe7DaGi8rv6Niv9HHWMNokLihU0MV_HxH29A9Bgyh8JgU7AbjCSncVPk5sSqu1twy5gddJZ7gnlfZulmA9beIYuQQjGvdFnSCQkxSFZ1AcL92cExUc5LhcKiGAnS47hU34JrZYzYrMFELR9wbQ0Ik1IuqDUtbNItOAn-utgrUBBPEMVTTqq2PIPof7BKOXlEFIRZuylz4Bw5t9MfUABH3qj9eY5fI6B7n2BozqcpQHGoVq9DfeH07wZmoDLaUl5mRG1aSgN_Gaf0isumEuT58AXwwWTGecnFofT0ujsYDooNHZ1PG442wTCNeKJNpIY0NVnmdKAm-6LQrmDazg&sai=AMfl-YSnpYwssV_hmi6vpF6My8qRnHfoSAOtW59Bts1g_pEGKmcd6Xy_Go-MtZ1JBShFPFBv9PFTqkB7nIbf-nKxwxK8MVXkehY8i4k5euAawNnv7C1eeKKawspro_I-vFvQa3-O0_n5Vl08SQElwX3xgqj1IccHM7AQ_C6qyNtDEKPXvnNlqfz2Tfim3nD1efGAspvtNRYrzVnCxNfktFPIVo_nX-PKJZMLeydwgZ0j_DI98x1L6qZjP3FbD9AhOJP2nffbLlJDif9bKQ&sig=Cg0ArKJSzJ6BF5JS60gdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=486&vt=11&dtpt=278&dett=3&cstd=203&cisv=r20221110.54083&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Nov 2022 08:09:32 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F915 43 B
215 B 396ms
337ms Image
image/gif 2600:1f13:800:7780:93a2:ac09:2e07:a55d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=519ceb50-9241-0da5-99ea-4fde83c95d94&tv=%7Bc:uXRDC0,pingTime:-10,time:472,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1669363772440%7C%7Ccc7d6f351efab89f1636c9099c707f89%7C%7Cf8b8963e850cee297829880103706300%7C%7C1be886b78307fd76126f6639bf473e15%7C%7Cd43dc4838a00ba6bc11912d0641bda6a%7C%7C8b892f6004a911b9486deb74b4c68b4d%7C%7C62f7e6d325784b2c29335442e9424f03%7C%7C5ef0fc55584658adc3260e1f8b536212%7C%7C1663701684%7D
Requested by: Host: ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
URL: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:93a2:ac09:2e07:a55d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 93FA 7 KB
6 KB 81ms
81ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ef63538cf869b38c5f71b14fc8fbd5d3981c2694e9c7ecf68259d201cde099d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5632
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 93FA 17 KB
6 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 08:09:32 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BFB9 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6-Hc6EZDuM_q_QKN0mxSZP2k9-Ol7K7c7MiDbiIW-5-lICtPv9rP5Z2tbjhObo8YKql8E-MkvEDA7TJVHNMfxK6weVaYnK31qIvqXtt2j0wyy-p4OXNPEpj-ZQ6mlOaLiZRTdSA&sai=AMfl-YRrQtpnMZcs3mDZvPnm5rtfnT4_JXjG5ep3HNW1EGiVaSavHZN6KsBGeVXn5_O9Le_DbLc7mMop_x5stOc&sig=Cg0ArKJSzB5PqJ_o68K8EAE&cid=CAQSGwDq26N99UJZa3I_kJ3yVw7rPhltGWB_cQW7XBgBIBM&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3379964164&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669363769619&rpt=1957&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FB1 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 21:21:22 GMT

POST
H3 204 ev Show response
s.seedtag.com/e/ 0
15 B 52ms
23ms XHR
text/plain 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/ev
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.841a2baf17caaeb79653.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 25 Nov 2022 08:09:32 GMT
via: 1.1 google
server: nginx
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: https://pelotainvernal.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 88ms
88ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85ad8bd68f85a892a8037a22e09cdce5b6bab4b1f72c6fb2f72699fea39304ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11108
x-xss-protection: 0

GET
H3 200 728x90_NH_D_LA_Wall-Flower.jpg Show response
s0.2mdn.net/creatives/assets/2373736/ Frame 93FA 24 KB
24 KB 40ms
40ms XHR
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2373736/728x90_NH_D_LA_Wall-Flower.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b37d659e70fb35a8ef452f586b145ba5b834759cb9c6b93e9b539ae1d30174aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10870759898001676874/index.html?e=69&leftOffset=0&topOffset=0&c=C9p2tW30qq&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:03:21 GMT
x-content-type-options: nosniff
age: 371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24284
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 11:07:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 08:18:21 GMT

GET
BLOB 200
OK 09968ac5-5206-4aad-bc61-48b484ed0dd7
https://s0.2mdn.net/ Frame 93FA 24 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://s0.2mdn.net/09968ac5-5206-4aad-bc61-48b484ed0dd7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b37d659e70fb35a8ef452f586b145ba5b834759cb9c6b93e9b539ae1d30174aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 24284
Content-Type: image/jpeg

GET
H3 200 de_DE_imageanimation_NH_D_LA_Wall-Flower_728x90.js Show response
s0.2mdn.net/creatives/assets/2987685/ Frame 93FA 41 KB
23 KB 41ms
40ms XHR
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2987685/de_DE_imageanimation_NH_D_LA_Wall-Flower_728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b718fc210c34e518690b03ed5fe8736fc6e3375b628abf90c95820fdbbcb43f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10870759898001676874/index.html?e=69&leftOffset=0&topOffset=0&c=C9p2tW30qq&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23888
x-xss-protection: 0
last-modified: Tue, 10 May 2022 07:49:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 08:18:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 08:09:32 GMT

GET
H3 200 js-animation_de_DE_imageanimation.js Show response
s0.2mdn.net/creatives/assets/3389262/ Frame 93FA 66 KB
18 KB 41ms
40ms XHR
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3389262/js-animation_de_DE_imageanimation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10870759898001676874/index.html?e=69&leftOffset=0&topOffset=0&c=C9p2tW30qq&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18063
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 17:53:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 08:21:26 GMT

GET
DATA 200
OK truncated
/ Frame 93FA 16 KB
16 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 NH_D_LA_Wall-Flower;strtype=2
ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_b361PDI-wIV0dwRCB2HHwadEAAYACCW9dFNQhMI16PV1PDI-wIVjuW7CB2mHQQj;stragg=1;&timestamp=1669363772985;str=LH/NULL/497/amadeusBestPrice/ Frame F915 42 B
251 B 88ms
73ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_b361PDI-wIV0dwRCB2HHwadEAAYACCW9dFNQhMI16PV1PDI-wIVjuW7CB2mHQQj;stragg=1;&timestamp=1669363772985;str=LH/NULL/497/amadeusBestPrice/NH_D_LA_Wall-Flower;strtype=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C382 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2893
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 07:21:19 GMT
expires: Sat, 25 Nov 2023 07:21:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D527 783 B
535 B 50ms
50ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e053919de012354146d20e7bb9664c6a4e48b72f1ab56e07a26f31cf693b51f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-54eoYhh03f2Plpt-AkkTLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-54eoYhh03f2Plpt-AkkTLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 08:09:33 GMT
expires: Fri, 25 Nov 2022 08:09:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F915 42 B
64 B 81ms
81ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2tlkYV4B-gBEoNwTgfpRcRyJUYPyc23eOIBSeD14v3dw2gZa0OaCUE8TqpextqcOVCvvZ1Bl36NxbhDiUnsJ3IcJpK7MQZmMZhu1ULqrpyqgRXClQGQxqTbYd_5xCN4TqyjC_NQ&sai=AMfl-YQtOryqp2hhI770n0ezrOnpeJZG1gW8rgZIjQj11BdeYvqXtPvFndzysv6DJbk4vA4a1jf1_DOH0ppMqtXnvC-gZJYvMHSmXUZBT6-YZEgM-McmVmmEV138zJf-tQw&sig=Cg0ArKJSzJeTJ0VPjQsZEAE&cid=CAQSPADq26N9YgwdD3WieMunp7S0DRPA89nqZQtPKAtar27j_xBTJHzuXruU0bTKsA-FOCvosxxPMt9movAQwBgBIBM&id=lidar2&mcvt=1000&p=485,275,575,1003&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1811199381&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669363771599&rpt=391&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame C382 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 21:21:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D527 0
0 71ms
71ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=552620077383395&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F915 43 B
215 B 176ms
175ms Image
image/gif 2600:1f13:800:7780:93a2:ac09:2e07:a55d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=519ceb50-9241-0da5-99ea-4fde83c95d94&tv=%7Bc:uXRDN4,pingTime:1,time:1158,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:107%7D,%7Bpiv:0,vs:o,r:l,t:133%7D,%7Bpiv:100,vs:i,r:,t:146%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1012,o:146,n:133,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:107,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~728.90%5D%7D%7D,%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B12~0%5D,as:%5B12~728.90%5D%7D%7D,%7Bsl:i,t:146,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1012~100%5D,as:%5B1012~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:398,fm:tobuggw+11%7C121%7C131%7C132%7C141%7C15%7C1611%7C1612%7C171%7C18%7C19%7C1a*.925113%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:109,sis:173%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:93a2:ac09:2e07:a55d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:33 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F915 43 B
215 B 175ms
174ms Image
image/gif 2600:1f13:800:7780:93a2:ac09:2e07:a55d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=519ceb50-9241-0da5-99ea-4fde83c95d94&tv=%7Bc:uXRDN5,pingTime:1,time:1159,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:107%7D,%7Bpiv:0,vs:o,r:l,t:133%7D,%7Bpiv:100,vs:i,r:,t:146%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1013,o:146,n:133,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:107,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~728.90%5D%7D%7D,%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B12~0%5D,as:%5B12~728.90%5D%7D%7D,%7Bsl:i,t:146,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1013~100%5D,as:%5B1013~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:398,fm:tobuggw+11%7C121%7C131%7C132%7C141%7C15%7C1611%7C1612%7C171%7C18%7C19%7C1a*.925113%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:109,sis:173,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:93a2:ac09:2e07:a55d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:33 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F915 43 B
215 B 174ms
174ms Image
image/gif 2600:1f13:800:7780:93a2:ac09:2e07:a55d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=519ceb50-9241-0da5-99ea-4fde83c95d94&tv=%7Bc:uXRDN5,pingTime:1,time:1159,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:107%7D,%7Bpiv:0,vs:o,r:l,t:133%7D,%7Bpiv:100,vs:i,r:,t:146%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1013,o:146,n:133,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:107,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~728.90%5D%7D%7D,%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B12~0%5D,as:%5B12~728.90%5D%7D%7D,%7Bsl:i,t:146,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1013~100%5D,as:%5B1013~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:398,fm:tobuggw+11%7C121%7C131%7C132%7C141%7C15%7C1611%7C1612%7C171%7C18%7C19%7C1a*.925113%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:109,sis:173,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:93a2:ac09:2e07:a55d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:33 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C382 0
11 B 39ms
39ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Hm44MA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:09:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=552620077383395&bg=!rK-lr-vNAAbvMpMzzzI7ACkAdvg8WpZLvhEpT63h6H_3sKKl9Ixmfs7rmv5CqeSHupA_Os8jwHjNuAIAAABdUgAAAANoAQcKAGVoIJK54Bex37MDRE5t-SXwR_NiKUclSyIyX0i3BDCcN3nF7UpPb9YlObbLK9q_umlXJdPHSXogaDuQ3niUWiPFd0tL0pIR6aSN5WVUBV6EesdHlwM3VVyGJfE9roZch5ZhUS8oUJkCrs-71XWVgPcyEbdT87MqplaO-qlYY4n3ZzgDUd8dK1gD1gyZGwxsv5JnyQYvBrb4g8QJc9EJWcCmYoyUpXVtqaAiv9KoYxp71ZTJU-u9B8xY0VPk4FhdVG2a7QxFDB00P11FC0H_wIsK4JXLqZzr1qlvKdV2N_YbYsyvgAx8T4SvCUoWaykOt9Bv72enxv1WCQsMsrT9fyLceb13XpvOrMsPMQK0o81k9aMvSTx9EUbJlwnieO1aU-qyt_hlbsXnQG35OaisId2tjKHQ1lwcRf4rSaFjn42AFHy6UXvioc549Zcru9851MBVMME9FJlTbxN-QY4GR_F4tGSQ_3o_6eIdxgkDG0NhWhjAMct9YAwtyQd2R1WSDcMfAg03XJ3XnzGGq6Q0XFSvDXVycOn3ZGcKrgeCiFGuuB6SFZcrS9neSiezlO9CyoWYOXEiTX304q7D2Nwa3oGsUEHw0ppQGlyiSZB9TPMTred0RXQVAN151fC1yz8OHMZ47AU8w102vqNmvIytoKAjZ8Ugg_XIJAdbd92breW41qShGGz6y4MpwYArig4V-CKLAe4Y7l6Xl7fRUiueNkzf7lsxlvIPZ209lQe2SRswmLRdVshoDxi0aMghyGYXPE-yZuXWyl3NDX05UFcDG1SSsPLvzABpJKcLZ2W6q2Yqe8Lw_Cg52j07_YGAgmvd1OXojGD7e8W-dH6dX1pDX7kXgE0SJuvybAbH7EyvKVZNuL4p2urQJTPoB9PpNwSRZDYKRQ9MwOErg7M5G362I5kXgPQ6gCoAVUcAJaeJlNpZLmEJiPnuUSZoUAs_cFXrA5hzk8E92mdVwOru2bXEM1hZHlDOxw56Oau72BzIZoC_Bz0hLP-atlUqL3mMURyCKL-zK830VU934IrQry1-BW2wFEykUkBn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 204 /
onetag-sys.com/usync/ 0
38 B 8ms
7ms Image
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

GET
H2

200

bridge
cm.adgrx.com/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=0

43 B
283 B

118ms
15ms

Image
image/gif

72.251.241.206
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=0
Protocol: H2
Server: 72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:34 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-4
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 08:09:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t24PaMsFsa3cxU0pUVs80l9WGwoIyM4mybyaDhKEaJfhgxXYxTEPaPDQZBdv5R%2FxOdTJOqXxi8lUFLpyukCsVBzix5QjpYaGgJcJj75if1Qat0zzRtGS7M02yMMd73aDKCNtIPT7"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=0
cache-control: no-cache
cf-ray: 76f8e7247f3590ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK cksync.php
cs.media.net/ 44 B
410 B 56ms
17ms Image
image/gif 95.101.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-200-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 08:09:34 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 44
X-MNET-HL2: E
Expires: Fri, 25 Nov 2022 08:09:34 GMT

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
s.pelotainvernal.com/	1970-01-20 07:52:48	Name: AWSALB Value: k/mauoYTowTHfWlD7XRxtlOOlVH6iH0Mbgj/4aSOQupKxnGMI8iUGmnudU3ISqQgoDFRf5PFnj9m2yqa0CTiLyJqwPo2U4PZ9uO9ASDUVDdZAsssMTYv21kykobl
s.pelotainvernal.com/	1970-01-20 07:52:48	Name: AWSALBCORS Value: k/mauoYTowTHfWlD7XRxtlOOlVH6iH0Mbgj/4aSOQupKxnGMI8iUGmnudU3ISqQgoDFRf5PFnj9m2yqa0CTiLyJqwPo2U4PZ9uO9ASDUVDdZAsssMTYv21kykobl
.pelotainvernal.com/	1970-01-20 17:04:19	Name: __gads Value: ID=ce1e6d94fa777c28:T=1669363769:S=ALNI_MYI83i6pUGnYQQqvOquwV2YbGIw-Q
.pelotainvernal.com/	1970-01-20 17:04:19	Name: __gpi Value: UID=00000b86c5c5e936:T=1669363769:RT=1669363769:S=ALNI_MauspntqU4os8C1eYOFWXclprFlyw
.pelotainvernal.com/	1970-01-20 17:18:43	Name: _ga Value: GA1.2.481211934.1669363770
.pelotainvernal.com/	1970-01-20 07:44:10	Name: _gid Value: GA1.2.745338117.1669363770
.pelotainvernal.com/	1970-01-20 07:42:43	Name: _gat_gtag_UA_19230497_1 Value: 1
.doubleclick.net/	1970-01-20 17:04:19	Name: IDE Value: AHWqTUmSRh3dKhSK8swdEjSBI-DsSAFJFtlYAN4JZdBv-QM0IuGJ34jbVBYCWa_FOPo
pelotainvernal.com/	1970-01-20 08:25:55	Name: _pbjs_userid_consent_data Value: 3524755945110770
.pelotainvernal.com/	1970-01-20 16:28:19	Name: _pubcid Value: cd9f8358-618a-41af-b088-1f6a5467e9e8
.doubleclick.net/	1970-01-20 07:42:47	Name: DSID Value: NO_DATA
.pelotainvernal.com/	1970-01-20 17:04:19	Name: cto_bidid Value: YdHpAF9YeGRvVzBmSVRsSnhqJTJCV3ZlRnhmRmFKVm9CUXUxMDE5TUJ6WDlieWIlMkJmUmQ1aiUyQkRNNWpBcEVDb0JrJTJGcDZ1VTFtWGpVWXNSQ2xPRDNoTnUwNjJZTmdnJTNEJTNE
.rubiconproject.com/	1970-01-20 16:28:19	Name: khaos Value: LAW835D2-1F-IE6G
.rubiconproject.com/	1970-01-20 16:28:19	Name: audit Value: 1\|naVuGyos1qr6LCk/aankcT5APvdogVCbaTd6KyMQnavCRi4Lg8bJKxmXi9GtKvkoSkyj9x8eeR3thoi474+Tg2jYHTlS9mMvGIFatoJ0DXuyqVI1k5poNA==
.quantserve.com/	1970-01-20 17:12:58	Name: mc Value: 6380783b-49a8b-862da-64c24
.pelotainvernal.com/	1970-01-20 17:07:12	Name: __qca Value: P0-108496029-1669363771139
.criteo.com/	1970-01-20 17:04:19	Name: uid Value: 58a32ad6-4ab1-4b19-ad8b-ad9c31e4ee78
.pelotainvernal.com/	1970-01-20 17:04:19	Name: cto_bundle Value: 0mkVFl9SVTZQZGJJMWR0WVpHa2s0dDhxaENJQmxWeDNVUmlYNkdqNk15MWtLRHZjV3YzclAyME4lMkJKUEZiYzBMblNvdG1DSFV5YnY5eWlxJTJGUlo4ZWpMSlhHcXpsZ2dYbWRmWVZxQWRtVjJIWG5PUG1YelFSZWJCYzBQVzdXUHdZeHJVU3R2VDNvN3Z3OGk2MkhHJTJCRyUyRllOYVBMQmZpVWdYYjRqOHhDamJhcE8wUVVFQSUzRA
.adnxs.com/	1970-01-20 09:52:19	Name: uuid2 Value: 4792481298278186810
.casalemedia.com/	1970-01-20 16:28:19	Name: CMID Value: Y4B4O.HXio-xJTCGVOkdTwAA
.casalemedia.com/	1970-01-20 09:52:19	Name: CMPS Value: 1180
.casalemedia.com/	1970-01-20 09:52:19	Name: CMPRO Value: 1180
.adfarm1.adition.com/	1970-01-20 09:52:19	Name: UserID1 Value: 7169862805869492364
.ctnsnet.com/	1970-01-20 16:28:19	Name: cid_42491e6d1abe4459bb8dea1e20b21cf0 Value: 1
.ctnsnet.com/	1970-01-20 16:28:19	Name: gid_CAESEBCu7Z4jow_PKdxc1UI1FLs Value: 1
.mathtag.com/	1970-01-20 17:08:38	Name: uuid Value: a5676380-783c-4000-92e5-538615d68e4a
.mathtag.com/	1970-01-20 08:25:55	Name: mt_mop Value: 4:1669363772
.blismedia.com/	1970-01-20 16:28:23	Name: b Value: 6380783C546B0209BF7CF122BLIS
.360yield.com/	1970-01-20 09:52:19	Name: tuuid Value: 895317bf-b759-422d-a6aa-d995aa75f47f
.360yield.com/	1970-01-20 09:52:19	Name: tuuid_lu Value: 1669363772
.adnxs.com/	1970-01-20 09:52:19	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In494^V0!@wnfH8K6pQK`!5=E<L5?%M97oU7-8NIoC5vc?OlXmxCf^P!5B`^r8eb:nN%nugO%v4VB%noJ8AwRi
m.exactag.com/	1970-01-20 09:52:19	Name: exactag_new_gk Value: 5924d7827fe0467fa23cbb3d9faafdde%7C24.01.2023%2008%3A09%3A32
m.exactag.com/	1970-01-20 12:01:55	Name: exactag_new_uk Value: 690f2580b9984d40a44fe980272594de%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 4ba360cc964d41d7b37bbddd
.casalemedia.com/	1970-01-20 09:52:19	Name: CMTS Value: 3176

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-3139134883708761&fa=1&ifi=7&uci=a!7&btvi=1&xpc=XPJBP8Vm06&p=https%3A//pelotainvernal.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad5fa02d6e27f34d5a1bd32cffa030b9.safeframe.googlesyndication.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
ap.lijit.com
cdn-conectate.kiskoo.com
cdn.firstimpression.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
cs.media.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
ecdn.firstimpression.io
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fastlane.rubiconproject.com
flower-ads.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id.sharedid.org
id5-sync.com
m.exactag.com
match.360yield.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pelotainvernal.com
pixel.adsafeprotected.com
pixel.quantserve.com
prebid.media.net
rules.quantcount.com
s.seedtag.com
s0.2mdn.net
s3.amazonaws.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
t.seedtag.com
tpc.googlesyndication.com
tr.blismedia.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.131.145
104.18.33.19
142.250.184.226
142.250.185.226
142.250.186.166
162.19.138.120
172.64.154.237
178.250.0.157
18.165.160.89
185.29.134.248
185.80.39.216
185.86.137.122
185.89.210.82
2001:4de0:ac18::1:a:2b
213.202.235.10
216.52.2.39
23.53.169.70
2600:1f13:800:7780:93a2:ac09:2e07:a55d
2600:9000:223c:b000:6:44e3:f8c0:93a1
2600:9000:223f:8400:8:48e:53c0:93a1
2602:803:c003:200::51
2606:4700:10::6816:3456
2606:4700:20::ac43:4b43
2606:4700:20::ac43:4bf1
2606:4700:3031::ac43:b7f8
2606:4700::6810:5814
2606:4700::6811:180e
2606:4700::6812:372
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9c
2a02:2638:1::13
2a02:2638:1::3
3.5.20.187
34.107.148.139
34.149.50.64
34.215.75.170
34.96.105.8
35.186.193.173
51.89.9.254
52.211.171.170
52.22.201.165
72.251.241.206
85.114.159.118
95.101.200.23
99.81.181.127
99.86.4.108
008be15ff7db879ddccb3bf415d1143924af4eca6d1dd5250726ac423624f9d5
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02c0de7eaefc489c307ac59ca20691e454735b53ea2f294e293c6f3ac06fbb2d
06d0490ec82249a34d6533998690bb7b68c6b9a9d216762c0c1fac73b79af792
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289
09778ab5d08d1983b0ba1d423603b1b0f2214947ed465534dcc9ac047bf929ba
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d573521f4086736b19e2231a27c55f1f45eefc1184f7e8882293b2e4587c1f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14fa937604e0fd3f7f1f8fa5daa5ab7e25052e1b1b826688b0109fac4251bf6f
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19737707017ce7f188707e1e6fbae40088945cb235a8c37971b507b97d771a4b
1c702086d4312dd034fbad878dcf1074ced6df886ff52d564f71269d71067360
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e894e7cf7187c224f386656a508446013f4cd6edea742f5241ce57258db06c6
21fdf846072eadb48dc73730231263480638eb75fcdc8b08f90d796fd2dee769
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e4e5c0fac4536eff17b006936dea02a3df5792cb31d28b802ae79091279b293
30756d02ae18e96fa487b8ef232eef201f9d0941155dc26e4ab58f65829a9a45
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5
3521616fbd1415fd86988bfc9773f6044497f54354e0b924f7db878f91c1af83
35e5b0ce5c9825b95615f030bf41dcffdcaae8480341cf2c1388d04f279edec0
361126b8b4218f682addf50e6ff5aca6840ac9f877b24a667959dd66dfd71aca
36c2343f3359688c9948184e631420db683b3d1a105206fcf76f1354c106425e
3aa5cdd18374b285ddc76c94ee1735df8b3e518cb7202fa7feec77a3b13437a3
3ef63538cf869b38c5f71b14fc8fbd5d3981c2694e9c7ecf68259d201cde099d
439c145e487173b205235b16fd6b4c189b7491e1352623a64f477caee582dde1
43ed01782a52f74351b31f996f02f0761540c3af7cdbd0693891a3e5abcfa3c1
45d92b59f4c6b5da2eb86bc68bf0de0ed05551977d488b00adda78f0b6e33441
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
47f719c1691461a5d778135c0512d51c87f8eea39be7ddad829830925902674b
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ffe1619d0cddcd71c73eb41dcf1bf9219646f36b90667b3746c8a6771375fc6
50437c317b35574b3e8d2a76ecaa4776636a8751b0b38907e9f8f2905738866c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506ed8396a11ac105eee94142f5ed54c9725b8e84e1854acb5863ef3f0bcd914
52084175f1ddbd7e4168245880f4dd0c69cedbcac6096306ecae4e56181ad545
5276234948424c98f983ac0a155860a14d58b1e54f01a5a81526b8958c0dd5ab
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c6db40b1b69c1b5e2d8f6c5ead3e19e6b99819d70b3d24e3e07b9a88632b02e
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6812f88d73481c15bf95dace7b4ac17c6b2e58fa2ec683a1ca28ace4914750da
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74df90f5f0e27dd5df2470215692754169878aa5443c25a3515e1768e3db03b1
766fd13c6ac2660275fb24db492b6300363ce343f9a07604402f2cf3a09fc852
77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
790082e0d7a95987417ab26e229da916eb4e43693be4544a390eee1d23255666
7b718fc210c34e518690b03ed5fe8736fc6e3375b628abf90c95820fdbbcb43f
7d2d7d3c2d107114254de2051e79592b36ce970050abc6763356b9322d66613c
7e9276746ee6d70a75d8362ddd8e20aa1ce8a008c8e39c66a9e05b758f636d01
80093605a22befa775b690e52747978417f06c28b7af86c4d7664d8c55fa2c0f
8240816fc4f0aee7a3cf5fa5b14f43e7079afc941f4988e1f7700b09c3fe5d33
828afa4f1d92f10b3290885eb515207174be45f56c19b47743b1b795410c1f75
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85ad8bd68f85a892a8037a22e09cdce5b6bab4b1f72c6fb2f72699fea39304ed
86738ba26e3464849f369a4a436f56f6ee61c177be2ca956953da66b1f83f86a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87ec184cd9b3cfb5ccbf631c766fc0d6b01d8811184a5f6f49f2ec528429dad4
8ca6d86905f286b9f306a0e092d8477ee962fabcc97d9828abbdd640a9c1f8c7
8e05e2ee52939cb84c40aed78f963f60184ecd9ba996e88b11ad10eebfcc55a5
93e7300f8566366b9bb54f262137a84dfe7c7057a47b20e0e28a4d7a9d8a5b47
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9dd7bad01d529426722b766813c687eb80660b53a21e6637cf096dfc236df6c2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a22f99e7019dcec40ef476ac0ce548fccc14ab8ff1eed2a23dc669e66263c31a
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a67612c801d54b2817687d2155b63f849b671d96ffd423cb77b36b0b66fa2192
a6a1d3901e4cba2c5f626079b5099734731dae57084f5c00630f257547778763
a743cd50ba72a41a51ab872a12cc5baa0bf3607b33a8d61b711f2dd23ad9205c
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23
ac9d40b769acbb4de78d1fe79327691803180e3762d74109f764fd680885eb3c
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af5a5de4c1ff78fa4511a8b783e0e623109185441875e3cc364fdce1c290c64e
af9474e5a7a9093351569e5cb64b9b34596d02e5cd1ede8ead7acf41740f76cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37d659e70fb35a8ef452f586b145ba5b834759cb9c6b93e9b539ae1d30174aa
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873
b59274b06fc793177aedbfa4b52d6d2571528266198414ae2b1795d7d87bff48
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
bac0705d11ffc896d765dc3507e2ad3abb961795b05bb857039ca92f649a0745
bd558b6b0fa8256504d6f1796203c55c540013d7d4021f79241476f3ac49dac1
bdbbb447bf69f791cb6717a186852f2b9661ca900a74d8235d37ef9ed65ac0dd
c23043e71b8b0a30570fadfb9f496ef2dcc111217eb12b83e47be244e187b592
c264c6738cab783ca0323d51c3d2d534f323e0934b9e6be5a13839b9029c6617
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c54527742912dc24ffdbc35d926d8d76f016b8258e9ebb94dfb50a729d6901df
cc8bc6e96c681a05f2b0df7c592db41636a2dd5a29bd8a989184b1f6a4abd9b0
cd257ced5860b54b3c71dd2e1c9704a552f0c2be8e63ef42cdf47e05293da1bb
cdb273d2093f8ec722d627efbcc773ecd5ed1537f22458a2467f66da02038d62
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d74835ebc144bb92d18a970ca79cae0840c356a5967bb1d1d9428c32c183cdb1
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da1abeb8c4f5f548266e9ee92b607d967800e90b253cee51463371335946989f
dc2a9fb153f659b963260a8ad21ac2a1132472815314c1e83ba1f151214d8a59
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361
e053919de012354146d20e7bb9664c6a4e48b72f1ab56e07a26f31cf693b51f3
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e534b2d451a43296a69ebbcf1aa5145ac5167cc5f4b0f2ea5e6f824446a84d84
e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e96ad677197ced49544bf472a19d75623b544c51c5f9093707a286775662665e
eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699
ed2be51d264b2ea89ef0f7935ab1c3a9b0ed4ec3d2f0a72dc5e5c9008d39f320
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee735ad9351455e1417cd144ed24de18f6311c98a1284b55cd59fd0d25489d22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efac88c2f2439222107ca2ae41d82544bb7ed444eb6caaf7413e0288dbbb983a
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f274ac3b912b6364eb221514fd4bae116deb09922a69a9c2f0d13680a1c95074
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f55c61b063748e1322e70b92475fe9055ef3c718122c0f50c11d2f6f0a851f70
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fcf335290e0360f129801b9f94c5d17a2b9c3ff67a6d92157f37d51f4a3a6899
fd323c3986d208d5ca7998a7f51b50a617d8ef180d40fd75a505d0639c9e0875

pelotainvernal.com Open in urlscan Pro 52.22.201.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

233 Requests

93 %HTTPS

52 %IPv6

43 Domains

68 Subdomains

59 IPs

10 Countries

2791 kBTransfer

7536 kBSize

35 Cookies

3 Outgoing links

Redirected requests

233 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pelotainvernal.com Open in urlscan Pro
52.22.201.165 Public Scan

Screenshot
Live screenshot

Full Image

233
Requests

93 %
HTTPS

52 %
IPv6

43
Domains

68
Subdomains

59
IPs

10
Countries

2791 kB
Transfer

7536 kB
Size

35
Cookies

233 HTTP transactions
8 data transactions