urlscan.io logo urlscan.io
SecurityTrails logo

pelotainvernal.com Open in urlscan Pro
54.208.89.30  Public Scan

Go To Rescan Add Verdict Report
URL: https://pelotainvernal.com/
Submission: On December 15 via api from DO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 14 countries across 81 domains to perform 490 HTTP transactions. The main IP is 54.208.89.30, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pelotainvernal.com. The Cisco Umbrella rank of the primary domain is 478236.
TLS certificate: Issued by Amazon on August 5th 2022. Valid for: a year.
This is the only time pelotainvernal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 54.208.89.30 14618 (AMAZON-AES)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
35 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
15 52.217.105.206 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 104.18.132.145 13335 (CLOUDFLAR...)
1 3.19.54.139 16509 (AMAZON-02)
44 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
2 34.149.50.64 15169 (GOOGLE)
14 151.139.128.10 20446 (STACKPATH...)
14 27 23.55.110.73 20940 (AKAMAI-ASN1)
1 4 2620:116:800d... 16509 (AMAZON-02)
14 69.20.43.192 27357 (RACKSPACE)
1 2600:9000:225... 16509 (AMAZON-02)
7 7 35.214.223.115 15169 (GOOGLE)
33 146.20.132.57 27357 (RACKSPACE)
8 8 2001:678:cb4:... 56396 (AMOBEE)
7 7 54.208.68.206 14618 (AMAZON-AES)
41 146.20.128.109 27357 (RACKSPACE)
2 18.66.122.112 16509 (AMAZON-02)
3 2600:9000:224... 16509 (AMAZON-02)
8 8 18.194.50.17 16509 (AMAZON-02)
1 1 188.34.165.163 24940 (HETZNER-AS)
2 3.69.101.30 16509 (AMAZON-02)
3 3 18.156.0.31 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.64.154.237 13335 (CLOUDFLAR...)
1 216.52.2.39 32475 (SINGLEHOP...)
1 4 51.89.9.254 16276 (OVH)
3 5 37.252.171.84 29990 (ASN-APPNEX)
1 34.107.148.139 396982 (GOOGLE-CL...)
2 2602:803:c003... 26667 (RUBICONPR...)
1 142.250.186.70 15169 (GOOGLE)
1 23.35.229.86 16625 (AKAMAI-AS)
13 23.35.228.201 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 5 198.47.127.19 62713 (AS-PUBMATIC)
4 4 185.29.132.241 30419 (MEDIAMATH...)
15 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.185 1299 (TWELVE99 ...)
1 178.250.0.163 44788 (ASN-CRITE...)
1 2 52.94.223.167 16509 (AMAZON-02)
12 35 142.250.185.130 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 63.32.97.75 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
3 4 37.157.3.20 198622 (ADFORM)
7 52.223.40.198 16509 (AMAZON-02)
3 185.64.190.75 62713 (AS-PUBMATIC)
6 185.64.190.89 62713 (AS-PUBMATIC)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
3 18.218.58.137 16509 (AMAZON-02)
1 162.19.138.119 16276 (OVH)
2 4 34.240.30.150 16509 (AMAZON-02)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
2 35.244.159.8 15169 (GOOGLE)
2 6 23.218.209.56 16625 (AKAMAI-AS)
8 2a00:1450:400... 15169 (GOOGLE)
2 2 35.186.193.173 15169 (GOOGLE)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
2 2 34.245.154.233 16509 (AMAZON-02)
3 3 104.18.33.19 13335 (CLOUDFLAR...)
4 142.250.186.130 15169 (GOOGLE)
1 64.233.167.154 15169 (GOOGLE)
3 2600:9000:223... 16509 (AMAZON-02)
8 2001:4de0:ac1... 20446 (STACKPATH...)
18 2600:1f13:800... 16509 (AMAZON-02)
1 1 3.124.162.93 16509 (AMAZON-02)
4 4 213.19.147.45 26120 (RHYTHMONE)
1 1 18.134.84.22 16509 (AMAZON-02)
4 52.46.130.91 16509 (AMAZON-02)
1 1 2600:9000:223... 16509 (AMAZON-02)
2 72.251.241.196 32475 (SINGLEHOP...)
1 2.18.68.23 16625 (AKAMAI-AS)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 151.101.130.49 54113 (FASTLY)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.87 62713 (AS-PUBMATIC)
1 1 141.94.171.212 16276 (OVH)
2 2 18.158.209.170 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 198.47.127.20 62713 (AS-PUBMATIC)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.243 21859 (ZEN-ECN)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 5.161.47.120 213230 (HETZNER-C...)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 37.252.171.52 29990 (ASN-APPNEX)
490 88
6    54.208.89.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-89-30.compute-1.amazonaws.com
pelotainvernal.com
3    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
35    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
6    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2606:4700:20::681a:179 (United States)

ASN13335 (CLOUDFLARENET, US)
flower-ads.com
15    52.217.105.206 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700:3032::6815:6097 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-conectate.kiskoo.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
19    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
11    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
3    104.18.132.145 (None, )

ASN13335 (CLOUDFLARENET, US)
t.seedtag.com
1    3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
ads.vidoomy.com
44    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
14    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
ad.lkqd.net
27    23.55.110.73 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-73.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
4    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
14    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
1    2600:9000:225e:4800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
7    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
33    146.20.132.57 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
8    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
7    54.208.68.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-68-206.compute-1.amazonaws.com
sync.srv.stackadapt.com
41    146.20.128.109 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
2    18.66.122.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-112.fra60.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
3    2600:9000:2240:7a00:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
8    18.194.50.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-50-17.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    188.34.165.163 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.163.165.34.188.clients.your-server.de
bidswitch-eu.splicky.com
2    3.69.101.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-101-30.eu-central-1.compute.amazonaws.com
a.vidoomy.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
5    37.252.171.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
1    23.35.229.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
13    23.35.228.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-201.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
15    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
35    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    63.32.97.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-97-75.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
4    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
7    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
6    185.64.190.89 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    18.218.58.137 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-218-58-137.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
1    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
4    34.240.30.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-30-150.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
6    23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com
sync.teads.tv
8    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    34.245.154.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-154-233.eu-west-1.compute.amazonaws.com
ads.avct.cloud
3    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
1    64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net
bid.g.doubleclick.net
3    2600:9000:223f:7e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
cdn.stickyadstv.com
18    2600:1f13:800:7782:acfb:2d89:a7ac:cd68 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    3.124.162.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-162-93.eu-central-1.compute.amazonaws.com
d.agkn.com
4    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    18.134.84.22 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-22.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2600:9000:223f:8e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    2.18.68.23 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-68-23.deploy.static.akamaitechnologies.com
cs.media.net
1    85.114.159.93 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
2    18.158.209.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-209-170.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    2a05:d018:d29:3601:6f22:82f:ef72:b8eb (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
Apex Domain
Subdomains		 Transfer
102 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 22754
v.lkqd.net — Cisco Umbrella Rank: 11551
cs.lkqd.net — Cisco Umbrella Rank: 2756
t.lkqd.net — Cisco Umbrella Rank: 18312
423 KB
78 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
742 KB
64 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
ad.doubleclick.net — Cisco Umbrella Rank: 161
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297
bid.g.doubleclick.net — Cisco Umbrella Rank: 704
397 KB
45 pubmatic.com
vpaid.pubmatic.com — Cisco Umbrella Rank: 4684
ads.pubmatic.com — Cisco Umbrella Rank: 481
image6.pubmatic.com — Cisco Umbrella Rank: 716
simage2.pubmatic.com — Cisco Umbrella Rank: 641
image2.pubmatic.com — Cisco Umbrella Rank: 852
vid.pubmatic.com — Cisco Umbrella Rank: 8864
st.pubmatic.com — Cisco Umbrella Rank: 973
aud.pubmatic.com — Cisco Umbrella Rank: 4185
image4.pubmatic.com — Cisco Umbrella Rank: 824
229 KB
35 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 595
cdn.stickyadstv.com — Cisco Umbrella Rank: 5228
586 KB
25 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 813
static.adsafeprotected.com — Cisco Umbrella Rank: 587
dt.adsafeprotected.com — Cisco Umbrella Rank: 543
202 KB
15 amazonaws.com
s3.amazonaws.com
145 KB
11 gstatic.com
fonts.gstatic.com
202 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 482
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
dsum.casalemedia.com — Cisco Umbrella Rank: 1324
7 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
8 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 267
253 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2835
dis.criteo.com — Cisco Umbrella Rank: 658
9 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
3 KB
8 turn.com
ad.turn.com — Cisco Umbrella Rank: 710
3 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
2 KB
7 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
3 KB
7 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 752
1 KB
6 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1225
1 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
4 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 414
6 KB
6 springserve.com
vpaid.springserve.com — Cisco Umbrella Rank: 9310
vid-io-cle.springserve.com — Cisco Umbrella Rank: 8553
266 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
261 KB
6 pelotainvernal.com
pelotainvernal.com — Cisco Umbrella Rank: 478236
30 KB
5 seedtag.com
t.seedtag.com — Cisco Umbrella Rank: 13646
s.seedtag.com — Cisco Umbrella Rank: 5800
135 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 566
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
3 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 690
892 B
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 939
pixel.quantserve.com — Cisco Umbrella Rank: 666
cms.quantserve.com — Cisco Umbrella Rank: 639
11 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8549
1 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
3 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24144
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26541
740 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1884
mp.4dex.io — Cisco Umbrella Rank: 1980
25 KB
3 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 22938
a.vidoomy.com — Cisco Umbrella Rank: 8039
6 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
44 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1844
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2085
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3765
625 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1107
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 534
749 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1303
565 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2769
890 B
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1782
184 B
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 29316
632 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 411
365 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 958
id5-sync.com — Cisco Umbrella Rank: 413
17 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4459
562 B
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
14 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1148
cs.media.net — Cisco Umbrella Rank: 1387
1014 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 23217
cdn.firstimpression.io — Cisco Umbrella Rank: 23306
97 KB
2 kiskoo.com
cdn-conectate.kiskoo.com — Cisco Umbrella Rank: 192086
3 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
36 KB
2 flower-ads.com
flower-ads.com — Cisco Umbrella Rank: 861580
165 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3458
462 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2014
555 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5627
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5149
277 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 578
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2838
104 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3040
419 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427
524 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 655
442 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 2993
536 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
577 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 634
765 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
13 KB
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
265 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2401
382 B
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1353
3 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
405 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 24704
221 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 868
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 830
701 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
43 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 686
30 KB
0 audrte.com Failed
a.audrte.com — Cisco Umbrella Rank: 1899 Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
490 81
Domain Requested by
44 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pelotainvernal.com
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
41 t.lkqd.net ad.lkqd.net
35 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
pelotainvernal.com
33 cs.lkqd.net ad.lkqd.net
31 pagead2.googlesyndication.com pelotainvernal.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
googleads.g.doubleclick.net
fw.adsafeprotected.com
s0.2mdn.net
27 ads.stickyadstv.com 14 redirects pelotainvernal.com
ad.lkqd.net
cdn.stickyadstv.com
18 dt.adsafeprotected.com 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
16 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
pelotainvernal.com
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
15 s3.amazonaws.com pelotainvernal.com
14 v.lkqd.net ad.lkqd.net
14 ad.lkqd.net pelotainvernal.com
ad.lkqd.net
11 simage2.pubmatic.com ads.pubmatic.com
11 fonts.gstatic.com fonts.googleapis.com
8 cdn.stickyadstv.com ad.lkqd.net
cdn.stickyadstv.com
8 s0.2mdn.net pelotainvernal.com
s0.2mdn.net
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
8 x.bidswitch.net 8 redirects
8 ad.turn.com 8 redirects
7 match.adsrvr.org ads.pubmatic.com
pelotainvernal.com
7 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
7 sync.srv.stackadapt.com 7 redirects
7 csync.loopme.me 7 redirects
6 sync.teads.tv 2 redirects googleads.g.doubleclick.net
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
6 st.pubmatic.com pelotainvernal.com
6 vpaid.pubmatic.com vpaid.springserve.com
blank
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
flower-ads.com
6 www.googletagservices.com pelotainvernal.com
googleads.g.doubleclick.net
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
6 pelotainvernal.com pelotainvernal.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 ib.adnxs.com 3 redirects flower-ads.com
googleads.g.doubleclick.net
5 www.google.com 2 redirects 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
4 s.amazon-adsystem.com pelotainvernal.com
4 googleads4.g.doubleclick.net pelotainvernal.com
fw.adsafeprotected.com
4 fw.adsafeprotected.com 2 redirects 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
pelotainvernal.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 onetag-sys.com 1 redirects flower-ads.com
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
4 gum.criteo.com 2 redirects static.criteo.net
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 fonts.googleapis.com pelotainvernal.com
tpc.googlesyndication.com
3 sync.1rx.io 3 redirects
3 static.adsafeprotected.com 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
3 vid-io-cle.springserve.com vpaid.springserve.com
3 vid.pubmatic.com vpaid.pubmatic.com
3 mug.criteo.com pelotainvernal.com
3 ups.analytics.yahoo.com 3 redirects
3 vpaid.springserve.com ad.lkqd.net
3 t.seedtag.com flower-ads.com
t.seedtag.com
3 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 cdn.jsdelivr.net pelotainvernal.com
securepubads.g.doubleclick.net
2 image4.pubmatic.com ads.pubmatic.com
2 a.sportradarserving.com 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync-tm.everesttech.net 2 redirects
2 cm.adgrx.com ads.pubmatic.com
2 cms.quantserve.com 1 redirects 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
2 ssum-sec.casalemedia.com 2 redirects
2 ads.avct.cloud 2 redirects
2 tr.blismedia.com 1 redirects 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
2 gcm.ctnsnet.com 2 redirects
2 us-u.openx.net googleads.g.doubleclick.net
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 fastlane.rubiconproject.com flower-ads.com
2 script.4dex.io flower-ads.com
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 a.vidoomy.com pelotainvernal.com
2 s.seedtag.com t.seedtag.com
2 cdn-conectate.kiskoo.com pelotainvernal.com
2 cdnjs.cloudflare.com pelotainvernal.com
2 flower-ads.com pelotainvernal.com
flower-ads.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 cs.media.net
1 dsum.casalemedia.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 d.agkn.com 1 redirects
1 bid.g.doubleclick.net 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
1 id5-sync.com cdn.id5-sync.com
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 cdn.firstimpression.io ecdn.firstimpression.io
1 stats.g.doubleclick.net www.google-analytics.com
1 widgets.outbrain.com pelotainvernal.com
1 ad.doubleclick.net pelotainvernal.com
1 prebid.media.net flower-ads.com
1 ap.lijit.com flower-ads.com
1 htlb.casalemedia.com flower-ads.com
1 mp.4dex.io flower-ads.com
1 bidswitch-eu.splicky.com 1 redirects
1 ecdn.firstimpression.io pelotainvernal.com
1 pixel.quantserve.com pelotainvernal.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com t.seedtag.com
1 ads.vidoomy.com flower-ads.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com pelotainvernal.com
1 code.jquery.com pelotainvernal.com
0 a.audrte.com Failed ads.pubmatic.com
0 bh.contextweb.com Failed ads.pubmatic.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
490 123

This site contains links to these domains. Also see Links.

Domain
www.conectate.com.do
emisorasdominicanasonline.com
Subject Issuer Validity Valid
pelotainvernal.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
ad.lkqd.net
R3		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2023-07-18		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.springserve.com
Amazon		 2022-03-31 -
2023-04-29		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-12-14 -
2023-03-14		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-12 -
2023-02-12		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-11-04 -
2023-12-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh

This page contains 81 frames:

Primary Page: https://pelotainvernal.com/
Frame ID: 6E28F5BE0AD143A5BBB18841603ABF78
Requests: 110 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 19CA6D9831A1E8A85587A3B572C0AE77
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671091291&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291238&bpp=3&bdt=187&idt=274&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=4380327056723&frm=20&pv=2&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QjRRtLPkAP&p=https%3A//pelotainvernal.com&dtd=293
Frame ID: 2BFF3CEC510296E0DD60CE9620E902EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671091291&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291244&bpp=1&bdt=194&idt=294&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbTEKWvmGY&p=https%3A//pelotainvernal.com&dtd=298
Frame ID: 8B76E03C1E974E7EC0FB2676B3895CF1
Requests: 8 HTTP requests in this frame

Frame: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75ECD72BBC42BCB940BBD32F576C8223
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Frame ID: EC35425429BA761CA43B883073DFFEB8
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 34A63C4F97764F4D8068C09D9309362B
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: A4FF4E242DAE9C5E390EC3148418E5FD
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: D812D3E9F92912642AB13A340C360369
Requests: 2 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 07EA9B833AFFC0ED153685B89F51B05F
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: FB84FC7ABC77BEAEEBDAD3E28719EEB8
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: D9512F21F9277C34568484A88651D2E6
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 6C8FE881A2465775A848ACD35ACA12D1
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 45BE392D129AF38B46FD542344C9E11E
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: BD6EA26F1CD4169D5090CF615A470F47
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 2D26ABCDAFC567C1695E514EBB08A85A
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Frame ID: AF7D38EFD8FA7575E6960DD3B117BD14
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CPWluW9SaY_3EJYrWZbzBvdAJ-PS3-m363pH1kBGOpN6gqDAQASCtkPQeYJWCgICgB6ABsorBqgHIAQmpAuKXeUerw6g-qAMByANIqgTRAU_Ql0qWI_tedeinoRXcCHFqmdXokZHqVyM0s18tNdsAxCKdSBnGQDSEvpMTJ0Um0aS-KYD4-UAB_8LDk64-cg41fDv0u8xxQIpF0kidINbfYw40RJPci71MH-aWTxoCu9LndJUzEerFZGC6GJQdnxFmPpwEUUTh5J-pjtVgM2m2BHQ3xULgSQVSedrLyHZaw-n66T5t2dk0i6KxLWxQi6tbnQiuBkbOEAQ6IvT2jejUyCZih-aHwgKg39yKmmDoPMOtU7xij2m2yrHfLgf9GhNHwASV3s36mQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCf6x_SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMTM5MTM0ODgzNzA4NzYxGAA&sigh=ta-7RU60QGs&uach_m=[UACH]&cid=CAQSGwDq26N9aUfN-J9736K9VfadO9mXJ_NhmMCPuhgBIBM&template_id=419
Frame ID: 8398D308750A392B864034A7D52A6B75
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A3CA83BF433573CAED83872B7A5F1B87
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 40E2599426129DF0E9EDCB8A75DA85E8
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Frame ID: 8594C76D3D63F82A1E4F9BD0A80CD650
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&adk=1812271804&adf=3025194257&lmt=1671091293&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fpelotainvernal.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091293811&bpp=3&bdt=2760&idt=3&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39bad8454e8057a0%3AT%3D1671091291%3AS%3DALNI_Mb5ZkJuYuvEj9hSv92HRMbspqDNTQ&gpic=UID%3D00000b92ae414513%3AT%3D1671091291%3ART%3D1671091291%3AS%3DALNI_MZqD6vsYvmZbCxtayi0qX3-htP5Xg&prev_fmts=1298x100%2C728x90&nras=1&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&psts=AMjMPc0RxIxU9k3PnglFtf_aKapC45PGopRehOK9kKyKMZIPhvcwoM6hPkNQZoBeotywn1CT78yIVfedMKZQC0iWRA&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=14
Frame ID: 76173A7BC167CA27FCDB816D47A1856E
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091293589,,
Frame ID: 03AD6ED75C62E728CB3DDD60CEBF7BDB
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E7E9254E8166C51EDEE8A73F4433DB15
Requests: 11 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dd13639a-d45f-4c00-a03b-c0cba592742b&gdpr=0&gdpr_consent=
Frame ID: BDB96A9E93DFA434FF78846F00760D5C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7825749370303073270
Frame ID: 22DE5DBFA6ABF575EF3BF240AC39F959
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 66A972412452E402869531733C8FFA65
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F55788C-3DAF-4F6C-9153-F0674D3DB544&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 68446A18713165284A1759A38CFD0476
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1711690457971926349&gdpr=0&gdpr_consent=
Frame ID: B8E46A65696EED4251B57053577EA3FD
Requests: 1 HTTP requests in this frame

Frame: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2052A8AC0E8C60F9C0492703F0526BCA
Requests: 27 HTTP requests in this frame

Frame: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 15C17F54EDB4839FE3D83A9B373819A4
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARi09-zHATAB&v=APEucNVWaAiszDC18XG1hxBnfnze6VVbu7cxnWGJHodZfqUuDbBjVCqbKbv9jQfUVsMv3L0os3p7gYJOLZsdvTsCIGa97Suecj6oUhSQG-dI9nstHe9yppLOeF7k4RYtBl1HO8_f7Cm5wtp4TWRXVy2kXPP4AB2ilh_HdXG7qrf8F-mekUBgVDw
Frame ID: A43B7B3367BD07B5E8C7B37EF82D855E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYsa6jzAEwAQ&v=APEucNXmJqomK3B3AUOmaqdO8bRfoRKifbhI-whYSlZJi3v8jPnn0LRDaWJ5Q-w9xpATbro1bP8p7pGJfR8aQhLRANrsJm0wqbCSPQn0wSNMR0KZyzXQf1qsyj3G8NbiV_PqEZXgUwm4qZUEsFgFiqlyGpLeWDZ6QMc6CPSq4Viiys88wYIhWAQ
Frame ID: 5769C1E8520BB1299938BAC2F940227E
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pelotainvernal.com
Frame ID: 723169634FDFF9502A337E26F245F66F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ACAE06D8AE897557B60531B17BD44B5A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C1F54CBEF1A99870E50A3B09E593D58E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7F4B10C78D0661A4093E1F806F3980FE
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: EB123CF1C68D4B0DDFC12E8089C5A7F9
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=Cxc9dFEv8F&t=1&renderingType=2&ev=01_247
Frame ID: B56D946576DAE3848E4BAA796D69531D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Frame ID: 6EC806419A23A5F5B83BEFF6F9D0FF12
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: BCA7B65A268A3E97ABF3BDE1A80CFAFD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 046BDDECB370CFD85CB3449E8536FF4F
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8175AC376B25062AE982776E6F429DD1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 103F08F1695FEFE118EA6FC9EBF8614A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 73FC6A4CF2194B9E043C801B3CF93C2E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 812910272996F7C0631E7A6F46BD1EFF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05FC91EBAB59D415BBBD7AFAC66508D4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA15DFED19A50053BE2461709748D48D
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 48B17D72D174EC9C9AAB345998EC6744
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 8B430604595E9E0A3F918319AA035176
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: B0084E2979C6B0F515024DC532C59D96
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 024543B532A89810CC8F9D9BC3212777
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: A97EFEC6D50BEE80DB2A3D6E4979EA7F
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 655E0FA701294AF87A9970605BB2DBD6
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 771EBCCDA8B16ECBF1C2A1C8B4FE18AF
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Frame ID: 3CACF72AA34DA7501805D632AD37F01B
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091298056,,
Frame ID: D4C97BF46A83F29A59ECE79EEA83A4A8
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 55E18CAA9706832D4594DAF7CC8A5212
Requests: 11 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=e-Ah7innLexgsSjtKbc163i2Kr5g5C3uf7LxSvrv
Frame ID: B8F41BD8F362276A1C4791127DC8B35C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177282473554278555&gdpr=0&gdpr_consent=
Frame ID: 14D1E2D36CFAEBD87A9384C44DEFE080
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADRA07HNakAACKgvXJFhQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Frame ID: 3E549933887BE7D7694B04D6C9F039CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Frame ID: 147935CAC8214AAAD8C6BDA1116E1660
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rUYgADk_LG7QAe&gdpr=0&gdpr_consent=&_test=Y5rUYgADk_LG7QAe
Frame ID: 7974F098593407D3D5AE5093A3D19D76
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 939735429CBFBC88246B8ABA66844EC9
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 1080FEB626D1F349FC9CDC2940EF96D5
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 41A38EE3A0FCC19C2BE03EFCE850B957
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 556CDAA890FA8FEF8F7C2F15B3BADEFF
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Frame ID: 04C3B82D2838F868FE9E340D0F1ADCA3
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091300155,,
Frame ID: C588595189EE441468F388F129198AA1
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1AC04FCE09D8F8108D7F6893DA83549B
Requests: 6 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&gdpr=0&gdpr_consent=
Frame ID: 15706BBC9FA6ADCB13C7EE39D6EB7FAD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 2C1ED969FE9FFED5B08829B4DAED735C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D2F5C34AE8751F82D750A0321CD6A3F6
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: CFCF5E94641E336472D4DC8F9D79EC2B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4837438487
Frame ID: 6A0EFCD9586807D24373FF7583D7C710
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 84960937BE5AA6960E7D22C76D546B2D
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 40AB2510FDE2A648EA06AEB4B11D04C1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjghYMSVRajhQVQVa
Frame ID: 8579281EDD6BD1EBFBD2FFCA21535516
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: F15DA6C93D946D5DB67A1068A0828433
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: D67B31688E3F74B279DA379362BBF798
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 03FF36239A2FB96911B19F2BA446C748
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PelotaInvernal.com | Resultados, Calendarios y Posiciones

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

490
Requests

81 %
HTTPS

34 %
IPv6

81
Domains

123
Subdomains

88
IPs

14
Countries

4410 kB
Transfer

13059 kB
Size

101
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 78
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=68525412-edbd-46f6-857c-c6eeefccd0f4
Request Chain 81
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
Request Chain 82
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=sS--rM94Rypp0UAlxEmr-Nly2hQ
Request Chain 83
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1e7f6d89-9abb-45c8-b3f7-ec370389ec6c
Request Chain 86
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3829220260806866889
Request Chain 87
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ritx1sN-RZJdE-uCnXtPmdly2hQ
Request Chain 107
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1cf23668-f2d7-4330-afd3-0c58960fbea1
Request Chain 110
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
Request Chain 111
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Request Chain 121
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 140
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=152632854.689590541671402056.9614005 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=152632854.689590541671402056.9614005 HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=99611486-5a17-4503-a1b0-ab1982a65b33 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=vidoomy&expires=10&bsw_param=99611486-5a17-4503-a1b0-ab1982a65b33 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=99611486-5a17-4503-a1b0-ab1982a65b33
Request Chain 141
  • https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58610/occ?verify=true HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-EawrLONE2uH478rAnltLO7kXVwobFnp0LDWMhf0-~A
Request Chain 146
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=nECGY3wzYkwvb2NRWC9mQnFBS2YzWE1EWkZOU1Q0ZU1pbDQ5M3JpV0xiMHR4TjZLMmRXaFB0OHp5cEF6Z05sRGxnbkZXTnZOZVV0K1pqeFlJcFpZRHFCbFdZZ1M3aWswLzY3QnhPUkZEQklLc1NiVkxURlBJOTBxcTZCM0tacUVIVmxvSDAwWmM4T3gvYWc3UU9tcG52VWxrSzFHYlh2UEtUR0NOeStxM1M0bEwzdU1ib2NoQytiK3EvL0QxRkZxdFFsbmVmeUFHcmlIVzdCWGtJSVpLYVVheTl4N0hHck1lWE10WTR5dVAvaGVCTklEcEpSb2V5VEh4emNnWFFKRDJiMFlsfA&cppv=2
Request Chain 174
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dd13639a-d45f-4c00-a03b-c0cba592742b&gdpr=0&gdpr_consent=
Request Chain 175
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7825749370303073270
Request Chain 177
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F55788C-3DAF-4F6C-9153-F0674D3DB544&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F55788C-3DAF-4F6C-9153-F0674D3DB544&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 178
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1711690457971926349&gdpr=0&gdpr_consent=
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n1V4jD2vT2yRU_BnTT21RA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 182
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3086343366 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9F55788C-3DAF-4F6C-9153-F0674D3DB544
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUY1NTc4OEMtM0RBRi00RjZDLTkxNTMtRjA2NzREM0RCNTQ0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMsQEX54o0H-m28eqNg1vkI&google_cver=1
Request Chain 186
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8781398616916412109
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKqPnEw-32BPmA8lTq0xhE&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKqPnEw-32BPmA8lTq0xhE&google_cver=1&C=1
Request Chain 216
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5rUX40.tHOdKK.xH.IX6wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKqPnEw-32BPmA8lTq0xhE&google_cver=1&google_hm=2
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOdsz4aJ5FW7fCyveprudRI&google_cver=1
Request Chain 218
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcxMTY5MDQ1Nzk3MTkyNjM0OQ%3D%3D
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxP0nWMSpUs2tbAMiao258&google_cver=1
Request Chain 223
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEJUbMkIDIyVkFYFrQE4ZvjI&google_cver=1
Request Chain 225
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=pelotainvernal.com&sn=ChromeSyncframe&so=3&topUrl=pelotainvernal.com&bundle=Ru6OJV85c0Q0RDU3ZHZuRVZQR2RUaDYlMkJDbUU2NzNncnd6Q2ZkUmZuZU1uMmVKZlRXQzFiYVQyQmNGUlUzS2ElMkIyWHFqNXBmTkd1ODhDd0l0VVRSWVJzOGdNVjh3S1h0Q29wR05qQ1BTNyUyQk1Hb1QzREpUOEtXUXFMb0twU2NvMHBTcHo5aA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=UH0IgnxweUtjQ216a0VmcVFLNlEyYkxwUGpmMGJOM3JiMHd0UEhMMWwrTG9Cakk5UWZCSVRYQ3ZqOWcvRWtnZjdxZ1R5VDZ1QWpPZW5DN3ZzL0o0Ynp3NEtva0hQNGsyZzZQdkV1d04rWHRycE4yWFpvamVJYWlmNXI0YWFNR1VHVDd4MnQzelNTRVhraFMwaVZIakJWbVA4aDdaUzdHbVFnTVNZL3dBTGp2UEtNMkl1QmNTWFNGUUlNQUk5RlNScjZGdWhXcHNYR2xmT3c2T3g5andvZUhJL05SZTcxY3VnSmlMWW0zUVoxSVNSelh6RkJxeWw1cmxjUXF2T3JiOEZ0cUZqc1lxZDRZZmdWK2cxZmZlbmlJN09ZZHNXbTFqTFFWSUV2YnFqWk9zTjhKTT18&cppv=2
Request Chain 235
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAo6cfTMUJp1KpAsprVnBZQ&google_cver=1&google_push=ASkJ3FbcQYdbfrCXA8TeghKT0jxOt7J89327_e7lVY2a9gZhSFMbkeUFq_8Yp3Q_5U0WzcgVNthHNmX7C_N6cERcoyU3C62QdlpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3RNjmtRfTACgO8DLpZJ0Kw&google_push=ASkJ3FbcQYdbfrCXA8TeghKT0jxOt7J89327_e7lVY2a9gZhSFMbkeUFq_8Yp3Q_5U0WzcgVNthHNmX7C_N6cERcoyU3C62QdlpI
Request Chain 236
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAfWYdjAgA8K2hhWOFy4jJE&google_cver=1&google_push=ASkJ3FbAOP79k-caEpo4N0zsG7wpF-_PT_DcLcB796UTRzh6Dv3HJ_67ONSc4PtvrDafey1ChPTnR2UfMHyM4GjEqWRU9X-vK7AnUg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbAOP79k-caEpo4N0zsG7wpF-_PT_DcLcB796UTRzh6Dv3HJ_67ONSc4PtvrDafey1ChPTnR2UfMHyM4GjEqWRU9X-vK7AnUg&google_hm=95sRZe7gTKq7S5TUyt3o7xQ
Request Chain 238
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBNPl9XtJRCJsgCJYQS1rx8&google_cver=1&google_push=ASkJ3FYMTmiEa2Gzo3EYLbX6uTMsVG7V7uIWNo_LNWYWCX6yCY5m0PgGHl6sRBEvQiOfFmgOw9lqZGa0c8aj-sADQ3MaJjnvYhLQ HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=5ced002d-f936-4238-8659-072d97ea7cf1&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYMTmiEa2Gzo3EYLbX6uTMsVG7V7uIWNo_LNWYWCX6yCY5m0PgGHl6sRBEvQiOfFmgOw9lqZGa0c8aj-sADQ3MaJjnvYhLQ&google_hm=mWEUhloXRQOhsKsZgqZbMw==
Request Chain 239
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGeG5AQqfL3S4CxWyHYkceA&google_cver=1&google_push=ASkJ3FaMn4-fg4T_xuj-ikUGTk0ygW8AUWwoXibQFOnP4X1najUz9hif8rH4Trv2zXADPVIh3ujuBNO9SUq6VFloOfcoA5HIxKWyRw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGeG5AQqfL3S4CxWyHYkceA&google_hm=Y5rUX40-tHOdKK-xH-IX6wAACHcAAAAB&google_nid=index&google_push=ASkJ3FaMn4-fg4T_xuj-ikUGTk0ygW8AUWwoXibQFOnP4X1najUz9hif8rH4Trv2zXADPVIh3ujuBNO9SUq6VFloOfcoA5HIxKWyRw
Request Chain 240
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAxNKcUeX_PYjIeg8ugIQvs&google_cver=1&google_push=ASkJ3FZljO45stj5YaKoynOhyRezsh779CIVrobiJE_t_kf65U02VVwlRR5tOhxQpHXH88aoHvuwCwzwYn_ES20jMAMMtaQGpf3izw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZljO45stj5YaKoynOhyRezsh779CIVrobiJE_t_kf65U02VVwlRR5tOhxQpHXH88aoHvuwCwzwYn_ES20jMAMMtaQGpf3izw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 241
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEpBfpf-PWfzeQXmqoeSj3w&google_cver=1&google_push=ASkJ3FZsDXnZhXZv6NO4kPhQ_U5yzQbvrX3ouc95HvO4KFWwKWbtU1yHAY7FW0H5lgV2r0rtp_O4aBKJ8GDug4XU3FNtwtIcsu9MAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FZsDXnZhXZv6NO4kPhQ_U5yzQbvrX3ouc95HvO4KFWwKWbtU1yHAY7FW0H5lgV2r0rtp_O4aBKJ8GDug4XU3FNtwtIcsu9MAw HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 253
  • https://fw.adsafeprotected.com/rfw/bgd/1014661/62144022/xbbe/creative/adj?p=APEucNVsvVz9eEDWldUZydTk3vYU7YjQeMf6hB1O_5BRnQL7RayN2KE&d=CokBAKAmf-Cm6P1IkIQhzXm-3qcAk5VPBJLwtLYZH61TMMG9FVnY-ob6aYUd_wV7Cco1LJ-BBjU4xkhVXgEg_eztzAz0B4UTi2JuPHSGF_DXWQSAm6WHtZU9nOdyOg0MPyOKbjiBM6_5kJEpcqVGYrHOl2KHkxXsY-isaFkQip_E6hV4Cyt12mC7dcoSuRMAoCZ_4P9y61Y0lXA3H6GkBiQRGiSdZmiO1fbBSwXzAj1XD545pURSxRUXOqELoLYViYjNalgk9Sj5H7PfC0Ucl8nm63ZVUX7dw3xsY3YEyypFmKffR97r3SkI8XohcaVsvtY4CZr4GmRXxc-yQrZS6ShPUoR1gkbv9j7cvGrvoSBpWT5yqMwU-wAvwxEhu9hh6bTE5wRcwFxH7sp-o9qEx-U4TO1A_SX7njw2nFE6VIR2KgR0zSqI79rCdBrvki11ZdqEqv6y9YXg6OWB8rnyOSw-6xMj1yzm5rSbKzS88dZRHxQwZxQcltlUCPO7w2RkS5v8sTsdgSlNr5XUNxpnmKax23rZQ4XJqSoZevPK0lGjQoRK5hM7n5M0DN8FiXZsNhZTYRZhKYwt0RL9TTqNDvavY5oNrAizBNBq7m-_m_Ze5j_aXJB73Eqq3vp2E_f7QNvOGPvt4ka_LHCzpS4qFb7G8f9CIxiBumRYnf9WFTad7WwQony7l0mBEip_cfumAdwRdVUAWqGX0HsfTf45uEG6ysq_VIRu2-JJUSKsX0LwPOfJXScrME7iRbpkKrGi3Fns8bplYflCHhU6QV9xknPUj6lQREb6dg5GldfeB67nY7oBf2Ns7vfo1eyXnVK8Q49iZz4HAGKRCCOnvbpezBnXJsKyQi2mGy1ARtwK_nTdG7LzvGcEN29V8k3zrOiP5Pbqey5v5TfO7Sc6en_wsIuip97SlKAatnJ3VLKu9no2cyDnCUnC9TuntlYdGR4snxH6Y5IpXPkFy8JOiG1XrCNULJoPo7dCeP7wBmwED54aoGSd84_j3iaS2ciWpKnl6wclzSo1N7U8kykVtx1_cpIyBr0xxxxhj8vjz_o7TFKnXbVjCXEFGOATGDDi6oXj7u9IRDXgs2OawVE1RVdrZRXutpB-MSz-_ACh4JRWVL1PHN8KOh3FcqOWjNhqBE0GGw5EGLXNP_mr1y8r5DvziAPifHGutz18qSqPjIEWxY8pJXdDGr-D4HY64jWINsV7q11acyhlXoiNVrgSDwGKZYC1J5kfNt8p0ZrfpSTtsfVdoLcuXtgTchvO4Zh7tCeCoyG-aHuHLNbAg2W53I6A81fk89jdlr5wrR_w5QkYS_rzQuentzyfeC3Rw7NhMbHET_cl7GZz17zybylSuFUsn3GHOD1f-FbfChGNG7i0OpctKhJiavyAROsbVLh9kwb5v9DWXFy_MsOXFauZdqSIgdYOSCTN4C0yEG-Ng3TvsqXRcciaToUJ1B1RgxJZLunr8UHTrK_8VujsRi6UWTVh7Y_uYsfyx-D3bp88J6geG-1W3a0hPH3Q6GY1nRl9qXPiUiaH5kce05Ge_AS7tV8AP7EOl2SOcy9tlPooGsLyUiwV-D1OJ2a94YP8WT4qlYaPbTknCiRlMt56RYuN2KDttuKKiiVBHw334rtwLKukHE8NlVo5azjd0mKNw5tZjMKmbueae-ueHE_FhSb0QPjz2v6vJyg7qO20lDyXwKoZDVINQxvoYatUpcDKiJK7hc43Fuc52VClYLf-8qKMdnhoA8oBZffCPqVyhk_3z_YPgYLWQbA43mmIakkUal1PLI6INghOAiuw4fH4zDuKQVB38AzkxqgaQO_9fgc3z7wdUIWRqMutPddQ9qZ_dUL6VYLX8LbHc_VKCOG1UW6bnc151oUpL1e7TwS4AbdNXdJcJCFTXwtVjgUgMQIm4ed6Kd7v5i2ikjj2ASExpEL2rfvv6-w4v_TsjDB3sK1oWurcahZycEq9685qXsPS660L9MEM3iGDE4l3_lyvBUZUJAHx_GY_9t6hg8F6iemfQoyYCluiRHgk94OLA_9MAEqyBwyrVfdiaFtsoaQ4eeQU6k2AWP8u8MJbytQk57S4TmaTa9X9ZoKPybtDuWuPyJjVGFKYWn-bi7DhHXkzVR5Z7gCnmSxXfQcBHKYtfwEQz1Wu_tdvDhu_WFl5o7Dk8Md8iidYTcifiQWLIr47Csp0omVVsMn1uRMMdlfaQJ1G5nnv2cQXYmxxZg2RFKZX4vMUS1HBHVRsdwIVqRauzhGAR6mfodPOPm60HSXvEgQ_AtxI5YUJHcZM-pYJ1eae5zVhXviF9R70b3R0Llg_NvYA_HNxMDJ8XMIaxnwKkLWO3CbrCUy3OnOnZqxYBP2Hmg9udQCQ7Gjkq-riw-SXkKEQWqKvP-31QHPlNRVg2EXZPjmyinXB5TVKuRqbHzBXwFBxH11DohhfOFFMeNDQOEWg9VRGfkXAX1-CXdpsRDrRyWZnQ4U2o8CYKd_paTjLEWnRnV0DCPKmk4QhTWfb6ARwnGnJpylB2bOfPH1RBKNoRbD68te-ML5cjCVhKBfoD8udRA3inRCz-5ris6K4lZlPxJN4vmOPZEAVAywVY1kWtUTgnEoAduV-80uKgo7MOC7OctlHbPf0hw3jI0sLlzqlNxSNcXhPzq85MGQtv0WdtAQueogZTm0KaqEFXU46xdV6poNsxU4CNfPVC9gIBb74SyT1PaYtNW0nu6F3a7yiJN644ao1Ccs0nDEkGPvDlSYHKkSBT9z-e1DlDopquAZ8T8n_xbltJnt0OXKU8XQ3Gbub1c4RQ8kqHqlJ-j-VQiaQs9CqsuzaoealIflBp-YlCfjpYnA3SCSShd2VvENu0wIkTn_gRjcuUU_56XAcwI1xHjsXjdh-Ad5tqqmxHhoc4jnUpihwzjGlHDz2X02sNCu1QmA5FveXEwcjTPfG3HuHQKaeUaZjIHrl3O1i3Hdm8fKVo1MmkgkpWcAQ-r-yeXQHy7B9ntwjm0q3iDZZqHVzTmGDdWHD1vnJSpEioc508OkGpThOlqhBdpovZTheP4I6szzoTLpyZQVrDCgvaPFPjR3Q3SLpl0CpIOu1JOA-n3AfE-JIWVfgMhsC9evm8SNhBU7zgXBY-biWuk76lbbPYPHtqVnb88Ef_RleZhfDDR2mCZkBkeQbB3YVrmsEYBDuabO3UN_VD8jEDuiQZruGJEsba1l2tg7fj7PFH6D-k1p0j0jN5PvFpoAGh9CF91rvmdI2a2A_HPV2rTAvHFehuMZ2THbKeE0rDQXBU9dBymbSBTW0YFNCJt_K_R_pSxWqAKvkW1QieN-Fas2hA1zyxEWXSBfjYdS_RVs-o03BmyDtatnCA5xJ4-BZNBI_Uw9HQFdHi99tHQE5dd4BvxrKgGcgSLEuy7_PUtZgYc5b2N_P00C8D2w1x_-NJ6myO2P5zHZHzHD-CH-Qo2Qjf3GQwqzMFs3LxcCcYh0bjF1ROSIJ5PjL-cQayHuTzSJzf2hY98vlrIm6WW2R6hpDCAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgE2AB&ias_dspID=3&ias_campId=28377781&ias_pubId=pub-7872228587460333&ias_chanId=1&ias_placementId=17661916541&bidurl=https://pelotainvernal.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jcwAABZPREP4vDuzyqdFvm&adsafe_url=https%3A%2F%2Fpelotainvernal.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpelotainvernal.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:524e230d-316b-7077-1c41-9884a355f148,c:wQM9gk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-f857cd7bf-gl4g4,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c*.1014661-62144022%7C1c1%7C1c21%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:b1e4abdd-7c4e-11ed-8bbe-16eb003ef668,v:19.8.377,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVsvVz9eEDWldUZydTk3vYU7YjQeMf6hB1O_5BRnQL7RayN2KE&d=CokBAKAmf-Cm6P1IkIQhzXm-3qcAk5VPBJLwtLYZH61TMMG9FVnY-ob6aYUd_wV7Cco1LJ-BBjU4xkhVXgEg_eztzAz0B4UTi2JuPHSGF_DXWQSAm6WHtZU9nOdyOg0MPyOKbjiBM6_5kJEpcqVGYrHOl2KHkxXsY-isaFkQip_E6hV4Cyt12mC7dcoSuRMAoCZ_4P9y61Y0lXA3H6GkBiQRGiSdZmiO1fbBSwXzAj1XD545pURSxRUXOqELoLYViYjNalgk9Sj5H7PfC0Ucl8nm63ZVUX7dw3xsY3YEyypFmKffR97r3SkI8XohcaVsvtY4CZr4GmRXxc-yQrZS6ShPUoR1gkbv9j7cvGrvoSBpWT5yqMwU-wAvwxEhu9hh6bTE5wRcwFxH7sp-o9qEx-U4TO1A_SX7njw2nFE6VIR2KgR0zSqI79rCdBrvki11ZdqEqv6y9YXg6OWB8rnyOSw-6xMj1yzm5rSbKzS88dZRHxQwZxQcltlUCPO7w2RkS5v8sTsdgSlNr5XUNxpnmKax23rZQ4XJqSoZevPK0lGjQoRK5hM7n5M0DN8FiXZsNhZTYRZhKYwt0RL9TTqNDvavY5oNrAizBNBq7m-_m_Ze5j_aXJB73Eqq3vp2E_f7QNvOGPvt4ka_LHCzpS4qFb7G8f9CIxiBumRYnf9WFTad7WwQony7l0mBEip_cfumAdwRdVUAWqGX0HsfTf45uEG6ysq_VIRu2-JJUSKsX0LwPOfJXScrME7iRbpkKrGi3Fns8bplYflCHhU6QV9xknPUj6lQREb6dg5GldfeB67nY7oBf2Ns7vfo1eyXnVK8Q49iZz4HAGKRCCOnvbpezBnXJsKyQi2mGy1ARtwK_nTdG7LzvGcEN29V8k3zrOiP5Pbqey5v5TfO7Sc6en_wsIuip97SlKAatnJ3VLKu9no2cyDnCUnC9TuntlYdGR4snxH6Y5IpXPkFy8JOiG1XrCNULJoPo7dCeP7wBmwED54aoGSd84_j3iaS2ciWpKnl6wclzSo1N7U8kykVtx1_cpIyBr0xxxxhj8vjz_o7TFKnXbVjCXEFGOATGDDi6oXj7u9IRDXgs2OawVE1RVdrZRXutpB-MSz-_ACh4JRWVL1PHN8KOh3FcqOWjNhqBE0GGw5EGLXNP_mr1y8r5DvziAPifHGutz18qSqPjIEWxY8pJXdDGr-D4HY64jWINsV7q11acyhlXoiNVrgSDwGKZYC1J5kfNt8p0ZrfpSTtsfVdoLcuXtgTchvO4Zh7tCeCoyG-aHuHLNbAg2W53I6A81fk89jdlr5wrR_w5QkYS_rzQuentzyfeC3Rw7NhMbHET_cl7GZz17zybylSuFUsn3GHOD1f-FbfChGNG7i0OpctKhJiavyAROsbVLh9kwb5v9DWXFy_MsOXFauZdqSIgdYOSCTN4C0yEG-Ng3TvsqXRcciaToUJ1B1RgxJZLunr8UHTrK_8VujsRi6UWTVh7Y_uYsfyx-D3bp88J6geG-1W3a0hPH3Q6GY1nRl9qXPiUiaH5kce05Ge_AS7tV8AP7EOl2SOcy9tlPooGsLyUiwV-D1OJ2a94YP8WT4qlYaPbTknCiRlMt56RYuN2KDttuKKiiVBHw334rtwLKukHE8NlVo5azjd0mKNw5tZjMKmbueae-ueHE_FhSb0QPjz2v6vJyg7qO20lDyXwKoZDVINQxvoYatUpcDKiJK7hc43Fuc52VClYLf-8qKMdnhoA8oBZffCPqVyhk_3z_YPgYLWQbA43mmIakkUal1PLI6INghOAiuw4fH4zDuKQVB38AzkxqgaQO_9fgc3z7wdUIWRqMutPddQ9qZ_dUL6VYLX8LbHc_VKCOG1UW6bnc151oUpL1e7TwS4AbdNXdJcJCFTXwtVjgUgMQIm4ed6Kd7v5i2ikjj2ASExpEL2rfvv6-w4v_TsjDB3sK1oWurcahZycEq9685qXsPS660L9MEM3iGDE4l3_lyvBUZUJAHx_GY_9t6hg8F6iemfQoyYCluiRHgk94OLA_9MAEqyBwyrVfdiaFtsoaQ4eeQU6k2AWP8u8MJbytQk57S4TmaTa9X9ZoKPybtDuWuPyJjVGFKYWn-bi7DhHXkzVR5Z7gCnmSxXfQcBHKYtfwEQz1Wu_tdvDhu_WFl5o7Dk8Md8iidYTcifiQWLIr47Csp0omVVsMn1uRMMdlfaQJ1G5nnv2cQXYmxxZg2RFKZX4vMUS1HBHVRsdwIVqRauzhGAR6mfodPOPm60HSXvEgQ_AtxI5YUJHcZM-pYJ1eae5zVhXviF9R70b3R0Llg_NvYA_HNxMDJ8XMIaxnwKkLWO3CbrCUy3OnOnZqxYBP2Hmg9udQCQ7Gjkq-riw-SXkKEQWqKvP-31QHPlNRVg2EXZPjmyinXB5TVKuRqbHzBXwFBxH11DohhfOFFMeNDQOEWg9VRGfkXAX1-CXdpsRDrRyWZnQ4U2o8CYKd_paTjLEWnRnV0DCPKmk4QhTWfb6ARwnGnJpylB2bOfPH1RBKNoRbD68te-ML5cjCVhKBfoD8udRA3inRCz-5ris6K4lZlPxJN4vmOPZEAVAywVY1kWtUTgnEoAduV-80uKgo7MOC7OctlHbPf0hw3jI0sLlzqlNxSNcXhPzq85MGQtv0WdtAQueogZTm0KaqEFXU46xdV6poNsxU4CNfPVC9gIBb74SyT1PaYtNW0nu6F3a7yiJN644ao1Ccs0nDEkGPvDlSYHKkSBT9z-e1DlDopquAZ8T8n_xbltJnt0OXKU8XQ3Gbub1c4RQ8kqHqlJ-j-VQiaQs9CqsuzaoealIflBp-YlCfjpYnA3SCSShd2VvENu0wIkTn_gRjcuUU_56XAcwI1xHjsXjdh-Ad5tqqmxHhoc4jnUpihwzjGlHDz2X02sNCu1QmA5FveXEwcjTPfG3HuHQKaeUaZjIHrl3O1i3Hdm8fKVo1MmkgkpWcAQ-r-yeXQHy7B9ntwjm0q3iDZZqHVzTmGDdWHD1vnJSpEioc508OkGpThOlqhBdpovZTheP4I6szzoTLpyZQVrDCgvaPFPjR3Q3SLpl0CpIOu1JOA-n3AfE-JIWVfgMhsC9evm8SNhBU7zgXBY-biWuk76lbbPYPHtqVnb88Ef_RleZhfDDR2mCZkBkeQbB3YVrmsEYBDuabO3UN_VD8jEDuiQZruGJEsba1l2tg7fj7PFH6D-k1p0j0jN5PvFpoAGh9CF91rvmdI2a2A_HPV2rTAvHFehuMZ2THbKeE0rDQXBU9dBymbSBTW0YFNCJt_K_R_pSxWqAKvkW1QieN-Fas2hA1zyxEWXSBfjYdS_RVs-o03BmyDtatnCA5xJ4-BZNBI_Uw9HQFdHi99tHQE5dd4BvxrKgGcgSLEuy7_PUtZgYc5b2N_P00C8D2w1x_-NJ6myO2P5zHZHzHD-CH-Qo2Qjf3GQwqzMFs3LxcCcYh0bjF1ROSIJ5PjL-cQayHuTzSJzf2hY98vlrIm6WW2R6hpDCAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgE2AB
Request Chain 261
  • https://fw.adsafeprotected.com/rfw/st/1034476/65088021/4.js?ias_dspID=3&ias_campId=29064847&ias_pubId=pub-7872228587460333&ias_chanId=1&ias_placementId=17475009973&bidurl=https://pelotainvernal.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hxoKrZE8Vojk_Y66LLRxjF&adContainerId=brand_safety_X9SaY7-GB6WYlQffg6uwAw&cbFunctionName=goog_wrapCb_X9SaY7-GB6WYlQffg6uwAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fpelotainvernal.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpelotainvernal.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e9fccf6c-1904-fbfd-8bff-42d59b5f2d12,c:wQM9hO,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-f857cd7bf-kpt7r,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tq4oM3B+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c1%7C1c21%7C1c3%7C1d*.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:21,oid:b1e45d95-7c4e-11ed-a098-7e596ee52613,v:19.8.377,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 279
  • https://um.simpli.fi/gp_match?google_gid=CAESENtmJoez6W-E34tyhTfVc8U&google_cver=1&google_push=AavPq0OJkCibQeJ-DA9C37fEQ9SrBVTuJB0iz7MH3NNLnpaBq0ujiCnzwcVMM5VoYCxfRJym9lEWhZNhfyvlehqvm-P59hS6HGHw4PAz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=15F7324444424827B009E7D07B9D1C10&google_push=AavPq0OJkCibQeJ-DA9C37fEQ9SrBVTuJB0iz7MH3NNLnpaBq0ujiCnzwcVMM5VoYCxfRJym9lEWhZNhfyvlehqvm-P59hS6HGHw4PAz
Request Chain 280
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEMQA4U5SHoxgYeErP0F0rwM&google_cver=1&google_push=AavPq0Ne0gqhFAwmXGMSehF8new5TgSDfMVN8hlkW4C4AeFB9J1MG1iYMKSXpTRZaqg2JyXmSJmuqkwjYtLhFpMX8igsEAfKvFbNZE1j HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0Ne0gqhFAwmXGMSehF8new5TgSDfMVN8hlkW4C4AeFB9J1MG1iYMKSXpTRZaqg2JyXmSJmuqkwjYtLhFpMX8igsEAfKvFbNZE1j&google_hm=Q0FFU0VNUUE0VTVTSG94Z1llRXJQMEYwcndN
Request Chain 281
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGeG5AQqfL3S4CxWyHYkceA&google_cver=1&google_push=AavPq0N_e3w_TGB32HfSWQmZV567-gO125ivjAsdb6fx7JijmvcAvdCr0anlC94i7DVHAtdZt7ip1F9t6V1fD3hOU4c47vTv1ZZO-b-l HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGeG5AQqfL3S4CxWyHYkceA&google_hm=Y5rUX40-tHOdKK-xH-IX6wAACHcAAAAB&google_nid=index&google_push=AavPq0N_e3w_TGB32HfSWQmZV567-gO125ivjAsdb6fx7JijmvcAvdCr0anlC94i7DVHAtdZt7ip1F9t6V1fD3hOU4c47vTv1ZZO-b-l
Request Chain 282
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM6jqiUQIFB2QzqOSsYBJi0&google_cver=1&google_push=AavPq0NUvsl96d6-1WzpKwWqLAO7y3rAYKYAuUZgL1V1YuX-p9hwwEpVNznJWyfpen2pxNKHQOyo0X7FV5KY1jIv-zisZoXD--JkhGM HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0NUvsl96d6-1WzpKwWqLAO7y3rAYKYAuUZgL1V1YuX-p9hwwEpVNznJWyfpen2pxNKHQOyo0X7FV5KY1jIv-zisZoXD--JkhGM&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1671091295787 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d84dcd17-c05e-416e-b3f2-661987daf16e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NUvsl96d6-1WzpKwWqLAO7y3rAYKYAuUZgL1V1YuX-p9hwwEpVNznJWyfpen2pxNKHQOyo0X7FV5KY1jIv-zisZoXD--JkhGM%26google_hm%3DA9hNzRfAXkFus_JmGYfa8W4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NUvsl96d6-1WzpKwWqLAO7y3rAYKYAuUZgL1V1YuX-p9hwwEpVNznJWyfpen2pxNKHQOyo0X7FV5KY1jIv-zisZoXD--JkhGM&google_hm=A9hNzRfAXkFus_JmGYfa8W4
Request Chain 284
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEpBfpf-PWfzeQXmqoeSj3w&google_cver=1&google_push=AavPq0M7ERtnkVUv08l-6qLVRpdbTOwR5J-wizl0KwFvlLdjyOpW6CtFmJMaelM3J7FGjeCOQv4lK_n7peBVeL_OIS-oe8C2xvfRYs33dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0M7ERtnkVUv08l-6qLVRpdbTOwR5J-wizl0KwFvlLdjyOpW6CtFmJMaelM3J7FGjeCOQv4lK_n7peBVeL_OIS-oe8C2xvfRYs33dw HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 285
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJtj9fhVJ5-G_EM3SMJ3SkM&google_cver=1&google_push=AavPq0PIlTWwMGiXlzLQ4v1IJqRgzstbYAaLOlrp6xjq6c77kXYYYrp3bgBuMC4Dglk19qoACc19cXo6JJPBF8lplDqeFju2N3UpGA-Pkg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=99611486-5a17-4503-a1b0-ab1982a65b33&%%GOOGLE_PUSH_PAIR%%
Request Chain 288
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=91b7d2daf75e38e3488ea6d5e96eb7d4&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1653_7177282464950342166&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 300
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 301
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 314
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAo6cfTMUJp1KpAsprVnBZQ&google_cver=1&google_push=AavPq0NdWG033oeHLHbTU1Raji0rVzMHiGt3vNSqkB22cfkel0EcYTqYaNsknpxewqKyPJxwfxtLPDVgZZOi531x4pdGCVfvfLK_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3RNjmtRfTACgO8DLpZJ0Kw&google_push=AavPq0NdWG033oeHLHbTU1Raji0rVzMHiGt3vNSqkB22cfkel0EcYTqYaNsknpxewqKyPJxwfxtLPDVgZZOi531x4pdGCVfvfLK_
Request Chain 315
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAfWYdjAgA8K2hhWOFy4jJE&google_cver=1&google_push=AavPq0P58MenIgisRq3Y3P5TCCsvdxDsLT7WDALhCjZVg-uGJFR-lFtsAsbPsFxq7cmqlCUbvGAjBfCR_Hz1J0GqWpk7rutugHAB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0P58MenIgisRq3Y3P5TCCsvdxDsLT7WDALhCjZVg-uGJFR-lFtsAsbPsFxq7cmqlCUbvGAjBfCR_Hz1J0GqWpk7rutugHAB&google_hm=95sRZe7gTKq7S5TUyt3o7xQ
Request Chain 316
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEI_1IXXWuYMdxwyskUyCquE&google_cver=1&google_push=AavPq0Nt__WpP8VM_VorxW3aWJJrpeQ6XHqtxr60CJ5Ft9S2lD9PzgD2SZtNcCcOVndTc44Od5MB7_Jkvkdg3mTS5SbbNsvegmHc HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0Nt__WpP8VM_VorxW3aWJJrpeQ6XHqtxr60CJ5Ft9S2lD9PzgD2SZtNcCcOVndTc44Od5MB7_Jkvkdg3mTS5SbbNsvegmHc&google_hm=hmOa1F8cO5SKKTserA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D639AD45F1C3B948A293B1EACBLIS
Request Chain 317
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK2edYiUNO2G8Ap71rHQHys&google_cver=1&google_push=AavPq0OURmQDDH2pPeZ0ZmxYaqcgMsQiv5Wsxy5L8RvKNd70yNiINOwhBCeO1Wug8t3vc5oQ25I1emS16QmlEBu6tuB2Va2HVs-5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODc4MTM5ODYxNjkxNjQxMjEwOQ&google_push=AavPq0OURmQDDH2pPeZ0ZmxYaqcgMsQiv5Wsxy5L8RvKNd70yNiINOwhBCeO1Wug8t3vc5oQ25I1emS16QmlEBu6tuB2Va2HVs-5
Request Chain 318
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEO1Lbm8pTJpY-eAZBi_kW_g&google_cver=1&google_push=AavPq0NeSTJ736Hda5xEohkPABw599-Mac9TWskDTNWXbzxjtx0j3ZWKl5DfcZs4cDW88P9HB9rBgtqJxS6IMenHAX-IpcwAzzY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n1V4jD2vT2yRU_BnTT21RA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NeSTJ736Hda5xEohkPABw599-Mac9TWskDTNWXbzxjtx0j3ZWKl5DfcZs4cDW88P9HB9rBgtqJxS6IMenHAX-IpcwAzzY
Request Chain 319
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFJqhOBni0SXqJ1vbLahI60&google_cver=1&google_push=AavPq0M0-WyMIPa6pjhQXtpemvs6rWUaOOHO0g5nk0qBZb2RXSL35xnOGdTmS8JL8DgcDJSPZ3ieGpQwTBuR-OCqNKeRrSGvG2t9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0M0-WyMIPa6pjhQXtpemvs6rWUaOOHO0g5nk0qBZb2RXSL35xnOGdTmS8JL8DgcDJSPZ3ieGpQwTBuR-OCqNKeRrSGvG2t9
Request Chain 343
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=aca8e628-d05b-42d1-a220-fb94d013e922
Request Chain 346
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
Request Chain 347
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Request Chain 359
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGJsNgM4eB30Pr07uoADD6o&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 367
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 368
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 372
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=0
Request Chain 382
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=dffcd5d5-377f-4c99-ba8d-de4a96ffe6f8
Request Chain 385
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
Request Chain 386
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Request Chain 401
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=e-Ah7innLexgsSjtKbc163i2Kr5g5C3uf7LxSvrv
Request Chain 402
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177282473554278555&gdpr=0&gdpr_consent=
Request Chain 403
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUkEwN0hOYWtBQUNLZ3ZYSkZoUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADRA07HNakAACKgvXJFhQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Request Chain 404
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Request Chain 405
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y5rUYgADk_LG7QAe HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rUYgADk_LG7QAe&gdpr=0&gdpr_consent=&_test=Y5rUYgADk_LG7QAe
Request Chain 406
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=9F55788C-3DAF-4F6C-9153-F0674D3DB544 HTTP 302
  • https://a.audrte.com/p
Request Chain 407
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9F55788C-3DAF-4F6C-9153-F0674D3DB544&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9F55788C-3DAF-4F6C-9153-F0674D3DB544&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 408
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&addseg=19,36,42
Request Chain 409
  • https://pixel.onaudience.com/?partner=214&mapped=9F55788C-3DAF-4F6C-9153-F0674D3DB544&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 410
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4e7efd3c-7697-47d3-b5b6-2533fae3233d&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99611486-5a17-4503-a1b0-ab1982a65b33&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 412
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KsiUf8FE2uUpdLe9.U4a9T_Le96dveU-~A&gdpr=0&gdpr_consent=
Request Chain 424
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 428
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 430
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 438
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=54e9ed24-2b05-4a5a-8768-c0b0595bec5d
Request Chain 441
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
Request Chain 442
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Request Chain 458
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 459
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 461
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4837438487
Request Chain 464
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DF1rNcAsvjghYMSVRajhQVQVa HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DF1rNcAsvjghYMSVRajhQVQVa&xl8blockcheck=1 HTTP 302
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=6e9d33cf61a265beaf9604f967f1fcae&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DF1rNcAsvjghYMSVRajhQVQVa HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjghYMSVRajhQVQVa
Request Chain 465
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dd13639a-d45f-4c00-a03b-c0cba592742b
Request Chain 466
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3757162666768938953&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 467
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8e6b3f1f-ccf3-43ab-9cf1-a81e2996fa2d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 468
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1711690457971926349
Request Chain 480
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 484
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 486
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 496
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=6e296730-e6a7-4b9f-83b0-bb7dae30acc6
Request Chain 499
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
Request Chain 500
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ

490 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pelotainvernal.com/ 		86 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-89-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b6e9fac6bd82d94790afb3085bc70eacc10002ff124da2c8f0aec58d62a42673

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:30 GMT
server
nginx
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/ 		160 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/bootstrap.min.css
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd558b6b0fa8256504d6f1796203c55c540013d7d4021f79241476f3ac49dac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size
23945
age
21969608
x-jsd-version
5.1.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19178-FRA, cache-hhn4021-HHN
x-jsd-version-type
version
server
cloudflare
etag
W/"28033-Lut6yvcPnqX8AiDhXoU9TgvRAp8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUXyBzTc6f%2BHQa%2BYQ4zriic8PNBzVtDyvAo9xLSYRbGpkoMFzGOC3hVUE%2BvOea3WIrLDmmyTQxNzq5aRgukFJdS9oEBZ6hUMEWY6d6gTtAzwLbVFqChoOoxCjLgDSotAx03lwGjJyv1DCyc6u44%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
779da6d95ee7bb85-FRA
responsiveslides.css
pelotainvernal.com/vendor/slider/ 		490 B
421 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pelotainvernal.com/vendor/slider/responsiveslides.css
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-89-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2017 10:38:14 GMT
server
nginx
etag
W/"59dca316-1ea"
vary
Accept-Encoding
content-type
text/css
site.css
pelotainvernal.com/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pelotainvernal.com/css/site.css?v=2.50
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-89-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d74835ebc144bb92d18a970ca79cae0840c356a5967bb1d1d9428c32c183cdb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
gzip
last-modified
Sun, 26 Dec 2021 10:53:15 GMT
server
nginx
etag
W/"61c8499b-4711"
vary
Accept-Encoding
content-type
text/css
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 07:28:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Dec 2022 08:01:31 GMT
smart-app-banner.css
pelotainvernal.com/js/smartapp/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pelotainvernal.com/js/smartapp/smart-app-banner.css
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-89-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
43ed01782a52f74351b31f996f02f0761540c3af7cdbd0693891a3e5abcfa3c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
gzip
last-modified
Thu, 18 Oct 2018 12:50:23 GMT
server
nginx
etag
W/"5bc8818f-17b9"
vary
Accept-Encoding
content-type
text/css
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7762ffb2f59d32e80faa3e01c592dd528fbab30ec2e1f52176fb2eaf0125666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49449
x-xss-protection
0
server
cafe
etag
537543616475156863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 08:01:31 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1422 / 811 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 08:01:31 GMT
pelotainvernal.js
flower-ads.com/tag/pelotainvernal/ 		231 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3620d28357207cd4b8092fe728bed5a606c78c07d4043ed225b7c3e8e58fa731

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 30 Nov 2022 14:17:03 GMT
server
cloudflare
etag
W/"39a62-638765df-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z22DZZesEJ%2BS7PJDOZZ4MSHc31Ce6zWhoDPYZzSp%2BzYW40QyPRGRfrCoQ5yMyHovhEOMy0thyUHZFRP2sn%2FUrdYjjMWLT2NuBZlWhJxZwQ7EdlVI7QsnLwy4ZMLhg83Gjsawh6jNBn2oByTG"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=300
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
779da6dbea489b45-FRA
expires
Thu, 15 Dec 2022 08:01:48 GMT
7902d366eeaba88fdaf00c9aad70217a.png
s3.amazonaws.com/cdn.baseball-new.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/7902d366eeaba88fdaf00c9aad70217a.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4ffe1619d0cddcd71c73eb41dcf1bf9219646f36b90667b3746c8a6771375fc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Sun, 22 Nov 2020 13:46:40 GMT
Server
AmazonS3
x-amz-request-id
VWTAGBE59PSEC61N
ETag
"883334535bb63d443032135b065e0884"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
4585
x-amz-id-2
jPtxPw5FBQKR9g0bJ4y0mWGNa9gNa36yqRE4LwC+UPelrVawyrZO/da20wHNBLjZS7XbgX69GfM=
f0fb0b8bc2a38afca24fa01fd5f74635.png
s3.amazonaws.com/cdn.baseball-new.com/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/f0fb0b8bc2a38afca24fa01fd5f74635.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
87ec184cd9b3cfb5ccbf631c766fc0d6b01d8811184a5f6f49f2ec528429dad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Sat, 14 Nov 2020 22:58:57 GMT
Server
AmazonS3
x-amz-request-id
VWT5S95M0B3A95SK
ETag
"c8fac8558e3e9e13ca76375e6b1e95fa"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
11566
x-amz-id-2
5voECr6+bjtivIqx5eDGtBxK8Kv36EZLvB/xrxyl/2sQ6lToaSOGO8CXuD6DPKKd0zbd6rRAYDY=
bc83c5669a23ea41ef5f755bfbd50ebd.png
s3.amazonaws.com/cdn.baseball-new.com/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/bc83c5669a23ea41ef5f755bfbd50ebd.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
19737707017ce7f188707e1e6fbae40088945cb235a8c37971b507b97d771a4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Sat, 14 Nov 2020 22:59:20 GMT
Server
AmazonS3
x-amz-request-id
VWTBGNCNJS7ZVXXC
ETag
"97c26d2ba9057f036660b0f2c8b181ab"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
12564
x-amz-id-2
0jLMJ7+EnTTnStHSHy0LEfpr+ujj3xgpaa9gv0tjcBiPrIRA1UQel408PeSjWPJT9T0tMqCXj/Y=
0d180431331e93a791f23a77d4b94122.png
s3.amazonaws.com/cdn.baseball-new.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/0d180431331e93a791f23a77d4b94122.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a67612c801d54b2817687d2155b63f849b671d96ffd423cb77b36b0b66fa2192

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Sat, 14 Nov 2020 22:59:14 GMT
Server
AmazonS3
x-amz-request-id
VWTBG6QRH9WT4C7X
ETag
"1fc02092dc83a776e055b8df83f64b50"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
11790
x-amz-id-2
B8Jba8jECEMVsuRUaV/9aqFYfc3g1UZH1k9UVf3C1v4BlnGuvs2Ty61C7On+4Uv8cZWJ84/Qz/4=
3657a463e594aec7d83697355ad2e541.png
s3.amazonaws.com/cdn.baseball-new.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/3657a463e594aec7d83697355ad2e541.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
09778ab5d08d1983b0ba1d423603b1b0f2214947ed465534dcc9ac047bf929ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Sat, 14 Nov 2020 22:59:02 GMT
Server
AmazonS3
x-amz-request-id
VWT1NM7JPSJJGMNP
ETag
"1375b3cdbbeb3aa10a2abef1543beafd"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
11177
x-amz-id-2
O6Eo6ulHLsIUe/gRlAlYzi6paNZOpi5VuiDlsYF3qxVZI7cnKicO2DqOGquX2iZrMK6ydKNgztE=
d8b8a0a312b685f33e63d453b0d2db83.png
s3.amazonaws.com/cdn.baseball-new.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/d8b8a0a312b685f33e63d453b0d2db83.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bac0705d11ffc896d765dc3507e2ad3abb961795b05bb857039ca92f649a0745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Sat, 14 Nov 2020 22:59:09 GMT
Server
AmazonS3
x-amz-request-id
VWTFJYXWEM9GGP9J
ETag
"d00fe6039c67811cd9e76529a3d298df"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
10968
x-amz-id-2
DqeB7mIXRsggSKX8VZB5qIlZ4VOJt/a9MRhQhggbHEo0rYgySeiXeVmB6M9MY7NGYcDgevlZiPg=
9888ecc384811ab5781b0310ae9401a9.png
s3.amazonaws.com/cdn.baseball-new.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/9888ecc384811ab5781b0310ae9401a9.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
36c2343f3359688c9948184e631420db683b3d1a105206fcf76f1354c106425e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Sat, 14 Nov 2020 22:58:50 GMT
Server
AmazonS3
x-amz-request-id
VWTEC9V5DJV0XW1A
ETag
"25b21a978a769c711a8cc5c6fe2b22a9"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
10966
x-amz-id-2
Sp27A6KNhHPgLss712dEYv82qx822YxxSMuGVXSDIb6hcX0WO45yVRM7t5cPt8NFW6aPvIXhe3Y=
c7c5d314bd780195ca2739e007b04e63.png
s3.amazonaws.com/cdn.baseball-new.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/c7c5d314bd780195ca2739e007b04e63.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
47f719c1691461a5d778135c0512d51c87f8eea39be7ddad829830925902674b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Tue, 15 Dec 2020 13:21:55 GMT
Server
AmazonS3
x-amz-request-id
VWT2GZST8QQZBXVA
ETag
"344653c6dda80cd480444be1aef2a807"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
10027
x-amz-id-2
BWIpo4S24qZsKymfRK2+gN4TaarmjPS2pH63PVQiySHqhVigvOopN613g+50UIcLoND0RCC04CE=
8f6f2a20b0b9cd88bcff3b93bdd9c615.png
s3.amazonaws.com/cdn.baseball-new.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/8f6f2a20b0b9cd88bcff3b93bdd9c615.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bdbbb447bf69f791cb6717a186852f2b9661ca900a74d8235d37ef9ed65ac0dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Tue, 15 Dec 2020 13:22:04 GMT
Server
AmazonS3
x-amz-request-id
VWTEH6BE5T9ESEYZ
ETag
"f372c04545a398bbcfd0256f8e49d1ac"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
7971
x-amz-id-2
SNktPdL0paucCicAaohBJrfOfkRcI+Ea96jh2wyp34Ii3ew3A5IhyPkUDyhv3WGXg7kJJa39iig=
fa5ccb26f0dc095843644942bde4b7cd.png
s3.amazonaws.com/cdn.baseball-new.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/fa5ccb26f0dc095843644942bde4b7cd.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3aa5cdd18374b285ddc76c94ee1735df8b3e518cb7202fa7feec77a3b13437a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Tue, 15 Dec 2020 13:22:20 GMT
Server
AmazonS3
x-amz-request-id
VWT8GWQ8689JADF5
ETag
"687caec8c60c4146282dc57feb116506"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
9897
x-amz-id-2
ScaqxjCqg4XQ52U3C4fk87K46eePlxZnocexMRfyPFi0NfI3+cxaj4pk1EsQDMAXpc/GHlcploc=
0ac73fe9baac5a44d5760cf8eca6394f.png
s3.amazonaws.com/cdn.baseball-new.com/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/0ac73fe9baac5a44d5760cf8eca6394f.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
cd257ced5860b54b3c71dd2e1c9704a552f0c2be8e63ef42cdf47e05293da1bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Sat, 14 Nov 2020 22:57:44 GMT
Server
AmazonS3
x-amz-request-id
VWT8J2Q6B8TFPRBW
ETag
"757f209841921bd84efe00e6415c5118"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
10369
x-amz-id-2
BYp+PI2K+42k3GPXByfah5esjc1f1TnrI76JSin6XbnPDpGwhUVl5Tj/PpT7zYQjDe6bf6SPgVE=
4a9533cbf5e05f2abc7515331906d891.png
s3.amazonaws.com/cdn.baseball-new.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/4a9533cbf5e05f2abc7515331906d891.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
52084175f1ddbd7e4168245880f4dd0c69cedbcac6096306ecae4e56181ad545

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Tue, 15 Dec 2020 13:22:12 GMT
Server
AmazonS3
x-amz-request-id
VWT470FGVKQ7YG4J
ETag
"aad87560e4512c4693466db607703d76"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
8155
x-amz-id-2
kq6JhBDvE7oMN9li4Z8FryPj4zQK/zkDvbhlloeia0BLVIJw5fcjCo+1a0CWn/0IbiqeWXWjufY=
45017492450cd1f4a0003643f186f5a3.png
s3.amazonaws.com/cdn.baseball-new.com/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/45017492450cd1f4a0003643f186f5a3.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b59274b06fc793177aedbfa4b52d6d2571528266198414ae2b1795d7d87bff48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Tue, 15 Dec 2020 13:22:30 GMT
Server
AmazonS3
x-amz-request-id
VWTB4X730G69VH70
ETag
"d5e4057bad41787bb08c8c943e446a95"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
6654
x-amz-id-2
VJMo6TCX4to3gH7rqSPUZADHini5NJiR1UC6gQlBkLF4Z5E3l4cfpIzz0H3pdCx6P8PZF1k7rrw=
0ac7c75550df48fba0d82e80f05a0e63.png
s3.amazonaws.com/cdn.baseball-new.com/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/0ac7c75550df48fba0d82e80f05a0e63.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
14fa937604e0fd3f7f1f8fa5daa5ab7e25052e1b1b826688b0109fac4251bf6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Tue, 15 Dec 2020 13:22:47 GMT
Server
AmazonS3
x-amz-request-id
VWTD9H3AVG7ZJNFB
ETag
"e5144af4c4398b7856b08750c111a29f"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
7432
x-amz-id-2
BTnBHd+SabQhU80auGrq8cvIH1oQSPktf8dG4axpXrZYe/2hsSuh0VeFDdkRGil5r4fYCafeJRg=
b91a8061b0b3557371fed15068f48586.png
s3.amazonaws.com/cdn.baseball-new.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/b91a8061b0b3557371fed15068f48586.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.105.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ee735ad9351455e1417cd144ed24de18f6311c98a1284b55cd59fd0d25489d22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:32 GMT
Last-Modified
Fri, 28 Oct 2022 15:31:56 GMT
Server
AmazonS3
x-amz-request-id
VWT7PGCQRAQ29Y2K
ETag
"780b528b59b0bc2a422527bb6507da39"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
7952
x-amz-id-2
YEA6OypomLV/gNGyWfyfl7vxaKQ/6IGeEf6ksgsKJ426igcJT8VaUslxMU6Vjzgut3tiVr2We3A=
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-15283"
vary
Accept-Encoding
x-hw
1671091291.dop098.fr8.t,1671091291.cds153.fr8.hn,1671091291.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/bootstrap.min.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e9276746ee6d70a75d8362ddd8e20aa1ce8a008c8e39c66a9e05b758f636d01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15116808
x-jsd-version
5.1.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19179-FRA, cache-itm18842-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"e753-WcAbHa+/9xO8ID8ILaCWP92iBPQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGAK7qc8TiaiWF02l7TR%2F0eOkS0qQzDef%2FEH%2FeX5QxcruGGOlykNrrMv4%2FJPjYDx854sasNQcICr65HT1x97dzYzH%2FB6RMxYxFsyEhh86xzAnOAt39eufSTF0g07UeFEWIOg2HP%2F9akYv9gdcPY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
779da6da188ebb85-FRA
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/moment.min.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
215603
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15476
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-c909"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vK%2FUgr30PaBqHwan5w6bY1G7EexUW4vdEGBmq2QVd7n9wHlN6RdnL1cIvs2tJC4OjoFFtzKXdk3aDMmJ26GiZgBZEEXk6EyV%2Bkv3xIjKbfsx8xAc7CpOtp2FROnCWnJE80pXOG75feMzBVZX09%2FikLup"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
779da6da89a39214-FRA
expires
Tue, 05 Dec 2023 08:01:31 GMT
knockout-min.js
cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/knockout-min.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2549855
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19879
last-modified
Mon, 04 May 2020 16:11:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ecf-ebc2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekJjSaOdvcgoMILXIQcx68fR2AWB%2BxTYNWdFVvte7XrLTcQ9s9GnU8TywaV4iRUN%2FYIyPT6k0nsjS%2F5NEDc4MhDtmmow95RGwRYUTQdf5odqLRPRLq0%2FbgfFDBSZDRSNorW8BwOeDnJ4Psns%2FSyI01d1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
779da6da89a79214-FRA
expires
Tue, 05 Dec 2023 08:01:31 GMT
knockout-switch-case.min.js
cdn-conectate.kiskoo.com/web/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-conectate.kiskoo.com/web/js/knockout-switch-case.min.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:6097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74df90f5f0e27dd5df2470215692754169878aa5443c25a3515e1768e3db03b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4G2353E2GRKFTK44
age
1597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
lIdrvtJc5BSW1a4bal8qYWtCTql58n9uNQWR2yYcIKsTxGZzYAP89okWg0U5F5hfzy2j0+HVRus=
last-modified
Sat, 13 Oct 2018 08:10:55 GMT
server
cloudflare
etag
W/"c6682e07d18a5a4b0209d9351134154e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N17maZOXlpWaeF6XeQ5znnth38yOE9yKMU1hn%2FzCutUBdAibQVfCXOXsbWZSRA4iF%2F41%2FD3YMvvBkKaeMBw%2FQ5B1ZFNJC0JgOsCjdnr0HaaLAI9BzxbJrHhEaU96iDQKpvqp35OZ7VoEsfWhRwj0%2BMBhmaTV0iU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
779da6dba94f91f3-FRA
game-socket.js
cdn-conectate.kiskoo.com/modules/sport/frontend/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-conectate.kiskoo.com/modules/sport/frontend/assets/js/game-socket.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:6097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008be15ff7db879ddccb3bf415d1143924af4eca6d1dd5250726ac423624f9d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5W7A7N9HDZH1SSDN
age
5036
x-amz-storage-class
REDUCED_REDUNDANCY
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
gm2FgYdrX0LB0++3W9I25smEOVrjwjNDNCA3FXXvVFS0Q+O4T8e+faxNfNyk+lVjHjzmho7ns8g=
last-modified
Wed, 24 Aug 2022 17:10:05 GMT
server
cloudflare
etag
W/"0b6216bc1faa63361b5940d7cea9db21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Tho1u2CGzPB6KMFv0iWIffNOGLiV8r0k7ZYeBig%2FVZHO%2BnlpBz%2FrSEB4D0R4T%2B4YahIkuap6SYq%2FynQ%2FufTFsq7hyR1EwQKXPQWh1z%2FR7KTSbGuL8H7bUdCW96FlzKlvHDaWG3WLcccSNDRxSKS%2B7D3YBKc8UQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
779da6dba95491f3-FRA
responsiveslides.min.js
pelotainvernal.com/vendor/slider/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pelotainvernal.com/vendor/slider/responsiveslides.min.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-89-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2017 10:38:14 GMT
server
nginx
etag
W/"59dca316-d44"
vary
Accept-Encoding
content-type
application/javascript
smart-app-banner.js
pelotainvernal.com/js/smartapp/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pelotainvernal.com/js/smartapp/smart-app-banner.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-89-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1e894e7cf7187c224f386656a508446013f4cd6edea742f5241ce57258db06c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
gzip
last-modified
Thu, 18 Oct 2018 12:50:23 GMT
server
nginx
etag
W/"5bc8818f-444b"
vary
Accept-Encoding
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-19230497-1
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1abd25514b46661ed50e11e1c7d90e9f016e26f5dd02f96234ebf31a6bb254e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43656
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Dec 2022 08:01:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 19CA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53721
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 17:06:10 GMT
etag
10353107486223812946
expires
Wed, 28 Dec 2022 17:06:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		199 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pelotainvernal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
562756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 19:42:15 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67b55fa1ac1eb182c16573559fb708578b5ff0677b376090584be98f40f7cb5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119959
x-xss-protection
0
server
cafe
etag
619685096949698281
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 08:01:31 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pelotainvernal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
227799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:44:52 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:59:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Dec 2023 07:59:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		386 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pelotainvernal.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd4d772e30310f3db773adf243ec2121ed30e8f34f62bc15e33d4b05e1077ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
217
x-xss-protection
0
expires
Thu, 15 Dec 2022 08:01:31 GMT
cookie.js
partner.googleadservices.com/gampad/ 		403 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pelotainvernal.com&callback=_gfp_s_&client=ca-pub-3139134883708761&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c3d4ff86b6d545cfdefb8a43d03f4a1c3ff553a9344e949a727da8211cf4e8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2BFF 		136 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671091291&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291238&bpp=3&bdt=187&idt=274&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=4380327056723&frm=20&pv=2&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QjRRtLPkAP&p=https%3A//pelotainvernal.com&dtd=293
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d9645a514be2f1499ad10538ae7f5ec034e03958de8486ad05caeeaca35b27a
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL3ey5aU-_sCFQprGQodvGAPmg&gqi=W9SaY6bxI-u3nsEP6PKn6AU&layout=/sadbundle/%24csp%253Der3%24/12406491265686199930/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
44305
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL3ey5aU-_sCFQprGQodvGAPmg&gqi=W9SaY6bxI-u3nsEP6PKn6AU&layout=/sadbundle/%24csp%253Der3%24/12406491265686199930/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:32 GMT
expires
Thu, 15 Dec 2022 08:01:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8B76 		115 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671091291&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291244&bpp=1&bdt=194&idt=294&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbTEKWvmGY&p=https%3A//pelotainvernal.com&dtd=298
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e669ec87a5eff4e4a64cf5fcaad2d986005d1f8c0baba0e6c48c5d061e8f304
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIvey5aU-_sCFepdwgodCCwKqw&gqi=W9SaY_L1I8u0nsEPoLy92AU&layout=/sadbundle/%24csp%253Der3%24/12406491265686199930/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
42519
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIvey5aU-_sCFepdwgodCCwKqw&gqi=W9SaY_L1I8u0nsEPoLy92AU&layout=/sadbundle/%24csp%253Der3%24/12406491265686199930/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:32 GMT
expires
Thu, 15 Dec 2022 08:01:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		553 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2272291473544869&correlator=791688366800518&eid=31071013%2C44780792%2C21065724&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=40135427%2Cpelotainvernal_Video_Intext&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=1276542802&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1671091291575&lmt=1671091291&dlt=1671091291051&idt=500&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=1600x1200&msz=1x-1&fws=0&ohw=0&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
069d562355f373543f4301f6003792179269c51fb9fbb04f09cc5cbe6ac8429e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
284
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 75EC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:31 GMT
expires
Fri, 15 Dec 2023 08:01:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1422 / 642 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 08:01:31 GMT
prebid7.25.0.pelotainvernal.js
flower-ads.com/tag/pelotainvernal/ 		316 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3521616fbd1415fd86988bfc9773f6044497f54354e0b924f7db878f91c1af83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283
cf-polished
origSize=324455
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 18:22:14 GMT
server
cloudflare
etag
W/"4f367-6373d8d6-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R68YDSd7PJSZty4mOZnEMRDOBITd0WMwBjRGIQCMbNCaP5ka2swrc4QEyRhKWQx7lo8Vr1BY96nxVb79AwieQDPvaEPekPTbG5Uiyv35xxvb2zsvp0G1HRX052s6WdYs3J3Thv1OlKJcSY%2Fw"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=300
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
779da6ded8359b45-FRA
expires
Thu, 15 Dec 2022 07:57:10 GMT
2717-2424-01.js
t.seedtag.com/t/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/t/2717-2424-01.js
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.132.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448f77bd7ef67fefd6f9d038bb07e8dcb60f7dea64cb064bf82ce2379ad424a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
via
1.1 google
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
etag
W/"a2b2-78kU7uKcMp7VqcoGKZ5bXRNfHyk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1200
cf-ray
779da6df8cc2bba1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Dec 2022 08:21:32 GMT
pelotainvernal_21072.js
ads.vidoomy.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/pelotainvernal_21072.js
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
ea1b70e59d71bb9824849949981e1ca343ebfd3f5cad1eabdeb8a5bbfd7a453f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:32 GMT
Server
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
4999
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame EC35 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671091291&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291244&bpp=1&bdt=194&idt=294&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbTEKWvmGY&p=https%3A//pelotainvernal.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
499951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4775
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 13:09:01 GMT
expires
Sat, 09 Dec 2023 13:09:01 GMT
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 8B76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3LlfW9SaY8vEJeq7iQaI2KjYCvj0t_pt-t6R9ZARjqTeoKgwEAEgrZD0HmCVgoCAoAegAbKKwaoByAEJqQLil3lHq8OoPqgDAcgDSKoE1wFP0AVEP_10F7llRXVZDqsXziqHIxfi68mVFtkeRLzCSi1x-7u3Y0clv01EESX8gCYQH5uJUolPHhNZt3TL4qVQBEPUtMrA-VVuNu_OOwuqZAQACboKwhKNs9RVjC5go9mFNwp_lptRCokwpa-FPcqUKeIHU8_iB3yPqtxcXbsqfeoLJfiP5JaXKkYLh8TJOxZdexi0izIMUadh6a0OeW_GcVFwfgRKSeEBEmFD8X56EMIZXbi-mbou9WvZYe19AVvkNT8gINrUuAUGOtN7cEJYqjaYcjo9M8AEld7N-pkEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7b1vtUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnqwe0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItMzEzOTEzNDg4MzcwODc2MRgA&sigh=VtvEWMNxNqw&uach_m=[UACH]&cid=CAQSGwDq26N9cmwKE6LkmblP7MmfSPMEiqet6yucKBgBIBM&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671091291&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291244&bpp=1&bdt=194&idt=294&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbTEKWvmGY&p=https%3A//pelotainvernal.com&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671091291&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291244&bpp=1&bdt=194&idt=294&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbTEKWvmGY&p=https%3A//pelotainvernal.com&dtd=298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 15 Dec 2022 08:01:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 08:01:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 8B76 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671091291&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291244&bpp=1&bdt=194&idt=294&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbTEKWvmGY&p=https%3A//pelotainvernal.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
53723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 17:06:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8B76 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671091291&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291244&bpp=1&bdt=194&idt=294&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbTEKWvmGY&p=https%3A//pelotainvernal.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:48:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
69169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 12:48:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8B76 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671091291&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291244&bpp=1&bdt=194&idt=294&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbTEKWvmGY&p=https%3A//pelotainvernal.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
53723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 17:06:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8B76 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671091291&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291244&bpp=1&bdt=194&idt=294&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbTEKWvmGY&p=https%3A//pelotainvernal.com&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 08:01:32 GMT
st_3.16a2da2152224c6763cd.js
t.seedtag.com/c/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_3.16a2da2152224c6763cd.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/2717-2424-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.132.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f062f3b0dbd3f1365dcfbec75adccec3f87cd0789014d6bb515e41ba4e1e3d10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
73082
x-guploader-uploadid
ADPycdsz3bxUDtB_epA0zL9ro9g6GZiEV5BnrG45-vs-6I57jW_lQ-zRLQrwRZSjUrmcz75rB3u67n3ORXmPhTIWJsEUFA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 11:43:26 GMT
server
cloudflare
etag
W/"ee20c2e5221be57a7cae8205563119ae"
vary
Accept-Encoding
x-goog-generation
1670931806987073
content-type
application/javascript
x-goog-hash
crc32c=HVMo6w==, md5=7iDC5SIb5Xp8roIFVjEZrg==
cache-control
public, max-age=5356800
x-goog-stored-content-length
19734
cf-ray
779da6e05f3dbbbc-FRA
expires
Wed, 15 Feb 2023 08:01:32 GMT
st_2.375c44ff530b57cc947f.js
t.seedtag.com/c/ 		373 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_2.375c44ff530b57cc947f.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/2717-2424-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.132.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecd11477b961dff1d3e8cbd0110dbe242ab84da7f31d3ea1e2764023a29dfad3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
73082
x-guploader-uploadid
ADPycdvnxfPxs6UONLdrJiSVab7v_1W08ZeyKcJUqx7idNdWGk2BgNGSfSKL-0_KHSXpfzAhU6MY9StOCyFFGlSsGkqTdg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 11:43:27 GMT
server
cloudflare
etag
W/"46a065b75a36e46c60706eb50464b77b"
vary
Accept-Encoding
x-goog-generation
1670931807041002
content-type
application/javascript
x-goog-hash
crc32c=05o6Jg==, md5=RqBlt1o25GxgcG61BGS3ew==
cache-control
public, max-age=5356800
x-goog-stored-content-length
103323
cf-ray
779da6e05f3fbbbc-FRA
expires
Wed, 15 Feb 2023 08:01:32 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 34A6 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671091291&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291244&bpp=1&bdt=194&idt=294&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbTEKWvmGY&p=https%3A//pelotainvernal.com&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671091291&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291244&bpp=1&bdt=194&idt=294&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbTEKWvmGY&p=https%3A//pelotainvernal.com&dtd=298
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
307
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:56:25 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8B76 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9fc343a39726f3bd297979248e261a5a1efb0fafba23e5ba72330f6117759a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame EC35 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
46995
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 15 Dec 2022 18:58:17 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EC35 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
80434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 15 Dec 2022 09:40:58 GMT
120fb889c9d3d02c8d3dd0555cf62ab3.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame EC35 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 10 Dec 2022 01:22:34 GMT
age
455938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30375
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 10 Dec 2023 01:22:34 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 34A6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671091291&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291244&bpp=1&bdt=194&idt=294&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbTEKWvmGY&p=https%3A//pelotainvernal.com&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:32 GMT
expires
Thu, 15 Dec 2022 08:01:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:32 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pv
s.seedtag.com/c/ 		987 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/pv?token=2717-2424-01&device=desktop&fullUrl=https%3A%2F%2Fpelotainvernal.com%2F&cache=1671091292351&v=-&ft=true
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.375c44ff530b57cc947f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
af9474e5a7a9093351569e5cb64b9b34596d02e5cd1ede8ead7acf41740f76cf

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
content-encoding
gzip
via
1.1 google
server
nginx
etag
W/"3db-d56IUQUr0/Vgjj1mzqd29BR6edI"
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pelotainvernal.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
css
fonts.googleapis.com/ Frame EC35 		6 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 08:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 06:45:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Dec 2022 08:01:32 GMT
7296e22ca20ac6472628647a52a912af.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame EC35 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/7296e22ca20ac6472628647a52a912af.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 20:40:02 GMT
x-content-type-options
nosniff
age
213690
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8880
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 20:40:02 GMT
0eeebe2aab7fa2fb99c2a447383fb9a6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame EC35 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/0eeebe2aab7fa2fb99c2a447383fb9a6.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 10 Dec 2022 02:07:48 GMT
x-content-type-options
nosniff
age
453224
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 10 Dec 2023 02:07:48 GMT
undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame EC35 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 15 Dec 2022 08:01:32 GMT
formats.js
ad.lkqd.net/vpaid/ Frame A4FF 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1671091292.cds221.fr8.hn,1671091292.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame D812 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1671091292.cds221.fr8.hn,1671091292.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
auto-user-sync
ads.stickyadstv.com/ 		43 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-73.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:32 GMT
Server
nginx
Content-Type
image/gif
nnCoection
close
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1671091292580070-367
Expires
Thu, 15 Dec 2022 08:01:32 GMT
quant.js
secure.quantserve.com/ Frame 07EA 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.375c44ff530b57cc947f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
content-encoding
gzip
etag
"KvGSi9leJgKNKEGESzHjYw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 22 Dec 2022 08:01:32 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame FB84 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 15 Dec 2022 08:01:32 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1671091292.cds221.fr8.hn,1671091292.cds226.fr8.c
ad
v.lkqd.net/ Frame A4FF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=30379575&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
f7077d9fc217944a67e7c90cded7a8c255a75c1f1d68aea4e2b43870a2545b50

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1409
usync.html
ad.lkqd.net/cookie-sync/ Frame D951 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 15 Dec 2022 08:01:32 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1671091292.cds221.fr8.hn,1671091292.cds226.fr8.c
ad
v.lkqd.net/ Frame D812 		180 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171094&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=13921434&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
rules-p-PFW5FesqXn206.js
rules.quantcount.com/ Frame 07EA 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:4800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:45:50 GMT
content-encoding
gzip
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
943
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:36:52 GMT
server
AmazonS3
etag
W/"a521a7bf6d17b50bc9827eaad4be8ecc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
2DUCS6ZGbiMz50YAkBmoTJFCmb5RYatraok0XBF7zXOSfCqKIujhxQ==
cs
cs.lkqd.net/ Frame FB84
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=68525412-edbd-46f6-857c-c6eeefccd0f4
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=68525412-edbd-46f6-857c-c6eeefccd0f4
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=68525412-edbd-46f6-857c-c6eeefccd0f4
date
Thu, 15 Dec 2022 08:01:32 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame FB84 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame FB84 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame FB84
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame FB84
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=sS--rM94Rypp0UAlxEmr-Nly2hQ
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=sS--rM94Rypp0UAlxEmr-Nly2hQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=sS--rM94Rypp0UAlxEmr-Nly2hQ
Date
Thu, 15 Dec 2022 08:01:33 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame D951
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1e7f6d89-9abb-45c8-b3f7-ec370389ec6c
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1e7f6d89-9abb-45c8-b3f7-ec370389ec6c
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1e7f6d89-9abb-45c8-b3f7-ec370389ec6c
date
Thu, 15 Dec 2022 08:01:32 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame D951 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D951 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D951
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3829220260806866889
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3829220260806866889
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3829220260806866889
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame D951
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ritx1sN-RZJdE-uCnXtPmdly2hQ
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ritx1sN-RZJdE-uCnXtPmdly2hQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ritx1sN-RZJdE-uCnXtPmdly2hQ
Date
Thu, 15 Dec 2022 08:01:33 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
pixel;r=1449709852;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpelotainvernal.com%2F;ref=https%3A%2F%2Fpelotainvernal.com%2F;uht=2;fpan=1;fpa=P0-216112849-1671091292598;pbc=;ns=1;ce=1;qj...
pixel.quantserve.com/ Frame 07EA 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1449709852;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpelotainvernal.com%2F;ref=https%3A%2F%2Fpelotainvernal.com%2F;uht=2;fpan=1;fpa=P0-216112849-1671091292598;pbc=;ns=1;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;d=pelotainvernal.com;dst=0;et=1671091292702;tzo=0;ogl=;ses=93c5c509-b147-4eef-9c74-8e5ef292646a
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:33 GMT
server
nginx
t
t.lkqd.net/ Frame 6C8F 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:33 GMT
server
nginx
t
t.lkqd.net/ Frame 45BE 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame BD6E 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:32 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1671091292.cds221.fr8.hn,1671091292.cds268.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 2D26 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 15 Dec 2022 08:01:32 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1671091292.cds221.fr8.hn,1671091292.cds226.fr8.c
ad
v.lkqd.net/ Frame BD6E 		22 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=30379575&m=&rtv=1&thost=pelotainvernal.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d483d83397c36e7235810c0dfc91eb71a09a190e7bd2d565acf39d7ff8e69236

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 08:01:33 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3898
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=30379575&m=&rtv=1&thost=pelotainvernal.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 15 Dec 2022 08:01:33 GMT
server
nginx
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame AF7D 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
499952
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4775
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 13:09:01 GMT
expires
Sat, 09 Dec 2023 13:09:01 GMT
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 8398 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CPWluW9SaY_3EJYrWZbzBvdAJ-PS3-m363pH1kBGOpN6gqDAQASCtkPQeYJWCgICgB6ABsorBqgHIAQmpAuKXeUerw6g-qAMByANIqgTRAU_Ql0qWI_tedeinoRXcCHFqmdXokZHqVyM0s18tNdsAxCKdSBnGQDSEvpMTJ0Um0aS-KYD4-UAB_8LDk64-cg41fDv0u8xxQIpF0kidINbfYw40RJPci71MH-aWTxoCu9LndJUzEerFZGC6GJQdnxFmPpwEUUTh5J-pjtVgM2m2BHQ3xULgSQVSedrLyHZaw-n66T5t2dk0i6KxLWxQi6tbnQiuBkbOEAQ6IvT2jejUyCZih-aHwgKg39yKmmDoPMOtU7xij2m2yrHfLgf9GhNHwASV3s36mQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCf6x_SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMTM5MTM0ODgzNzA4NzYxGAA&sigh=ta-7RU60QGs&uach_m=[UACH]&cid=CAQSGwDq26N9aUfN-J9736K9VfadO9mXJ_NhmMCPuhgBIBM&template_id=419
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671091291&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291238&bpp=3&bdt=187&idt=274&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=4380327056723&frm=20&pv=2&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QjRRtLPkAP&p=https%3A//pelotainvernal.com&dtd=293
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 15 Dec 2022 08:01:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 8398 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671091291&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291238&bpp=3&bdt=187&idt=274&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=4380327056723&frm=20&pv=2&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QjRRtLPkAP&p=https%3A//pelotainvernal.com&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
53724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 17:06:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8398 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671091291&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291238&bpp=3&bdt=187&idt=274&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=4380327056723&frm=20&pv=2&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QjRRtLPkAP&p=https%3A//pelotainvernal.com&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:48:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
69170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 12:48:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8398 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671091291&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291238&bpp=3&bdt=187&idt=274&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=4380327056723&frm=20&pv=2&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QjRRtLPkAP&p=https%3A//pelotainvernal.com&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
53724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 17:06:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8398 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671091291&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291238&bpp=3&bdt=187&idt=274&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=4380327056723&frm=20&pv=2&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QjRRtLPkAP&p=https%3A//pelotainvernal.com&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 08:01:33 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame EC35 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 20:48:04 GMT
x-content-type-options
nosniff
age
472409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18688
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 20:48:04 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame EC35 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 17:51:13 GMT
x-content-type-options
nosniff
age
223820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:51:13 GMT
Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame EC35 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:05:28 GMT
x-content-type-options
nosniff
age
503765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20496
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 12:05:28 GMT
cs
cs.lkqd.net/ Frame 2D26
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1cf23668-f2d7-4330-afd3-0c58960fbea1
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1cf23668-f2d7-4330-afd3-0c58960fbea1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1cf23668-f2d7-4330-afd3-0c58960fbea1
date
Thu, 15 Dec 2022 08:01:33 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 2D26 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2D26 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2D26
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 2D26
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Date
Thu, 15 Dec 2022 08:01:33 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame AF7D 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
46996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 15 Dec 2022 18:58:17 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame AF7D 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
80435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 15 Dec 2022 09:40:58 GMT
120fb889c9d3d02c8d3dd0555cf62ab3.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame AF7D 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 10 Dec 2022 01:22:34 GMT
age
455939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30375
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 10 Dec 2023 01:22:34 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A3CA 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671091291&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291238&bpp=3&bdt=187&idt=274&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=4380327056723&frm=20&pv=2&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QjRRtLPkAP&p=https%3A//pelotainvernal.com&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671091291&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291238&bpp=3&bdt=187&idt=274&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=4380327056723&frm=20&pv=2&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QjRRtLPkAP&p=https%3A//pelotainvernal.com&dtd=293
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
308
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:56:25 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8398 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e4b1313bc2267b435bf2f2a51badb9787865242cb56aa241da9cc5f832cd6dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
7296e22ca20ac6472628647a52a912af.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame AF7D 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/7296e22ca20ac6472628647a52a912af.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 20:40:02 GMT
x-content-type-options
nosniff
age
213691
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8880
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 20:40:02 GMT
0eeebe2aab7fa2fb99c2a447383fb9a6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame AF7D 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/0eeebe2aab7fa2fb99c2a447383fb9a6.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 10 Dec 2022 02:07:48 GMT
x-content-type-options
nosniff
age
453225
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 10 Dec 2023 02:07:48 GMT
undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame AF7D 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:33 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 15 Dec 2022 08:01:33 GMT
css
fonts.googleapis.com/ Frame AF7D 		6 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 08:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 06:21:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Dec 2022 08:01:33 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A3CA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671091291&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091291238&bpp=3&bdt=187&idt=274&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=4380327056723&frm=20&pv=2&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QjRRtLPkAP&p=https%3A//pelotainvernal.com&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:33 GMT
expires
Thu, 15 Dec 2022 08:01:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:33 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame EC35 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 06:47:48 GMT
t
t.lkqd.net/ Frame 40E2 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:33 GMT
server
nginx
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame AF7D 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 20:48:04 GMT
x-content-type-options
nosniff
age
472409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18688
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 20:48:04 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame AF7D 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 17:51:13 GMT
x-content-type-options
nosniff
age
223820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:51:13 GMT
Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame AF7D 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:05:28 GMT
x-content-type-options
nosniff
age
503765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20496
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 12:05:28 GMT
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame AF7D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 06:47:48 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8B76 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvr-u8bnJ0ub-TMpxzobPcqB1R1gaWRtlrO_X4OqQlCXeom-vhHfo0kyig5K7t4b8jdZ4GIAH1LBrhUkNjGeuuz0XYDSvP6ugcpzU_mdy0LqJvUzZGPR0uPgp42M_xSOrnHiJLuqA&sai=AMfl-YRMvL1JFJusgEIYAcD51Dc-Bn9WTuYLeJYIAAm__iJ9myUMtfSwAZT4SPPRPHnbLWDip2oPizE83_QdroE&sig=Cg0ArKJSzARenrIDlMTGEAE&cid=CAQSGwDq26N9cmwKE6LkmblP7MmfSPMEiqet6yucKBgBIBM&id=lidar2&mcvt=1016&p=0,0,90,728&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1056406635&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671091291543&rpt=749&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		831 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C1875891067626048350611712314%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-73.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6733cf93afc319e7b8f2ea92ecd2157c4e5ef8588ff72f3d4cbdc0b7885e0226

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:33 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
831
x-sticky-vk
1671091293654028-337
Expires
Thu, 15 Dec 2022 08:01:33 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-112.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
ec8c0ad5641e82785e893411a8f2881b5cd3783c6f7bc615b05705df45ef8c15
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:43:26 GMT
content-encoding
br
via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 07:43:26 UTC
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P2
age
1087
x-powered-by
PHP/8.0.14
etag
W/"60356eb00b8c3b433964f7205bd37d81"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
EcBtpGG5GL5hP91ClENNA9Iw9SdJmeb0Q1xCEZ6NRK5z7s8buJWXTw==
x-xss-protection
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:33 GMT
server
nginx
t
t.lkqd.net/ Frame 40E2 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_f51ac984.js
vpaid.springserve.com/production/ Frame 8594 		506 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_f51ac984.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7a00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 17:09:30 GMT
content-encoding
br
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
last-modified
Tue, 06 Dec 2022 22:05:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
658324
etag
W/"b030ae2df4f66a78701be0f4e1a3a52f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
jEuE5ElT6QQWTaV_RYB0hB8K_CmmWJ5bSTBb8QSs0lmJvNCcDDtejw==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpelotainvernal.com%2F&tn=NAV&id=w0&cls=navbar%20navbar-dark%20fixed-top%20bg-dark&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7617 		148 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&adk=1812271804&adf=3025194257&lmt=1671091293&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fpelotainvernal.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671091293811&bpp=3&bdt=2760&idt=3&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39bad8454e8057a0%3AT%3D1671091291%3AS%3DALNI_Mb5ZkJuYuvEj9hSv92HRMbspqDNTQ&gpic=UID%3D00000b92ae414513%3AT%3D1671091291%3ART%3D1671091291%3AS%3DALNI_MZqD6vsYvmZbCxtayi0qX3-htP5Xg&prev_fmts=1298x100%2C728x90&nras=1&correlator=4380327056723&frm=20&pv=1&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773747%2C44780792%2C21065724&oid=2&psts=AMjMPc0RxIxU9k3PnglFtf_aKapC45PGopRehOK9kKyKMZIPhvcwoM6hPkNQZoBeotywn1CT78yIVfedMKZQC0iWRA&pvsid=2272291473544869&tmod=688375104&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10d885d549021c6b2fe32b57aadc0311865bf4fb465ecf99788b0f9efd6e3ff1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
49264
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=152632854.689590541671402056.9614005
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=152632854.689590541671402056.9614005
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=99611486-5a17-4503-a1b0-ab1982a65b33
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=vidoomy&expires=10&bsw_param=99611486-5a17-4503-a1b0-ab1982a65b33
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=99611486-5a17-4503-a1b0-ab1982a65b33
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=99611486-5a17-4503-a1b0-ab1982a65b33
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Server
3.69.101.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-101-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=99611486-5a17-4503-a1b0-ab1982a65b33
date
Thu, 15 Dec 2022 08:01:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58610/occ
  • https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-EawrLONE2uH478rAnltLO7kXVwobFnp0LDWMhf0-~A
43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-EawrLONE2uH478rAnltLO7kXVwobFnp0LDWMhf0-~A
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Server
3.69.101.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-101-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-EawrLONE2uH478rAnltLO7kXVwobFnp0LDWMhf0-~A
date
Thu, 15 Dec 2022 08:01:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t
t.lkqd.net/ Frame 40E2 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:33 GMT
server
nginx
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-19230497-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 07:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2747
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 15 Dec 2022 09:15:46 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 15 Dec 2022 08:01:34 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
360781
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=nECGY3wzYkwvb2NRWC9mQnFBS2YzWE1EWkZOU1Q0ZU1pbDQ5M3JpV0xiMHR4TjZLMmRXaFB0OHp5cEF6Z05sRGxnbkZXTnZOZVV0K1pqeFlJcFpZRHFCbFdZZ1M3aWswLzY3QnhPUkZEQklLc1NiVkxURlBJOTBxcTZCM0...
357 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nECGY3wzYkwvb2NRWC9mQnFBS2YzWE1EWkZOU1Q0ZU1pbDQ5M3JpV0xiMHR4TjZLMmRXaFB0OHp5cEF6Z05sRGxnbkZXTnZOZVV0K1pqeFlJcFpZRHFCbFdZZ1M3aWswLzY3QnhPUkZEQklLc1NiVkxURlBJOTBxcTZCM0tacUVIVmxvSDAwWmM4T3gvYWc3UU9tcG52VWxrSzFHYlh2UEtUR0NOeStxM1M0bEwzdU1ib2NoQytiK3EvL0QxRkZxdFFsbmVmeUFHcmlIVzdCWGtJSVpLYVVheTl4N0hHck1lWE10WTR5dVAvaGVCTklEcEpSb2V5VEh4emNnWFFKRDJiMFlsfA&cppv=2
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bf9911de531f730accd283f99c6e2c0bffa0254643bb091b985d065e5af6ee0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
659005
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=nECGY3wzYkwvb2NRWC9mQnFBS2YzWE1EWkZOU1Q0ZU1pbDQ5M3JpV0xiMHR4TjZLMmRXaFB0OHp5cEF6Z05sRGxnbkZXTnZOZVV0K1pqeFlJcFpZRHFCbFdZZ1M3aWswLzY3QnhPUkZEQklLc1NiVkxURlBJOTBxcTZCM0tacUVIVmxvSDAwWmM4T3gvYWc3UU9tcG52VWxrSzFHYlh2UEtUR0NOeStxM1M0bEwzdU1ib2NoQytiK3EvL0QxRkZxdFFsbmVmeUFHcmlIVzdCWGtJSVpLYVVheTl4N0hHck1lWE10WTR5dVAvaGVCTklEcEpSb2V5VEh4emNnWFFKRDJiMFlsfA&cppv=2
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
314800
content-length
0
expires
0
localstore.js
script.4dex.io/ 		483 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:34 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1870223
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rc2cQYHZ5LEEiaoH%2Fp4IwnzVyoz41oLVIRjK9eD1VCLj%2FWQIMMQEXEss9Ji8Z7M06sE59x1aLq0ttPys5hATNnF49refMlGwHsb8L4iLQnFX%2BTqpuJ42WWjis5kmxCIjxlAeJ6R8y9%2BLCrY2"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
779da6ebcbeb9244-FRA
prebid
mp.4dex.io/ 		114 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53090c518a288ece7279962d2316a77c6d38709995aa213b196ffb4e42094bdb

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
779da6ebc9fd9b70-FRA
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=910000
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88e6c842599599da1b3799d5f4659d8f3e5fa561e7ef23755baaa2a66031431b

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXxe2ZuYUxvk1vYNcGsOXwJf5U2Sz2Ib0SZOl1RPSHzHIr4ky%2FM8EuBy420pk1ojFzmz4hFFJhC3GbGMErU7hvd2DYvjihV7%2FWZ6cI9BRTU8oypLU6vkP7ZKo%2FBg88GMKLAm6qfj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
779da6ebd85f5b74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bid
ap.lijit.com/rtb/ 		24 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.25.0
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
01709b4bf1919efaab359c127a778af8e15a68d835a5d8883bef166675b6c018

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 08:01:34 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pelotainvernal.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		139 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
943e7b61d5b7b03515718af626fd42af9c3f851b5c67617f7e28fba98fae9401
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:34 GMT
AN-X-Request-Uuid
2256d6df-0718-4dd9-a213-7b0627897944
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		338 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU15JWV5
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb3de72456fc05ea9108c8d52846d6544e81a312ff45156281e6bf3cc95ec89c

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 15 Dec 2022 08:01:34 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24930&site_id=447118&zone_id=2620778&size_id=10&rp_schain=1.0,1!flower-ads.com,fw0108,1,,,&eid_pubcid.org=ebd2de10-8a36-4059-b6ef-7471c7d536c9%5E1&rf=https%3A%2F%2Fpelotainvernal.com%2F&kw=pelotainvernal%2Cposicionespelotainvernal%2Ccalendariopelotainvernal&tg_i.page=https%3A%2F%2Fpelotainvernal.com%2F&tg_i.domain=pelotainvernal.com&tg_i.pbadslot=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&tk_flint=pbjs_lite_v7.25.0&x_source.tid=a8efdf68-8abe-47fc-b3ee-c5aca45b13a9&l_pb_bid_id=18ec9696003b8ff&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&slots=1&rand=0.8833870100542192
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c0fb80435e5880e14c09a8ea940df2b4581d5b04017491acfb784662a7da9b0c

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24930&site_id=447118&zone_id=2620778&size_id=2&rp_schain=1.0,1!flower-ads.com,fw0108,1,,,&eid_pubcid.org=ebd2de10-8a36-4059-b6ef-7471c7d536c9%5E1&rf=https%3A%2F%2Fpelotainvernal.com%2F&kw=pelotainvernal%2Cposicionespelotainvernal%2Ccalendariopelotainvernal&tg_i.page=https%3A%2F%2Fpelotainvernal.com%2F&tg_i.domain=pelotainvernal.com&tg_i.pbadslot=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&tk_flint=pbjs_lite_v7.25.0&x_source.tid=9f2e93a0-e1b6-416c-8d02-785dff63a6b9&l_pb_bid_id=1999456dca97956&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&slots=1&rand=0.5810696312543888
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f6b592d0a9db66140934d8835a3af0b61be49d76f82f3d6ce9b91117cfb444a8

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1052133793&t=pageview&_s=1&dl=https%3A%2F%2Fpelotainvernal.com%2F&ul=en-us&de=UTF-8&dt=PelotaInvernal.com%20%7C%20Resultados%2C%20Calendarios%20y%20Posiciones&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1513269173&gjid=1230968499&cid=1506290039.1671091292&tid=UA-19230497-1&_gid=1121866092.1671091294&_r=1&gtm=2oubu0&z=1225082585
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Dec 2022 19:03:18 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.229.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sat, 14 Jan 2023 08:01:34 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 8594 		978 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091293589,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c0b37e465c194ac64cda0512dca52c310a08bc4d7181098c503957f3ae3de77a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
603
expires
Thu, 15 Dec 2022 08:01:34 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-19230497-1&cid=1506290039.1671091292&jid=1513269173&gjid=1230968499&_gid=1121866092.1671091294&_u=YAhAAUAAAAAAACAAI~&z=358936844
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 15 Dec 2022 08:01:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:34 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1164582
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqrdEM7F%2BlO52xPrvy7rZvDDYgCV7lyHEbpWR9HzBiaMZzsrLNK6k1v2TXRRUJn7Nnu3ZwGQvVBObHNzTaJeZ6j9MEib%2BqowUNw2Ivmx%2BbcWid%2FLTPreBQ0E1APQwoVEqETYOnHUF3wEVJT%2F"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
779da6ec4fb79bc8-FRA
spc_fi.php
cdn.firstimpression.io/delivery/ 		19 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7293&url=%2F&charset=UTF-8&ch=8&ref=pelotainvernal.com&viewerId=null&referer=&_firid=68182266
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-112.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
1a5abe47806581eb04be12b1013b7926cc63950e58a5e2bb77610dc752864112

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
gzip
via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
pPb16zxP321Wazjbj6RSRMcrBX0woLOV2jk-z5ytdD4mJHEDNxhR_w==
expires
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 03AD 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091293589,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 06:03:39 GMT
server
Apache
etag
"277a2-5e7fbf52bc8c8-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38047
activeview
pagead2.googlesyndication.com/pcs/ Frame 8398 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv90-W6vdZXY4L-Bkanka-cQcYyao8hqvkrJu3JW7XoIm8Dn19VswCGIhDWXRAvTinkkw90DAWE2BT6Sovbug-hGjlMp9dmekL_NH35s7lXRunr83gG3wzDUvCIfJS7puIaC4_ivg&sai=AMfl-YS_cNJFtRVKpQ2Q3B0GMVtL49_t7lf3rtmcE7KsclicXBbijuspFh7Ok3V5myNgC-7qTPgylroVfyznAKE&sig=Cg0ArKJSzHX7CmUXZM3jEAE&cid=CAQSGwDq26N9aUfN-J9736K9VfadO9mXJ_NhmMCPuhgBIBM&id=lidar2&mcvt=1000&p=0,1,100.03125,810&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=88850195&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671091292993&rpt=117&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame E7E9 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091293589,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=21259
content-encoding
gzip
content-length
13946
content-type
text/html
date
Thu, 15 Dec 2022 08:01:34 GMT
expires
Thu, 15 Dec 2022 13:55:53 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 03AD 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091293589,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=21259
accept-ranges
bytes
content-length
13946
expires
Thu, 15 Dec 2022 13:55:53 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nECGY3wzYkwvb2NRWC9mQnFBS2YzWE1EWkZOU1Q0ZU1pbDQ5M3JpV0xiMHR4TjZLMmRXaFB0OHp5cEF6Z05sRGxnbkZXTnZOZVV0K1pqeFlJcFpZRHFCbFdZZ1M3aWswLzY3QnhPUkZEQklLc1NiVkxURlBJOTBxcTZCM0tacUVIVmxvSDAwWmM4T3gvYWc3UU9tcG52VWxrSzFHYlh2UEtUR0NOeStxM1M0bEwzdU1ib2NoQytiK3EvL0QxRkZxdFFsbmVmeUFHcmlIVzdCWGtJSVpLYVVheTl4N0hHck1lWE10WTR5dVAvaGVCTklEcEpSb2V5VEh4emNnWFFKRDJiMFlsfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 15 Dec 2022 08:01:33 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
437093
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		317 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2272291473544869&correlator=2880590095829928&eid=31071013%2C44780792%2C21065724&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=40135427%2Cpelotainvernal_Video_Intext&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&adks=1276542802&sfv=1-0-40&ris=3&rcs=1&eri=1&sc=1&cookie=ID%3D39bad8454e8057a0%3AT%3D1671091291%3AS%3DALNI_Mb5ZkJuYuvEj9hSv92HRMbspqDNTQ&gpic=UID%3D00000b92ae414513%3AT%3D1671091291%3ART%3D1671091291%3AS%3DALNI_MZqD6vsYvmZbCxtayi0qX3-htP5Xg&abxe=1&dt=1671091294250&lmt=1671091294&dlt=1671091291051&idt=500&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=1600x1200&msz=1x-1&fws=0&ohw=0&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da2e2fd2eea12bb6d7316a6a244c367a378147e721f26d1779f3dc8dadc2e352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		73 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2272291473544869&correlator=2880590095829928&eid=31071013%2C44780792%2C21065724&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22304838115%2Cpelotainvernal%2Cdesktop_sidebar_01%2Cdesktop_inread_1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x600%2C728x90&ifi=6&adks=2344183488%2C1811199381&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.03%26hb_adid_rubicon%3D218e64fb2230e43%26hb_bidder_rubicon%3DITBHB%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.03%26hb_adid%3D218e64fb2230e43%26hb_bidder%3DITBHB%7Chb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D2206e4f872eee8%26hb_bidder_rubicon%3DITBHB%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D2206e4f872eee8%26hb_bidder%3DITBHB&eri=1&sc=1&cookie=ID%3D39bad8454e8057a0%3AT%3D1671091291%3AS%3DALNI_Mb5ZkJuYuvEj9hSv92HRMbspqDNTQ&gpic=UID%3D00000b92ae414513%3AT%3D1671091291%3ART%3D1671091291%3AS%3DALNI_MZqD6vsYvmZbCxtayi0qX3-htP5Xg&abxe=1&dt=1671091294254&lmt=1671091294&dlt=1671091291051&idt=500&adxs=1149%2C275&adys=575%2C486&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=300x600%7C975x90&msz=300x600%7C975x90&fws=0%2C0&ohw=0%2C0&ga_vid=1506290039.1671091292&ga_sid=1671091292&ga_hid=1052133793&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGViZDJkZTEwLThhMzYtNDA1OS1iNmVmLTc0NzFjN2Q1MzZjOVgB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
048fb04ccc3f2b72c4a113aaab9d1ab33e9b33aa9edf59cda304c683b8eecbdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21223
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E7E9 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84383662&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
88607ea9edc58a87deb722a20f0760420efe0df2453bcfebd6d2b2beaa2cfe6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ev
s.seedtag.com/e/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/e/ev
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.375c44ff530b57cc947f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
via
1.1 google
server
nginx
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
https://pelotainvernal.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Pug
simage2.pubmatic.com/AdServer/ Frame BDB9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dd13639a-d45f-4c00-a03b-c0cba592742b&gdpr=0&gdpr_consent=
42 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dd13639a-d45f-4c00-a03b-c0cba592742b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 08:01:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 15 Dec 2022 08:01:34 GMT
Expires
Thu, 15 Dec 2022 08:01:33 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 224 5671b77 master zrh-pixel-x25 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dd13639a-d45f-4c00-a03b-c0cba592742b&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 22DE
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7825749370303073270
42 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7825749370303073270
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 08:01:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7825749370303073270
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 66A9 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:33 GMT
expires
Thu, 15 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
637911
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6844
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F55788C-3DAF-4F6C-9153-F0674D3DB544&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F55788C-3DAF-4F6C-9153-F0674D3DB544&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F55788C-3DAF-4F6C-9153-F0674D3DB544&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Dec 2022 08:01:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YXF157CZSX8CT3ZP3SV2

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 08:01:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F55788C-3DAF-4F6C-9153-F0674D3DB544&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VPNPRX8KT0QPWJAJB737
Pug
simage2.pubmatic.com/AdServer/ Frame B8E4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1711690457971926349&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1711690457971926349&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 08:01:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
854ae4a4-ac4b-439d-a15f-4a95679420c8
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 08:01:34 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1711690457971926349&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E7E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n1V4jD2vT2yRU_BnTT21RA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=24536
accept-ranges
bytes
content-length
5549
expires
Thu, 15 Dec 2022 14:50:30 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame E7E9 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=9F55788C-3DAF-4F6C-9153-F0674D3DB544
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
779da6ee389e69a3-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame E7E9 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.97.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-97-75.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.1.48
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame E7E9
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3086343366
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9F55788C-3DAF-4F6C-9153-F0674D3DB544
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9F55788C-3DAF-4F6C-9153-F0674D3DB544
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:33 GMT
via
1.1 google
last-modified
Thu, 15 Dec 2022 08:01:34 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9F55788C-3DAF-4F6C-9153-F0674D3DB544
date
Thu, 15 Dec 2022 08:01:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame E7E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUY1NTc4OEMtM0RBRi00RjZDLTkxNTMtRjA2NzREM0RCNTQ0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 08:01:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E7E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMsQEX54o0H-m28eqNg1vkI&google_cver=1
42 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMsQEX54o0H-m28eqNg1vkI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 08:01:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMsQEX54o0H-m28eqNg1vkI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame E7E9 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 14 Dec 2022 08:01:34 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E7E9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8781398616916412109
42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8781398616916412109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 08:01:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8781398616916412109
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame E7E9 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 03AD 		27 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091293589,,&us_privacy=&cb=1671091294167&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fpelotainvernal.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fpelotainvernal.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-12-15%208:1:34&ranreq=0.7105443715124435&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091293589,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://pelotainvernal.com
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 03AD 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671091295&wa=0&vadsId=-1&e=95&vc=2
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
AS623DQBY0CG4WQ2
age
3276
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
779da6f1dcf5163f-FRA
x-amz-id-2
opH3n6Ss4TlDtfyjukoygT4YC9ks6ezIdzU29iyaBzEnETZcFBMAM6rnMr/Jv2PsgS8/3mqoHZ4=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
40544
x-jsd-version
master
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkfMYSiQ%2FFObu%2FjMdV71he1l%2FnSqrRXnErg091iVy5BEcV51CNwR8KQYBzfBtWbSPNg6jGdT%2FvtrAm9B3SqcF8kXrCxeHJzlBBtFPqaSIuZLtFk11fB4%2BigKIfOFQiIFmrWczNhoZhdYe964Pp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
779da6f0cc449a06-FRA
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Dec 2022 08:01:35 GMT
container.html
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2052 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:31 GMT
expires
Fri, 15 Dec 2023 08:01:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 15C1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:31 GMT
expires
Fri, 15 Dec 2023 08:01:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i
vid-io-cle.springserve.com/vd/ Frame 8594 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=6b22d64f&ps_id=356921&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.218.58.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-218-58-137.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:35 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
st.pubmatic.com/ Frame 8594 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671091294&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
increment
id5-sync.com/api/esp/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
pixel
googleads.g.doubleclick.net/xbbe/ Frame A43B 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARi09-zHATAB&v=APEucNVWaAiszDC18XG1hxBnfnze6VVbu7cxnWGJHodZfqUuDbBjVCqbKbv9jQfUVsMv3L0os3p7gYJOLZsdvTsCIGa97Suecj6oUhSQG-dI9nstHe9yppLOeF7k4RYtBl1HO8_f7Cm5wtp4TWRXVy2kXPP4AB2ilh_HdXG7qrf8F-mekUBgVDw
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:35 GMT
expires
Thu, 15 Dec 2022 08:01:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2052 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-a0CG5fzyNNxhtia1tDg-ZUgR5-B3fvIzMyUPPAiVo5GcW030mG7luCsPdkgxKXYUl1S4PYq3Mis59z5vxOO30TCztzWV6upCwTAAeXaytUDj_yTgy4iY9RKo23VRuEVJRMOBJMBS44fMo7lvsp54jWOWO8yY-xX4_piBe00B1xZMUjE&cry=1&dbm_d=AKAmf-B7rXalFQMyNiRhN1KQ67KqMMfjNb7gWsqfpGf4jNuiVwHAlvpRBnzpr6oh5szLHSd_LKcdZFBnHnWF4Q5Yo8-JLX51kh0iUsj7HUCwrN3oJDsD6s5oe4i_5R_nFkd_S0Pe5imql53p9cpDznrC8Wef48nv5WKF32veUX2f2T1pZLFAlwL1_h9QuViDr7iAW_XSp9DtTEDr5Gb3QHmEJOk5p0KeN5VAEuyLlJltM00LHvJSB07nlGTAre1f-tTkKkgA9Td7CulnuwQs1AXiuhNCrljel7Kc4oFl_FtE-S0JjffiLllv_cTevloRrJ32FUerRdWkaVvM5XYxFAFjBAr0_AVoWLL4ZFqMybW7WKuUr--xgB3Ar2tEem6JvE1o8DXQVnVxXRv7eXUs-a6-5NS_e966wGdR1PLUr1vp6NyloQsYaHEQOjdzm5eybxbgcJOub5U1klJWvc9lFQvfokWtOL6EBLQXPNXcEqI1z-_l1a4KfMgfOT3m6sy3NdFfZQ80Kjl6cvvM3pirS8_GneyQN_W5p7olmPSFVXJktiryD1ADSrzMypry7i_TwxF2P0ZnGjJSM6OocM3seyIUZ_YZZHhe8lRSp4Mv8d6c-e_k5GuWF0zQuU2QSR3YDT98XlcZwHOq46dpat5zywC5AYNolD0_QOx3g47QapLbOCWMLXjsIOHjevTa_FUxyvtUyT3_RsXBPBcYgvqsWmT3Q1hLBLaC-IYVwPQQJQu1BFnk3OAJ7sR9q2RBDeYj93aQ3cCHsK4yMoFJsba7XQPgHf41Tx99svn3qzzAj6TVZTipdLMq9J4gsmhRqLGnZQIGyV65bNDOX-xMs1Zmhzq_GGGRSdSOkiE5uVVcUQwTCg1zjQurf2Po2pIEcE7D22Y66wBTIVlAtYsakOzWsA7CtciUgXSavfLalt2ExL21ud2yMZMqcW66VlmYkuPdF-bXKf_mad7fXiVJ9EQRWeNSL-8RSpCUyJX-Ay2PX1_uzi4I87G6-DyrOt1LxIXMkjgVf-l5DVknomq4xJn3VMzFsqql9WxPMmTlf6pg-cFXl9U_uhB5U2482JTPplJ8rACVbN0q2Wpu0X5MI0DGkQtZC5rJCvIc0fIK1qnDISKUeTZgP48U1ZyVdQPv00qFZimrtyq3tyi5kPCRiKZCWRW0GGoBv-br4QOWvLUxUUZTjRVCeFUezuntG3c_lFlglmgnZ-K8d9erB6_N5C3W5R3ir9b5_S6lKgVZPjhXgOCqRkZ9V1jiMUdjH2zOMBz8n8JCATeqpBa9oiARfm37y_yCYZWY4EjDPD-J_S3UueRrl5bM4EUoSb8DTHwzc5_F72AjVU-Wmm5NDWAluxwcR7mNikHUpSaxRc0jSKtoCdg42z5C7B65Udg-GstPORZaaPkZomFX92Nj_Py4s124xi-_8SLiAptymaXxWenlJE14_rGbOL3ZN6TAgrizGjcvpmIoW2GnHlOYM7hrjf8K7GDO7XeOTwIaoqYweUxzRUwJB9it11s6m9Ri_cVaiC9cWslgNhjWptvsL2VI6VDlVYwJ6nkmnwtojNaINpLE9-LviT0y_i3F4NQIqIQ27TmAv4U-fpn01iJ-4ZXaSTv5lGAXgTgvybc0iVTr2Lfm6vpsPORRVQbX4-Y4f8_CypcuLdbFFxH2PzsHLty4-I6kLlM2-q-uWOSh7haQr9V8GQKdM0pwcOjc4Cx5YqLr6kjE7Eve5_jTjIIA5Y8ZTPm1eQG8nVCIrIt_0t2bC8l_vudX5lwkl8bM1tr3VV09IslpyO9G_4UvVKOgWp6TesqAfaS7fm7ZPcFQ18hymTuP3SL8UBE535Uds92uKQoaP50E1YdIkHI83YvcatMdr3pUeZm8werRzkp3tK_GCpSgY3n4UEtm2XYzJhupGWAxscz9FFLD0NgsniRZmITZqPjlLB-WxnHp6nkOoe8x4uW5gK-09nDYQ6d6comwr9w4ZtwWXa-1xnHSH5wF7jJO8GvHiI_NmowZw2TcgLnIYAxcW4T_Tm5fIXqtpsxhTc4cup1UySsVkj1q-irum9ZOn-LILgumlq0GWgWiBrDV6dBzT3tlTnxZYGtMtbilnsl3_kJ4TLuOTT7xlTgNdsn03d9ytbFpSgMR6RQnoNYN3RS7Tz_hHbqWv5SKOmUfXo0WkhbmYThxqhJ2w6TpZ0JE9ZoOAUcnTEfugcTa0CSA-Pd7-j4ngSPu8I7IYtt8zOgs8vAKIuYc9CXTIV62xzAmC7nzu9-jF82Le5QlhpdhrzN8c0RakbuV7Tsclp1VdqYE7G8fNKr14bdyMjxAbjyrdLgK7xj947WJPuAvw88BUGRz1kEEgFPir_2dWIMD9XC-ib26s20MVr1uvT-pP-FHuVoor_u6rZcWx87IqTUIsynVGBHQIiiiTx86LVfdVetSK0U5aZ3NYA9fPVPkvNeweeRG9xoX9lijN5N2ut3JUq8N2ITcxSxLBZrm0t7huP2LG6DYIbWKa6DxK3TCpOjxhDYef1Ti4COLcoWwEqPHd-gHoQQe0gVWIkjMj6PC9PogEg3Az8Es16ubNp6uw4ECxGzNNyjAeHs37SpaNktpvWE9lUyEmya04YRoaxfv3WUv7WAewQ68b5AJtAKLQOL5JYqpGzGiMgfPfKOHc4rZEGbaOpxkXyDZFD40a9UnBKdlCe7AqMYSs8DBhZKqCLsw1okx3bi_F57x5usUVoPttwUnUVEyNRA8YseBrDqeeurzoiSz0x0sB2_BHjUjxjW0mFuzoM9rsPVYWNwOPbe6H4nNSN3TCeAEL_BV242cWH_vm14yx4Sg5qO4Ve63opGKybkLKdqrj61HaK7CBi0CDbxgbkIdJ4kTpcU83UA&cid=CAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgEw&rfl=1%2Chttps%253A%252F%252Fpelotainvernal.com%252F%240
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90f1fa22f89b5123a739a8c8cf26704336b15b6d14f06eec84e763aca31198d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11263
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2052 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjkmBznCnc7PJTFFMs0oWb6u4mxdt0YWFUr2IVPrGOWdTFIF0rXJ6M1aHbg03gP0nTBxTQg7CTFPUT9eAP03Ad4PV7Hsp-6q0DPs8Rlp6P5VfwdL8
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1014661/62144022/xbbe/creative/ Frame 2052 		248 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1014661/62144022/xbbe/creative/adj?p=APEucNVsvVz9eEDWldUZydTk3vYU7YjQeMf6hB1O_5BRnQL7RayN2KE&d=CokBAKAmf-Cm6P1IkIQhzXm-3qcAk5VPBJLwtLYZH61TMMG9FVnY-ob6aYUd_wV7Cco1LJ-BBjU4xkhVXgEg_eztzAz0B4UTi2JuPHSGF_DXWQSAm6WHtZU9nOdyOg0MPyOKbjiBM6_5kJEpcqVGYrHOl2KHkxXsY-isaFkQip_E6hV4Cyt12mC7dcoSuRMAoCZ_4P9y61Y0lXA3H6GkBiQRGiSdZmiO1fbBSwXzAj1XD545pURSxRUXOqELoLYViYjNalgk9Sj5H7PfC0Ucl8nm63ZVUX7dw3xsY3YEyypFmKffR97r3SkI8XohcaVsvtY4CZr4GmRXxc-yQrZS6ShPUoR1gkbv9j7cvGrvoSBpWT5yqMwU-wAvwxEhu9hh6bTE5wRcwFxH7sp-o9qEx-U4TO1A_SX7njw2nFE6VIR2KgR0zSqI79rCdBrvki11ZdqEqv6y9YXg6OWB8rnyOSw-6xMj1yzm5rSbKzS88dZRHxQwZxQcltlUCPO7w2RkS5v8sTsdgSlNr5XUNxpnmKax23rZQ4XJqSoZevPK0lGjQoRK5hM7n5M0DN8FiXZsNhZTYRZhKYwt0RL9TTqNDvavY5oNrAizBNBq7m-_m_Ze5j_aXJB73Eqq3vp2E_f7QNvOGPvt4ka_LHCzpS4qFb7G8f9CIxiBumRYnf9WFTad7WwQony7l0mBEip_cfumAdwRdVUAWqGX0HsfTf45uEG6ysq_VIRu2-JJUSKsX0LwPOfJXScrME7iRbpkKrGi3Fns8bplYflCHhU6QV9xknPUj6lQREb6dg5GldfeB67nY7oBf2Ns7vfo1eyXnVK8Q49iZz4HAGKRCCOnvbpezBnXJsKyQi2mGy1ARtwK_nTdG7LzvGcEN29V8k3zrOiP5Pbqey5v5TfO7Sc6en_wsIuip97SlKAatnJ3VLKu9no2cyDnCUnC9TuntlYdGR4snxH6Y5IpXPkFy8JOiG1XrCNULJoPo7dCeP7wBmwED54aoGSd84_j3iaS2ciWpKnl6wclzSo1N7U8kykVtx1_cpIyBr0xxxxhj8vjz_o7TFKnXbVjCXEFGOATGDDi6oXj7u9IRDXgs2OawVE1RVdrZRXutpB-MSz-_ACh4JRWVL1PHN8KOh3FcqOWjNhqBE0GGw5EGLXNP_mr1y8r5DvziAPifHGutz18qSqPjIEWxY8pJXdDGr-D4HY64jWINsV7q11acyhlXoiNVrgSDwGKZYC1J5kfNt8p0ZrfpSTtsfVdoLcuXtgTchvO4Zh7tCeCoyG-aHuHLNbAg2W53I6A81fk89jdlr5wrR_w5QkYS_rzQuentzyfeC3Rw7NhMbHET_cl7GZz17zybylSuFUsn3GHOD1f-FbfChGNG7i0OpctKhJiavyAROsbVLh9kwb5v9DWXFy_MsOXFauZdqSIgdYOSCTN4C0yEG-Ng3TvsqXRcciaToUJ1B1RgxJZLunr8UHTrK_8VujsRi6UWTVh7Y_uYsfyx-D3bp88J6geG-1W3a0hPH3Q6GY1nRl9qXPiUiaH5kce05Ge_AS7tV8AP7EOl2SOcy9tlPooGsLyUiwV-D1OJ2a94YP8WT4qlYaPbTknCiRlMt56RYuN2KDttuKKiiVBHw334rtwLKukHE8NlVo5azjd0mKNw5tZjMKmbueae-ueHE_FhSb0QPjz2v6vJyg7qO20lDyXwKoZDVINQxvoYatUpcDKiJK7hc43Fuc52VClYLf-8qKMdnhoA8oBZffCPqVyhk_3z_YPgYLWQbA43mmIakkUal1PLI6INghOAiuw4fH4zDuKQVB38AzkxqgaQO_9fgc3z7wdUIWRqMutPddQ9qZ_dUL6VYLX8LbHc_VKCOG1UW6bnc151oUpL1e7TwS4AbdNXdJcJCFTXwtVjgUgMQIm4ed6Kd7v5i2ikjj2ASExpEL2rfvv6-w4v_TsjDB3sK1oWurcahZycEq9685qXsPS660L9MEM3iGDE4l3_lyvBUZUJAHx_GY_9t6hg8F6iemfQoyYCluiRHgk94OLA_9MAEqyBwyrVfdiaFtsoaQ4eeQU6k2AWP8u8MJbytQk57S4TmaTa9X9ZoKPybtDuWuPyJjVGFKYWn-bi7DhHXkzVR5Z7gCnmSxXfQcBHKYtfwEQz1Wu_tdvDhu_WFl5o7Dk8Md8iidYTcifiQWLIr47Csp0omVVsMn1uRMMdlfaQJ1G5nnv2cQXYmxxZg2RFKZX4vMUS1HBHVRsdwIVqRauzhGAR6mfodPOPm60HSXvEgQ_AtxI5YUJHcZM-pYJ1eae5zVhXviF9R70b3R0Llg_NvYA_HNxMDJ8XMIaxnwKkLWO3CbrCUy3OnOnZqxYBP2Hmg9udQCQ7Gjkq-riw-SXkKEQWqKvP-31QHPlNRVg2EXZPjmyinXB5TVKuRqbHzBXwFBxH11DohhfOFFMeNDQOEWg9VRGfkXAX1-CXdpsRDrRyWZnQ4U2o8CYKd_paTjLEWnRnV0DCPKmk4QhTWfb6ARwnGnJpylB2bOfPH1RBKNoRbD68te-ML5cjCVhKBfoD8udRA3inRCz-5ris6K4lZlPxJN4vmOPZEAVAywVY1kWtUTgnEoAduV-80uKgo7MOC7OctlHbPf0hw3jI0sLlzqlNxSNcXhPzq85MGQtv0WdtAQueogZTm0KaqEFXU46xdV6poNsxU4CNfPVC9gIBb74SyT1PaYtNW0nu6F3a7yiJN644ao1Ccs0nDEkGPvDlSYHKkSBT9z-e1DlDopquAZ8T8n_xbltJnt0OXKU8XQ3Gbub1c4RQ8kqHqlJ-j-VQiaQs9CqsuzaoealIflBp-YlCfjpYnA3SCSShd2VvENu0wIkTn_gRjcuUU_56XAcwI1xHjsXjdh-Ad5tqqmxHhoc4jnUpihwzjGlHDz2X02sNCu1QmA5FveXEwcjTPfG3HuHQKaeUaZjIHrl3O1i3Hdm8fKVo1MmkgkpWcAQ-r-yeXQHy7B9ntwjm0q3iDZZqHVzTmGDdWHD1vnJSpEioc508OkGpThOlqhBdpovZTheP4I6szzoTLpyZQVrDCgvaPFPjR3Q3SLpl0CpIOu1JOA-n3AfE-JIWVfgMhsC9evm8SNhBU7zgXBY-biWuk76lbbPYPHtqVnb88Ef_RleZhfDDR2mCZkBkeQbB3YVrmsEYBDuabO3UN_VD8jEDuiQZruGJEsba1l2tg7fj7PFH6D-k1p0j0jN5PvFpoAGh9CF91rvmdI2a2A_HPV2rTAvHFehuMZ2THbKeE0rDQXBU9dBymbSBTW0YFNCJt_K_R_pSxWqAKvkW1QieN-Fas2hA1zyxEWXSBfjYdS_RVs-o03BmyDtatnCA5xJ4-BZNBI_Uw9HQFdHi99tHQE5dd4BvxrKgGcgSLEuy7_PUtZgYc5b2N_P00C8D2w1x_-NJ6myO2P5zHZHzHD-CH-Qo2Qjf3GQwqzMFs3LxcCcYh0bjF1ROSIJ5PjL-cQayHuTzSJzf2hY98vlrIm6WW2R6hpDCAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgE2AB&ias_dspID=3&ias_campId=28377781&ias_pubId=pub-7872228587460333&ias_chanId=1&ias_placementId=17661916541&bidurl=https://pelotainvernal.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jcwAABZPREP4vDuzyqdFvm
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.30.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-30-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a7e7b102e7009762d3eafc4193a6691ff09d3ca75a24885ba4f60c747f2a7c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2052 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:48:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
69172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 12:48:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2052 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
53726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 17:06:09 GMT
l
www.google.com/ads/measurement/ Frame 2052 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQX0U2_ruZv8PEt3uPq8_dmN2XmhVLTKB7YpOO93oDqrEFCjk1ST5v1YbP_jsAG3DeXMDDCVMpdoWvHJOr5acUfuhzroA
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2052 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 08:01:35 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 2052 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
53726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 17:06:09 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5769 		640 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYsa6jzAEwAQ&v=APEucNXmJqomK3B3AUOmaqdO8bRfoRKifbhI-whYSlZJi3v8jPnn0LRDaWJ5Q-w9xpATbro1bP8p7pGJfR8aQhLRANrsJm0wqbCSPQn0wSNMR0KZyzXQf1qsyj3G8NbiV_PqEZXgUwm4qZUEsFgFiqlyGpLeWDZ6QMc6CPSq4Viiys88wYIhWAQ
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:35 GMT
expires
Thu, 15 Dec 2022 08:01:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 15C1 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlADOMavEhFk3PIFqtDBHyRtEh_Y2Yh91JGG1PpBjpiJQcvKE_7jjcOW5uVF9RfnVrC0mDZMzCHpgWI7QYKJVRuqo6f6dboRvpdhvE2M42kRsYL1HFVzYVBWCbffvoqbiq9AQtl6Nj7dymQ9p_AKF5ckrlRNeqbpMaHQYAA3qS3l41XWs&dbm_d=AKAmf-BBEvZ1l6oUQVZkvfd9UtcO9EXxIGOHg8f-yIW-sJY1-t8GUW-z4lBbIKGtbqmctpsxk1Z1dsu4d2zclcnLKbs98KIWi92_KLBUDtRFtra32ti5a2O3QKU71phapRW0d0X8XctUPwoAPwXGA7Ns5Y4v3RMmCpeSRI4uGxH2-UhyecDJT7G3CFkswZxmrSkZC6u9FeQ0pOSTodlwC3AgfrNcM-ed8LAKbjZTmzmVvA_33TrKxrvYv8vWxWNWBue5SKQ3mCJhxVWtLWBJVG9BcNMBQMEtvWc7fQfn0MNRWBbYUR6xzHh0NNGw9cSxaN4q3JFC4MhRiaXq-I3WuWwRoqwcWXVcSMIgCCdDQhf5VYiZzHoE1R60g7_sZ6kqCWjYW_CAPOOD0SzaIGNWlsWW7IH6Av6J_Qzsc23lrdGCtE9DhFzsUeFS-eWj1xz7e1atgk2gNxiBXV41WOwX04fO5EWcwMhqMDZRd2NDab5EN6qEZeqTVA8WcSW_7rNo-2CforJtnG5ULu_A_9dZx2hd9eKkeOMIijTI7LKkxyNMQfYMOgagVt5WO7tWecC0GI2nUtLXuWJ1OEPt5IYizuyHCJOglQmxEYtTWcGB4QQiDWUO0yaAFvGp-OASYoC9jgzoMK_YNGPnIDff0oXmde3AsB22PLYW6chCfzu2t0Sv-BLJEDy2GuGd7uZepHlFK6DQoCMAKV7rsAfU-8vAl3qfIpeSRuMpeAbg-EpuuasL8vcFXgVQNup1rEvwRhP_LpISoy_7rcBkVhC65kg53ClqZnAtjvUFyLs_HxtZFAd8OdrX256veCT4hLMRCtvekKJqdibHD10GJT9xcvd9xoHErxJJvspjNjutyZL2X8EIc45fu8aoQmoM1UlHmxotO-kNDZcXzUhrvgrEKXDVdTpn2Ro-LAAOvmOZqxuhrHpu5ZkrHipCrwyvVvzqDBJhEtSJiMDrTPxlCP7XycYHcNS_ZkQoYFbwok2eQuaRtbZ6wVx8u_l4foVcLmcjEN0tcJZKgwtD_fE3IL6pBJaZYHeoI1Yd8mg3R-DoqzYXetKZkuiFkvXwBngW12IhkHRbLoGOeGzEPAG3rzhjJFjwmoakW9UmGNxa-ajsgjtnV4MwxOF-c6dLIE69QXLA7pvcIh0KPsodix0waStVAV66UuLJYZ3_OJmUrzhSDKI6qXh1nI97ja9unMhGhBGXYszFUww_0S8s7HuuJo3mbDm0CKA7xQSnYi5yLrDTQ1klaJQa7XsTe2yKGTC-OESsk7OPAJKN3SvQPCgJlo1C2E0ZVr19Oh46IeAQBuOQAZV2sfXItEpPXD6nd3WgHlAwUKhdUPpEQuRcMOY2gPMnaCW8mAF6tggUq-r0wzfJ_tIpY7LBXD_3iINK2Am_bXbP6Gtz6WYwi91ubMpA-f2HRjy-jsuPyyhjQlCTl2GYohoN4QIy5Qu0QAmUZU1En3IUXetZdnpjZ0_9Gdg2WKhupChpOEpMR07_QKwnchdVL9IfeR34HR5rfYHIS0dsnm15Ui-U37kDr48vbUwoIyy4Vv2phHLkyYNRHRkOSLQvACxWBrSnel1JrfBYRpJcH4xU33BrUdWNomJA7LyrYhcZM-cOtmuY96HWLwi-KJ1iOBfoGxM3qfCLHwiu19hPRGSoXAXA2hlHKZw2_Vpo1NDJTY6nkd1866Qvsv8-9ijjm4XpqEugKMj7IvbxS3xgSshYv6-lAuCUj_D6cjIFx7rX8mykIJ_5BdMOVEMg897FmcTLsfUbYfxyhlPSO9vPmTrGJygbRwrESkoCfbEGalxMIzmkp_gLHB_6eKv6wfY-SveuTDdRbzMhlaPshjpa11wP7ayHMMHxm2aSya0KJwxileOx2mN4_OQjjFrpKqb1CsivoZn7cwjIqkgZ_KQi1eELtIAvB2ZE53YrRrIqt6pw1tksv4a8GInAYtdSBm2KMkHuUr8kmuT2gG5V4LCP6KdfUegU9-j00GsTj5wNyRMpDv6DYEZiyezVMZ6bKBlpgkJjGBjdxhcDKYgv28FjLLKY5Iw5NtbfaKcOhXVSBrtnZKUDDQBUcox6uauhqCDW8CiWP_ZrMlDG_8HmeCQyeiNPFJaNGRlZdLqvNE2Z_CXNP5DrKOak-jhzleS60mG4_YSWKlNCGYcqUdiSngbwZ7U1_C7MYf9uR39NF6bwrshqMAivHLjn6noJ7GQzI1p8sj42wrCyI8mnewvrPrQ6UMPApz4EjZI2Ymq0-gxdySmASdHMZVEzXpnHgG1bDiGUGqDyHEUMiGbFm9sO9MXKPRk2qQygndR8Cqp96bW4fmkBCELQaKU5WZLxxVQ3IXAzXP4nFu2blTSQtBR7F_TwPc-xURWyRV6NU0jVRa952_5OuYMfrtdla8v8kyr8keOVWGVPC2P1DrZq9Ty83S3pyCHeSJXl2ep4bozT3OWKEsKn1L8-ps07mq9LdHnVPgrBE6xvvOqH0En1Ys2RV68zoHTfLWqmHtPBv-gyFey2BthRejx3uGbbulcxp1RQs2_RVfb94RQIUq4kMsKcgBPzFCADXttSbcKqBSss8z3slD3sJ6HTRr6SXzDa4Z4u9hvBkarguN4G6j-zP445YhgHxPqrJ8ncJniGewR7SvMR5RAGelq9A7YCWcwOJ8nFfT0r0I3f02cGKdKL9TB7QOJbjXck6VPErkcmReUwhGJG9-A9XSKaGNPZMozKYo7u3Ceeimu2N4JO_sZERT8wkofL0_8m8kPB-BR9kKjLv-qTvokPUTXsVMRmjH9Ja8sn6RE9jXPSVgHtS1oVX7V1HVLLgW0Ni0UBXHroW8_XBcCWOWLro797auxQB6F2MPmGi_Q3s51UZGsOSsy76qzs0Kmp9gebX2a9Blm3lSDwDc3X0jE6tC51oNEsvEoxkKZD-IlatY_jd9HvLx7jLV6z8ASSPcZYN_luC1hNa7waGeMC6sdsepiKnvZVks4-iPr7cuKyLWhhOjD2-zG2NqWqvb8r26FiuuMXyaQ-s4I5PJvwUxWXcALcSMxTeCd0Dl_ot42ZnuDFW-xNOUiS9TRSUfYiD573D1s7iLox0IM4_MTvuEGqwvjItk3r4zsdGvwTYHjFGpsdsxOUt08EjCe7eqi5pqxcDsAX7-RhbGQJzzemAziEqr0d__Dz_2GecHAa9NxjLJ5kYuX-DTxb3ludI4ZTGFcoEGAb2Zw-x-pnQ_j0SZls5bo0cRW-YadX0T9ZI78-1TNmzR6NJwMycEvyeqKIFQuhnFb6mrcyVH5eNlj3e2uxNJMQfegs68G_xOzNDV7wM4upGeKFv3VL0NG_2U-VviVB9y-tEj63I_X0wVZu47hnOsRFGa1AfGF2ooe0UZwmNzEO6UgcOTddPc5-itpMqL556vR9leDCfIEkXtQBFFs2B413MWnelgTUvrK-RMIO5keYu7dHK0JOY9ACPgrpjvEFTBYBS3eUUbFH53eRYpa7OnOS8HmVuBSn664SJjB0E_jqjvbxqhQExWK3zVw&cid=CAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgEw&rfl=1%2Chttps%253A%252F%252Fpelotainvernal.com%252F%240
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0cf08faf3e89ddb99b1d80f39c9e51b4a227959c76e8f98a57ffd52ee2d2b3f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38243
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 15C1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A9bkz80wlvW6uN8SiWS2TBncYsQ_HbBbJ_EtuoXy8eehaFVED9Stmr-rYzDUAGR_aA46w9i-24RJqBKZH-fUfBd8hiw1u64G_g99QZ94hwencS6lQ
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 15C1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:48:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
69172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 12:48:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 15C1 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
53726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 17:06:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 15C1 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 08:01:35 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 15C1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
53726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 17:06:09 GMT
syncframe
gum.criteo.com/ Frame 7231 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pelotainvernal.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:35 GMT
server
Kestrel
server-processing-duration-in-ticks
415880
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rum
dsum-sec.casalemedia.com/ Frame A43B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKqPnEw-32BPmA8lTq0xhE&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKqPnEw-32BPmA8lTq0xhE&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKqPnEw-32BPmA8lTq0xhE&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARi09-zHATAB&v=APEucNVWaAiszDC18XG1hxBnfnze6VVbu7cxnWGJHodZfqUuDbBjVCqbKbv9jQfUVsMv3L0os3p7gYJOLZsdvTsCIGa97Suecj6oUhSQG-dI9nstHe9yppLOeF7k4RYtBl1HO8_f7Cm5wtp4TWRXVy2kXPP4AB2ilh_HdXG7qrf8F-mekUBgVDw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEEKqPnEw-32BPmA8lTq0xhE&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame A43B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5rUX40.tHOdKK.xH.IX6wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKqPnEw-32BPmA8lTq0xhE&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKqPnEw-32BPmA8lTq0xhE&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARi09-zHATAB&v=APEucNVWaAiszDC18XG1hxBnfnze6VVbu7cxnWGJHodZfqUuDbBjVCqbKbv9jQfUVsMv3L0os3p7gYJOLZsdvTsCIGa97Suecj6oUhSQG-dI9nstHe9yppLOeF7k4RYtBl1HO8_f7Cm5wtp4TWRXVy2kXPP4AB2ilh_HdXG7qrf8F-mekUBgVDw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKqPnEw-32BPmA8lTq0xhE&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A43B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOdsz4aJ5FW7fCyveprudRI&google_cver=1
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOdsz4aJ5FW7fCyveprudRI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARi09-zHATAB&v=APEucNVWaAiszDC18XG1hxBnfnze6VVbu7cxnWGJHodZfqUuDbBjVCqbKbv9jQfUVsMv3L0os3p7gYJOLZsdvTsCIGa97Suecj6oUhSQG-dI9nstHe9yppLOeF7k4RYtBl1HO8_f7Cm5wtp4TWRXVy2kXPP4AB2ilh_HdXG7qrf8F-mekUBgVDw
Protocol
HTTP/1.1
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:35 GMT
AN-X-Request-Uuid
e1422288-5584-4f85-a43d-5cba25ab6ad8
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOdsz4aJ5FW7fCyveprudRI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A43B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcxMTY5MDQ1Nzk3MTkyNjM0OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcxMTY5MDQ1Nzk3MTkyNjM0OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARi09-zHATAB&v=APEucNVWaAiszDC18XG1hxBnfnze6VVbu7cxnWGJHodZfqUuDbBjVCqbKbv9jQfUVsMv3L0os3p7gYJOLZsdvTsCIGa97Suecj6oUhSQG-dI9nstHe9yppLOeF7k4RYtBl1HO8_f7Cm5wtp4TWRXVy2kXPP4AB2ilh_HdXG7qrf8F-mekUBgVDw
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:35 GMT
AN-X-Request-Uuid
8aa867d2-3d0c-41d4-9448-ea0ed29f7bd9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcxMTY5MDQ1Nzk3MTkyNjM0OQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0ca0088f668b7754bb38e0e6829e45598a63a21698c032eaa60ace0b54c4ba7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52347
x-xss-protection
0
server
cafe
etag
8545318325269897218
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 08:01:35 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2052 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-a0CG5fzyNNxhtia1tDg-ZUgR5-B3fvIzMyUPPAiVo5GcW030mG7luCsPdkgxKXYUl1S4PYq3Mis59z5vxOO30TCztzWV6upCwTAAeXaytUDj_yTgy4iY9RKo23VRuEVJRMOBJMBS44fMo7lvsp54jWOWO8yY-xX4_piBe00B1xZMUjE&cry=1&dbm_d=AKAmf-B7rXalFQMyNiRhN1KQ67KqMMfjNb7gWsqfpGf4jNuiVwHAlvpRBnzpr6oh5szLHSd_LKcdZFBnHnWF4Q5Yo8-JLX51kh0iUsj7HUCwrN3oJDsD6s5oe4i_5R_nFkd_S0Pe5imql53p9cpDznrC8Wef48nv5WKF32veUX2f2T1pZLFAlwL1_h9QuViDr7iAW_XSp9DtTEDr5Gb3QHmEJOk5p0KeN5VAEuyLlJltM00LHvJSB07nlGTAre1f-tTkKkgA9Td7CulnuwQs1AXiuhNCrljel7Kc4oFl_FtE-S0JjffiLllv_cTevloRrJ32FUerRdWkaVvM5XYxFAFjBAr0_AVoWLL4ZFqMybW7WKuUr--xgB3Ar2tEem6JvE1o8DXQVnVxXRv7eXUs-a6-5NS_e966wGdR1PLUr1vp6NyloQsYaHEQOjdzm5eybxbgcJOub5U1klJWvc9lFQvfokWtOL6EBLQXPNXcEqI1z-_l1a4KfMgfOT3m6sy3NdFfZQ80Kjl6cvvM3pirS8_GneyQN_W5p7olmPSFVXJktiryD1ADSrzMypry7i_TwxF2P0ZnGjJSM6OocM3seyIUZ_YZZHhe8lRSp4Mv8d6c-e_k5GuWF0zQuU2QSR3YDT98XlcZwHOq46dpat5zywC5AYNolD0_QOx3g47QapLbOCWMLXjsIOHjevTa_FUxyvtUyT3_RsXBPBcYgvqsWmT3Q1hLBLaC-IYVwPQQJQu1BFnk3OAJ7sR9q2RBDeYj93aQ3cCHsK4yMoFJsba7XQPgHf41Tx99svn3qzzAj6TVZTipdLMq9J4gsmhRqLGnZQIGyV65bNDOX-xMs1Zmhzq_GGGRSdSOkiE5uVVcUQwTCg1zjQurf2Po2pIEcE7D22Y66wBTIVlAtYsakOzWsA7CtciUgXSavfLalt2ExL21ud2yMZMqcW66VlmYkuPdF-bXKf_mad7fXiVJ9EQRWeNSL-8RSpCUyJX-Ay2PX1_uzi4I87G6-DyrOt1LxIXMkjgVf-l5DVknomq4xJn3VMzFsqql9WxPMmTlf6pg-cFXl9U_uhB5U2482JTPplJ8rACVbN0q2Wpu0X5MI0DGkQtZC5rJCvIc0fIK1qnDISKUeTZgP48U1ZyVdQPv00qFZimrtyq3tyi5kPCRiKZCWRW0GGoBv-br4QOWvLUxUUZTjRVCeFUezuntG3c_lFlglmgnZ-K8d9erB6_N5C3W5R3ir9b5_S6lKgVZPjhXgOCqRkZ9V1jiMUdjH2zOMBz8n8JCATeqpBa9oiARfm37y_yCYZWY4EjDPD-J_S3UueRrl5bM4EUoSb8DTHwzc5_F72AjVU-Wmm5NDWAluxwcR7mNikHUpSaxRc0jSKtoCdg42z5C7B65Udg-GstPORZaaPkZomFX92Nj_Py4s124xi-_8SLiAptymaXxWenlJE14_rGbOL3ZN6TAgrizGjcvpmIoW2GnHlOYM7hrjf8K7GDO7XeOTwIaoqYweUxzRUwJB9it11s6m9Ri_cVaiC9cWslgNhjWptvsL2VI6VDlVYwJ6nkmnwtojNaINpLE9-LviT0y_i3F4NQIqIQ27TmAv4U-fpn01iJ-4ZXaSTv5lGAXgTgvybc0iVTr2Lfm6vpsPORRVQbX4-Y4f8_CypcuLdbFFxH2PzsHLty4-I6kLlM2-q-uWOSh7haQr9V8GQKdM0pwcOjc4Cx5YqLr6kjE7Eve5_jTjIIA5Y8ZTPm1eQG8nVCIrIt_0t2bC8l_vudX5lwkl8bM1tr3VV09IslpyO9G_4UvVKOgWp6TesqAfaS7fm7ZPcFQ18hymTuP3SL8UBE535Uds92uKQoaP50E1YdIkHI83YvcatMdr3pUeZm8werRzkp3tK_GCpSgY3n4UEtm2XYzJhupGWAxscz9FFLD0NgsniRZmITZqPjlLB-WxnHp6nkOoe8x4uW5gK-09nDYQ6d6comwr9w4ZtwWXa-1xnHSH5wF7jJO8GvHiI_NmowZw2TcgLnIYAxcW4T_Tm5fIXqtpsxhTc4cup1UySsVkj1q-irum9ZOn-LILgumlq0GWgWiBrDV6dBzT3tlTnxZYGtMtbilnsl3_kJ4TLuOTT7xlTgNdsn03d9ytbFpSgMR6RQnoNYN3RS7Tz_hHbqWv5SKOmUfXo0WkhbmYThxqhJ2w6TpZ0JE9ZoOAUcnTEfugcTa0CSA-Pd7-j4ngSPu8I7IYtt8zOgs8vAKIuYc9CXTIV62xzAmC7nzu9-jF82Le5QlhpdhrzN8c0RakbuV7Tsclp1VdqYE7G8fNKr14bdyMjxAbjyrdLgK7xj947WJPuAvw88BUGRz1kEEgFPir_2dWIMD9XC-ib26s20MVr1uvT-pP-FHuVoor_u6rZcWx87IqTUIsynVGBHQIiiiTx86LVfdVetSK0U5aZ3NYA9fPVPkvNeweeRG9xoX9lijN5N2ut3JUq8N2ITcxSxLBZrm0t7huP2LG6DYIbWKa6DxK3TCpOjxhDYef1Ti4COLcoWwEqPHd-gHoQQe0gVWIkjMj6PC9PogEg3Az8Es16ubNp6uw4ECxGzNNyjAeHs37SpaNktpvWE9lUyEmya04YRoaxfv3WUv7WAewQ68b5AJtAKLQOL5JYqpGzGiMgfPfKOHc4rZEGbaOpxkXyDZFD40a9UnBKdlCe7AqMYSs8DBhZKqCLsw1okx3bi_F57x5usUVoPttwUnUVEyNRA8YseBrDqeeurzoiSz0x0sB2_BHjUjxjW0mFuzoM9rsPVYWNwOPbe6H4nNSN3TCeAEL_BV242cWH_vm14yx4Sg5qO4Ve63opGKybkLKdqrj61HaK7CBi0CDbxgbkIdJ4kTpcU83UA&cid=CAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgEw&rfl=1%2Chttps%253A%252F%252Fpelotainvernal.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 12:48:30 GMT
sd
us-u.openx.net/w/1.0/ Frame 5769
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxP0nWMSpUs2tbAMiao258&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxP0nWMSpUs2tbAMiao258&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYsa6jzAEwAQ&v=APEucNXmJqomK3B3AUOmaqdO8bRfoRKifbhI-whYSlZJi3v8jPnn0LRDaWJ5Q-w9xpATbro1bP8p7pGJfR8aQhLRANrsJm0wqbCSPQn0wSNMR0KZyzXQf1qsyj3G8NbiV_PqEZXgUwm4qZUEsFgFiqlyGpLeWDZ6QMc6CPSq4Viiys88wYIhWAQ
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxP0nWMSpUs2tbAMiao258&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 5769 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYsa6jzAEwAQ&v=APEucNXmJqomK3B3AUOmaqdO8bRfoRKifbhI-whYSlZJi3v8jPnn0LRDaWJ5Q-w9xpATbro1bP8p7pGJfR8aQhLRANrsJm0wqbCSPQn0wSNMR0KZyzXQf1qsyj3G8NbiV_PqEZXgUwm4qZUEsFgFiqlyGpLeWDZ6QMc6CPSq4Viiys88wYIhWAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 5769
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEJUbMkIDIyVkFYFrQE4ZvjI&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEJUbMkIDIyVkFYFrQE4ZvjI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYsa6jzAEwAQ&v=APEucNXmJqomK3B3AUOmaqdO8bRfoRKifbhI-whYSlZJi3v8jPnn0LRDaWJ5Q-w9xpATbro1bP8p7pGJfR8aQhLRANrsJm0wqbCSPQn0wSNMR0KZyzXQf1qsyj3G8NbiV_PqEZXgUwm4qZUEsFgFiqlyGpLeWDZ6QMc6CPSq4Viiys88wYIhWAQ
Protocol
H2
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 08:01:35 GMT
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEJUbMkIDIyVkFYFrQE4ZvjI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 5769 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYsa6jzAEwAQ&v=APEucNXmJqomK3B3AUOmaqdO8bRfoRKifbhI-whYSlZJi3v8jPnn0LRDaWJ5Q-w9xpATbro1bP8p7pGJfR8aQhLRANrsJm0wqbCSPQn0wSNMR0KZyzXQf1qsyj3G8NbiV_PqEZXgUwm4qZUEsFgFiqlyGpLeWDZ6QMc6CPSq4Viiys88wYIhWAQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 08:01:35 GMT
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
sid
mug.criteo.com/ Frame 7231
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=pelotainvernal.com&sn=ChromeSyncframe&so=3&topUrl=pelotainvernal.com&bundle=Ru6OJV85c0Q0RDU3ZHZuRVZQR2RUaDYlMkJDbUU2NzNncnd6Q2ZkUmZuZU1...
  • https://mug.criteo.com/sid?cpp=UH0IgnxweUtjQ216a0VmcVFLNlEyYkxwUGpmMGJOM3JiMHd0UEhMMWwrTG9Cakk5UWZCSVRYQ3ZqOWcvRWtnZjdxZ1R5VDZ1QWpPZW5DN3ZzL0o0Ynp3NEtva0hQNGsyZzZQdkV1d04rWHRycE4yWFpvamVJYWlmNXI0YW...
449 B
670 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=UH0IgnxweUtjQ216a0VmcVFLNlEyYkxwUGpmMGJOM3JiMHd0UEhMMWwrTG9Cakk5UWZCSVRYQ3ZqOWcvRWtnZjdxZ1R5VDZ1QWpPZW5DN3ZzL0o0Ynp3NEtva0hQNGsyZzZQdkV1d04rWHRycE4yWFpvamVJYWlmNXI0YWFNR1VHVDd4MnQzelNTRVhraFMwaVZIakJWbVA4aDdaUzdHbVFnTVNZL3dBTGp2UEtNMkl1QmNTWFNGUUlNQUk5RlNScjZGdWhXcHNYR2xmT3c2T3g5andvZUhJL05SZTcxY3VnSmlMWW0zUVoxSVNSelh6RkJxeWw1cmxjUXF2T3JiOEZ0cUZqc1lxZDRZZmdWK2cxZmZlbmlJN09ZZHNXbTFqTFFWSUV2YnFqWk9zTjhKTT18&cppv=2
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9ef29f029b9fa395b1b18530bf08a06b3fdc15ba55494244d4aaaa0721399a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2512135
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=UH0IgnxweUtjQ216a0VmcVFLNlEyYkxwUGpmMGJOM3JiMHd0UEhMMWwrTG9Cakk5UWZCSVRYQ3ZqOWcvRWtnZjdxZ1R5VDZ1QWpPZW5DN3ZzL0o0Ynp3NEtva0hQNGsyZzZQdkV1d04rWHRycE4yWFpvamVJYWlmNXI0YWFNR1VHVDd4MnQzelNTRVhraFMwaVZIakJWbVA4aDdaUzdHbVFnTVNZL3dBTGp2UEtNMkl1QmNTWFNGUUlNQUk5RlNScjZGdWhXcHNYR2xmT3c2T3g5andvZUhJL05SZTcxY3VnSmlMWW0zUVoxSVNSelh6RkJxeWw1cmxjUXF2T3JiOEZ0cUZqc1lxZDRZZmdWK2cxZmZlbmlJN09ZZHNXbTFqTFFWSUV2YnFqWk9zTjhKTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
775371
content-length
0
expires
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1034476/65088021/ Frame 15C1 		241 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1034476/65088021/skeleton.js?ias_dspID=3&ias_campId=29064847&ias_pubId=pub-7872228587460333&ias_chanId=1&ias_placementId=17475009973&bidurl=https://pelotainvernal.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hxoKrZE8Vojk_Y66LLRxjF
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.30.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-30-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
74b0cab5322e70317fbb1faa85802ca2c89f76a7bab0b3ea4a174b01912cdb9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 15C1 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
Origin
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:48:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Dec 2022 12:48:31 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 15C1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlADOMavEhFk3PIFqtDBHyRtEh_Y2Yh91JGG1PpBjpiJQcvKE_7jjcOW5uVF9RfnVrC0mDZMzCHpgWI7QYKJVRuqo6f6dboRvpdhvE2M42kRsYL1HFVzYVBWCbffvoqbiq9AQtl6Nj7dymQ9p_AKF5ckrlRNeqbpMaHQYAA3qS3l41XWs&dbm_d=AKAmf-BBEvZ1l6oUQVZkvfd9UtcO9EXxIGOHg8f-yIW-sJY1-t8GUW-z4lBbIKGtbqmctpsxk1Z1dsu4d2zclcnLKbs98KIWi92_KLBUDtRFtra32ti5a2O3QKU71phapRW0d0X8XctUPwoAPwXGA7Ns5Y4v3RMmCpeSRI4uGxH2-UhyecDJT7G3CFkswZxmrSkZC6u9FeQ0pOSTodlwC3AgfrNcM-ed8LAKbjZTmzmVvA_33TrKxrvYv8vWxWNWBue5SKQ3mCJhxVWtLWBJVG9BcNMBQMEtvWc7fQfn0MNRWBbYUR6xzHh0NNGw9cSxaN4q3JFC4MhRiaXq-I3WuWwRoqwcWXVcSMIgCCdDQhf5VYiZzHoE1R60g7_sZ6kqCWjYW_CAPOOD0SzaIGNWlsWW7IH6Av6J_Qzsc23lrdGCtE9DhFzsUeFS-eWj1xz7e1atgk2gNxiBXV41WOwX04fO5EWcwMhqMDZRd2NDab5EN6qEZeqTVA8WcSW_7rNo-2CforJtnG5ULu_A_9dZx2hd9eKkeOMIijTI7LKkxyNMQfYMOgagVt5WO7tWecC0GI2nUtLXuWJ1OEPt5IYizuyHCJOglQmxEYtTWcGB4QQiDWUO0yaAFvGp-OASYoC9jgzoMK_YNGPnIDff0oXmde3AsB22PLYW6chCfzu2t0Sv-BLJEDy2GuGd7uZepHlFK6DQoCMAKV7rsAfU-8vAl3qfIpeSRuMpeAbg-EpuuasL8vcFXgVQNup1rEvwRhP_LpISoy_7rcBkVhC65kg53ClqZnAtjvUFyLs_HxtZFAd8OdrX256veCT4hLMRCtvekKJqdibHD10GJT9xcvd9xoHErxJJvspjNjutyZL2X8EIc45fu8aoQmoM1UlHmxotO-kNDZcXzUhrvgrEKXDVdTpn2Ro-LAAOvmOZqxuhrHpu5ZkrHipCrwyvVvzqDBJhEtSJiMDrTPxlCP7XycYHcNS_ZkQoYFbwok2eQuaRtbZ6wVx8u_l4foVcLmcjEN0tcJZKgwtD_fE3IL6pBJaZYHeoI1Yd8mg3R-DoqzYXetKZkuiFkvXwBngW12IhkHRbLoGOeGzEPAG3rzhjJFjwmoakW9UmGNxa-ajsgjtnV4MwxOF-c6dLIE69QXLA7pvcIh0KPsodix0waStVAV66UuLJYZ3_OJmUrzhSDKI6qXh1nI97ja9unMhGhBGXYszFUww_0S8s7HuuJo3mbDm0CKA7xQSnYi5yLrDTQ1klaJQa7XsTe2yKGTC-OESsk7OPAJKN3SvQPCgJlo1C2E0ZVr19Oh46IeAQBuOQAZV2sfXItEpPXD6nd3WgHlAwUKhdUPpEQuRcMOY2gPMnaCW8mAF6tggUq-r0wzfJ_tIpY7LBXD_3iINK2Am_bXbP6Gtz6WYwi91ubMpA-f2HRjy-jsuPyyhjQlCTl2GYohoN4QIy5Qu0QAmUZU1En3IUXetZdnpjZ0_9Gdg2WKhupChpOEpMR07_QKwnchdVL9IfeR34HR5rfYHIS0dsnm15Ui-U37kDr48vbUwoIyy4Vv2phHLkyYNRHRkOSLQvACxWBrSnel1JrfBYRpJcH4xU33BrUdWNomJA7LyrYhcZM-cOtmuY96HWLwi-KJ1iOBfoGxM3qfCLHwiu19hPRGSoXAXA2hlHKZw2_Vpo1NDJTY6nkd1866Qvsv8-9ijjm4XpqEugKMj7IvbxS3xgSshYv6-lAuCUj_D6cjIFx7rX8mykIJ_5BdMOVEMg897FmcTLsfUbYfxyhlPSO9vPmTrGJygbRwrESkoCfbEGalxMIzmkp_gLHB_6eKv6wfY-SveuTDdRbzMhlaPshjpa11wP7ayHMMHxm2aSya0KJwxileOx2mN4_OQjjFrpKqb1CsivoZn7cwjIqkgZ_KQi1eELtIAvB2ZE53YrRrIqt6pw1tksv4a8GInAYtdSBm2KMkHuUr8kmuT2gG5V4LCP6KdfUegU9-j00GsTj5wNyRMpDv6DYEZiyezVMZ6bKBlpgkJjGBjdxhcDKYgv28FjLLKY5Iw5NtbfaKcOhXVSBrtnZKUDDQBUcox6uauhqCDW8CiWP_ZrMlDG_8HmeCQyeiNPFJaNGRlZdLqvNE2Z_CXNP5DrKOak-jhzleS60mG4_YSWKlNCGYcqUdiSngbwZ7U1_C7MYf9uR39NF6bwrshqMAivHLjn6noJ7GQzI1p8sj42wrCyI8mnewvrPrQ6UMPApz4EjZI2Ymq0-gxdySmASdHMZVEzXpnHgG1bDiGUGqDyHEUMiGbFm9sO9MXKPRk2qQygndR8Cqp96bW4fmkBCELQaKU5WZLxxVQ3IXAzXP4nFu2blTSQtBR7F_TwPc-xURWyRV6NU0jVRa952_5OuYMfrtdla8v8kyr8keOVWGVPC2P1DrZq9Ty83S3pyCHeSJXl2ep4bozT3OWKEsKn1L8-ps07mq9LdHnVPgrBE6xvvOqH0En1Ys2RV68zoHTfLWqmHtPBv-gyFey2BthRejx3uGbbulcxp1RQs2_RVfb94RQIUq4kMsKcgBPzFCADXttSbcKqBSss8z3slD3sJ6HTRr6SXzDa4Z4u9hvBkarguN4G6j-zP445YhgHxPqrJ8ncJniGewR7SvMR5RAGelq9A7YCWcwOJ8nFfT0r0I3f02cGKdKL9TB7QOJbjXck6VPErkcmReUwhGJG9-A9XSKaGNPZMozKYo7u3Ceeimu2N4JO_sZERT8wkofL0_8m8kPB-BR9kKjLv-qTvokPUTXsVMRmjH9Ja8sn6RE9jXPSVgHtS1oVX7V1HVLLgW0Ni0UBXHroW8_XBcCWOWLro797auxQB6F2MPmGi_Q3s51UZGsOSsy76qzs0Kmp9gebX2a9Blm3lSDwDc3X0jE6tC51oNEsvEoxkKZD-IlatY_jd9HvLx7jLV6z8ASSPcZYN_luC1hNa7waGeMC6sdsepiKnvZVks4-iPr7cuKyLWhhOjD2-zG2NqWqvb8r26FiuuMXyaQ-s4I5PJvwUxWXcALcSMxTeCd0Dl_ot42ZnuDFW-xNOUiS9TRSUfYiD573D1s7iLox0IM4_MTvuEGqwvjItk3r4zsdGvwTYHjFGpsdsxOUt08EjCe7eqi5pqxcDsAX7-RhbGQJzzemAziEqr0d__Dz_2GecHAa9NxjLJ5kYuX-DTxb3ludI4ZTGFcoEGAb2Zw-x-pnQ_j0SZls5bo0cRW-YadX0T9ZI78-1TNmzR6NJwMycEvyeqKIFQuhnFb6mrcyVH5eNlj3e2uxNJMQfegs68G_xOzNDV7wM4upGeKFv3VL0NG_2U-VviVB9y-tEj63I_X0wVZu47hnOsRFGa1AfGF2ooe0UZwmNzEO6UgcOTddPc5-itpMqL556vR9leDCfIEkXtQBFFs2B413MWnelgTUvrK-RMIO5keYu7dHK0JOY9ACPgrpjvEFTBYBS3eUUbFH53eRYpa7OnOS8HmVuBSn664SJjB0E_jqjvbxqhQExWK3zVw&cid=CAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgEw&rfl=1%2Chttps%253A%252F%252Fpelotainvernal.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:41:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
69591
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 12:41:44 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 15C1 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlADOMavEhFk3PIFqtDBHyRtEh_Y2Yh91JGG1PpBjpiJQcvKE_7jjcOW5uVF9RfnVrC0mDZMzCHpgWI7QYKJVRuqo6f6dboRvpdhvE2M42kRsYL1HFVzYVBWCbffvoqbiq9AQtl6Nj7dymQ9p_AKF5ckrlRNeqbpMaHQYAA3qS3l41XWs&dbm_d=AKAmf-BBEvZ1l6oUQVZkvfd9UtcO9EXxIGOHg8f-yIW-sJY1-t8GUW-z4lBbIKGtbqmctpsxk1Z1dsu4d2zclcnLKbs98KIWi92_KLBUDtRFtra32ti5a2O3QKU71phapRW0d0X8XctUPwoAPwXGA7Ns5Y4v3RMmCpeSRI4uGxH2-UhyecDJT7G3CFkswZxmrSkZC6u9FeQ0pOSTodlwC3AgfrNcM-ed8LAKbjZTmzmVvA_33TrKxrvYv8vWxWNWBue5SKQ3mCJhxVWtLWBJVG9BcNMBQMEtvWc7fQfn0MNRWBbYUR6xzHh0NNGw9cSxaN4q3JFC4MhRiaXq-I3WuWwRoqwcWXVcSMIgCCdDQhf5VYiZzHoE1R60g7_sZ6kqCWjYW_CAPOOD0SzaIGNWlsWW7IH6Av6J_Qzsc23lrdGCtE9DhFzsUeFS-eWj1xz7e1atgk2gNxiBXV41WOwX04fO5EWcwMhqMDZRd2NDab5EN6qEZeqTVA8WcSW_7rNo-2CforJtnG5ULu_A_9dZx2hd9eKkeOMIijTI7LKkxyNMQfYMOgagVt5WO7tWecC0GI2nUtLXuWJ1OEPt5IYizuyHCJOglQmxEYtTWcGB4QQiDWUO0yaAFvGp-OASYoC9jgzoMK_YNGPnIDff0oXmde3AsB22PLYW6chCfzu2t0Sv-BLJEDy2GuGd7uZepHlFK6DQoCMAKV7rsAfU-8vAl3qfIpeSRuMpeAbg-EpuuasL8vcFXgVQNup1rEvwRhP_LpISoy_7rcBkVhC65kg53ClqZnAtjvUFyLs_HxtZFAd8OdrX256veCT4hLMRCtvekKJqdibHD10GJT9xcvd9xoHErxJJvspjNjutyZL2X8EIc45fu8aoQmoM1UlHmxotO-kNDZcXzUhrvgrEKXDVdTpn2Ro-LAAOvmOZqxuhrHpu5ZkrHipCrwyvVvzqDBJhEtSJiMDrTPxlCP7XycYHcNS_ZkQoYFbwok2eQuaRtbZ6wVx8u_l4foVcLmcjEN0tcJZKgwtD_fE3IL6pBJaZYHeoI1Yd8mg3R-DoqzYXetKZkuiFkvXwBngW12IhkHRbLoGOeGzEPAG3rzhjJFjwmoakW9UmGNxa-ajsgjtnV4MwxOF-c6dLIE69QXLA7pvcIh0KPsodix0waStVAV66UuLJYZ3_OJmUrzhSDKI6qXh1nI97ja9unMhGhBGXYszFUww_0S8s7HuuJo3mbDm0CKA7xQSnYi5yLrDTQ1klaJQa7XsTe2yKGTC-OESsk7OPAJKN3SvQPCgJlo1C2E0ZVr19Oh46IeAQBuOQAZV2sfXItEpPXD6nd3WgHlAwUKhdUPpEQuRcMOY2gPMnaCW8mAF6tggUq-r0wzfJ_tIpY7LBXD_3iINK2Am_bXbP6Gtz6WYwi91ubMpA-f2HRjy-jsuPyyhjQlCTl2GYohoN4QIy5Qu0QAmUZU1En3IUXetZdnpjZ0_9Gdg2WKhupChpOEpMR07_QKwnchdVL9IfeR34HR5rfYHIS0dsnm15Ui-U37kDr48vbUwoIyy4Vv2phHLkyYNRHRkOSLQvACxWBrSnel1JrfBYRpJcH4xU33BrUdWNomJA7LyrYhcZM-cOtmuY96HWLwi-KJ1iOBfoGxM3qfCLHwiu19hPRGSoXAXA2hlHKZw2_Vpo1NDJTY6nkd1866Qvsv8-9ijjm4XpqEugKMj7IvbxS3xgSshYv6-lAuCUj_D6cjIFx7rX8mykIJ_5BdMOVEMg897FmcTLsfUbYfxyhlPSO9vPmTrGJygbRwrESkoCfbEGalxMIzmkp_gLHB_6eKv6wfY-SveuTDdRbzMhlaPshjpa11wP7ayHMMHxm2aSya0KJwxileOx2mN4_OQjjFrpKqb1CsivoZn7cwjIqkgZ_KQi1eELtIAvB2ZE53YrRrIqt6pw1tksv4a8GInAYtdSBm2KMkHuUr8kmuT2gG5V4LCP6KdfUegU9-j00GsTj5wNyRMpDv6DYEZiyezVMZ6bKBlpgkJjGBjdxhcDKYgv28FjLLKY5Iw5NtbfaKcOhXVSBrtnZKUDDQBUcox6uauhqCDW8CiWP_ZrMlDG_8HmeCQyeiNPFJaNGRlZdLqvNE2Z_CXNP5DrKOak-jhzleS60mG4_YSWKlNCGYcqUdiSngbwZ7U1_C7MYf9uR39NF6bwrshqMAivHLjn6noJ7GQzI1p8sj42wrCyI8mnewvrPrQ6UMPApz4EjZI2Ymq0-gxdySmASdHMZVEzXpnHgG1bDiGUGqDyHEUMiGbFm9sO9MXKPRk2qQygndR8Cqp96bW4fmkBCELQaKU5WZLxxVQ3IXAzXP4nFu2blTSQtBR7F_TwPc-xURWyRV6NU0jVRa952_5OuYMfrtdla8v8kyr8keOVWGVPC2P1DrZq9Ty83S3pyCHeSJXl2ep4bozT3OWKEsKn1L8-ps07mq9LdHnVPgrBE6xvvOqH0En1Ys2RV68zoHTfLWqmHtPBv-gyFey2BthRejx3uGbbulcxp1RQs2_RVfb94RQIUq4kMsKcgBPzFCADXttSbcKqBSss8z3slD3sJ6HTRr6SXzDa4Z4u9hvBkarguN4G6j-zP445YhgHxPqrJ8ncJniGewR7SvMR5RAGelq9A7YCWcwOJ8nFfT0r0I3f02cGKdKL9TB7QOJbjXck6VPErkcmReUwhGJG9-A9XSKaGNPZMozKYo7u3Ceeimu2N4JO_sZERT8wkofL0_8m8kPB-BR9kKjLv-qTvokPUTXsVMRmjH9Ja8sn6RE9jXPSVgHtS1oVX7V1HVLLgW0Ni0UBXHroW8_XBcCWOWLro797auxQB6F2MPmGi_Q3s51UZGsOSsy76qzs0Kmp9gebX2a9Blm3lSDwDc3X0jE6tC51oNEsvEoxkKZD-IlatY_jd9HvLx7jLV6z8ASSPcZYN_luC1hNa7waGeMC6sdsepiKnvZVks4-iPr7cuKyLWhhOjD2-zG2NqWqvb8r26FiuuMXyaQ-s4I5PJvwUxWXcALcSMxTeCd0Dl_ot42ZnuDFW-xNOUiS9TRSUfYiD573D1s7iLox0IM4_MTvuEGqwvjItk3r4zsdGvwTYHjFGpsdsxOUt08EjCe7eqi5pqxcDsAX7-RhbGQJzzemAziEqr0d__Dz_2GecHAa9NxjLJ5kYuX-DTxb3ludI4ZTGFcoEGAb2Zw-x-pnQ_j0SZls5bo0cRW-YadX0T9ZI78-1TNmzR6NJwMycEvyeqKIFQuhnFb6mrcyVH5eNlj3e2uxNJMQfegs68G_xOzNDV7wM4upGeKFv3VL0NG_2U-VviVB9y-tEj63I_X0wVZu47hnOsRFGa1AfGF2ooe0UZwmNzEO6UgcOTddPc5-itpMqL556vR9leDCfIEkXtQBFFs2B413MWnelgTUvrK-RMIO5keYu7dHK0JOY9ACPgrpjvEFTBYBS3eUUbFH53eRYpa7OnOS8HmVuBSn664SJjB0E_jqjvbxqhQExWK3zVw&cid=CAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgEw&rfl=1%2Chttps%253A%252F%252Fpelotainvernal.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 09:27:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
81255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 09:27:20 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame ACAE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
155547
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 12:49:08 GMT
expires
Wed, 13 Dec 2023 12:49:08 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 15C1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 12:48:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C1F5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
65775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 13:45:20 GMT
etag
48472445140208031
expires
Thu, 15 Dec 2022 13:45:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 15C1 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2898db6854005fdaa609823600aa9785333c79031d76ee81d6c70f2636729010

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7F4B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
155547
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 12:49:08 GMT
expires
Wed, 13 Dec 2023 12:49:08 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame C1F5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAo6cfTMUJp1KpAsprVnBZQ&google_cver=1&google_push=ASkJ3FbcQYdbfrCXA8TeghKT0jxOt7J89327_e7lVY2a9gZhSFMbkeUFq_8Yp3Q_5U0WzcgVNthHNmX7C_N6cERc...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3RNjmtRfTACgO8DLpZJ0Kw&google_push=ASkJ3FbcQYdbfrCXA8TeghKT0jxOt7J89327_e7lVY2a9gZhSFMbkeUFq_8Yp3Q_5U0WzcgVNthHNmX7C_N6cERcoyU3C62Q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3RNjmtRfTACgO8DLpZJ0Kw&google_push=ASkJ3FbcQYdbfrCXA8TeghKT0jxOt7J89327_e7lVY2a9gZhSFMbkeUFq_8Yp3Q_5U0WzcgVNthHNmX7C_N6cERcoyU3C62QdlpI
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 15 Dec 2022 08:01:35 GMT
Server
MT3 224 5671b77 master zrh-pixel-x27 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3RNjmtRfTACgO8DLpZJ0Kw&google_push=ASkJ3FbcQYdbfrCXA8TeghKT0jxOt7J89327_e7lVY2a9gZhSFMbkeUFq_8Yp3Q_5U0WzcgVNthHNmX7C_N6cERcoyU3C62QdlpI
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 08:01:34 GMT
pixel
cm.g.doubleclick.net/ Frame C1F5
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAfWYdjAgA8K2hhWOFy4jJE&google_cver=1&google_push=ASkJ3FbAOP79k-caEpo4N0zsG7wpF-_PT_DcLcB796UTRzh6Dv3HJ_67ONSc4PtvrDafey1ChPTnR2UfMHy...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbAOP79k-caEpo4N0zsG7wpF-_PT_DcLcB796UTRzh6Dv3HJ_67ONSc4PtvrDafey1ChPTnR2UfMHyM4GjEqWRU9X-vK7AnUg&google_hm=95sRZe7gTKq7S5TUyt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbAOP79k-caEpo4N0zsG7wpF-_PT_DcLcB796UTRzh6Dv3HJ_67ONSc4PtvrDafey1ChPTnR2UfMHyM4GjEqWRU9X-vK7AnUg&google_hm=95sRZe7gTKq7S5TUyt3o7xQ
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbAOP79k-caEpo4N0zsG7wpF-_PT_DcLcB796UTRzh6Dv3HJ_67ONSc4PtvrDafey1ChPTnR2UfMHyM4GjEqWRU9X-vK7AnUg&google_hm=95sRZe7gTKq7S5TUyt3o7xQ
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame C1F5 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEI_1IXXWuYMdxwyskUyCquE&google_cver=1&google_push=ASkJ3FZrddaQrLHz_0ii1_Rt8D_z7PpY3hd07Q4Ni3dQbwSTE81zTW68HUsHOLtGfAUUwaSm7X_jQAeh0Vr1cC0iwEySKX8FIlIJ
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame C1F5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBNPl9XtJRCJsgCJYQS1rx8&google_cver=1&google_push=ASkJ3FYMTmiEa2Gzo3EYLbX6uTMsVG7V7uIWNo_LNWYWCX6yCY5m0PgGHl6sRBEvQiOfFmgOw9lqZGa0c8aj-sADQ3Ma...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=5ced002d-f936-4238-8659-072d97ea7cf1&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYMTmiEa2Gzo3EYLbX6uTMsVG7V7uIWNo_LNWYWCX6yCY5m0PgGHl6sRBEvQiOfFmgOw9lqZGa0c8aj-sADQ3MaJjnvYhLQ&google_hm=mWEUhloXRQOhsKsZgqZbMw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYMTmiEa2Gzo3EYLbX6uTMsVG7V7uIWNo_LNWYWCX6yCY5m0PgGHl6sRBEvQiOfFmgOw9lqZGa0c8aj-sADQ3MaJjnvYhLQ&google_hm=mWEUhloXRQOhsKsZgqZbMw==
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYMTmiEa2Gzo3EYLbX6uTMsVG7V7uIWNo_LNWYWCX6yCY5m0PgGHl6sRBEvQiOfFmgOw9lqZGa0c8aj-sADQ3MaJjnvYhLQ&google_hm=mWEUhloXRQOhsKsZgqZbMw==
date
Thu, 15 Dec 2022 08:01:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame C1F5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGeG5AQqfL3S4CxWyHYkceA&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGeG5AQqfL3S4CxWyHYkceA&google_hm=Y5rUX40-tHOdKK-xH-IX6wAACHcAAAAB&google_nid=index&google_push=ASkJ3FaMn4-fg4T_xuj-ikUGTk0ygW8AUWwoX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGeG5AQqfL3S4CxWyHYkceA&google_hm=Y5rUX40-tHOdKK-xH-IX6wAACHcAAAAB&google_nid=index&google_push=ASkJ3FaMn4-fg4T_xuj-ikUGTk0ygW8AUWwoXibQFOnP4X1najUz9hif8rH4Trv2zXADPVIh3ujuBNO9SUq6VFloOfcoA5HIxKWyRw
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R99SusyissH7M4MgCs7PPwQRNMD89YkuWiauRBXBReRqWqwZLwFYm5RFibpPSbfln2zo6skKjubm9WJIDK6w1PPWKRt2IOTc3ZQrXPNcAViQYiE2shO3Ydtc4MvR2CSyebvWZ2JlZHNjfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGeG5AQqfL3S4CxWyHYkceA&google_hm=Y5rUX40-tHOdKK-xH-IX6wAACHcAAAAB&google_nid=index&google_push=ASkJ3FaMn4-fg4T_xuj-ikUGTk0ygW8AUWwoXibQFOnP4X1najUz9hif8rH4Trv2zXADPVIh3ujuBNO9SUq6VFloOfcoA5HIxKWyRw
cache-control
no-cache
cf-ray
779da6f40f728fe2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
/
onetag-sys.com/match/ Frame C1F5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAxNKcUeX_PYjIeg8ugIQvs&google_cver=1&google_push=ASkJ3FZljO45stj5YaKoynOhyRezsh779CIVrobiJE_t_kf65U02VVwlRR5tOhxQpHXH88aoHvuwCwzwYn_...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZljO45stj5YaKoynOhyRezsh779CIVrobiJE_t_kf65U02VVwlRR5tOhxQpHXH88aoHvuwCwzwYn_ES20jMAMMtaQGpf3izw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame C1F5
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEpBfpf-PWfzeQXmqoeSj3w&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FZsDXnZhXZv6NO4kPhQ_U5yzQbvrX3ouc95HvO4KFWwKWbtU1yHAY7FW0H5lgV2r0rtp_O4aBKJ8GDug4XU3FNtwtIcsu9MAw
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 08:01:35 GMT
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C1F5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6JSc7SoCdmQB-_WW0pLx0OsZ4tAk4MMzhgKtNI8MV3fSmz5xs-PM1MdlmYLQYkloyx3NHEM0
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame ACAE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 06:47:48 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame EB12 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
20052
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 02:27:23 GMT
etag
10353107486223812946
expires
Thu, 29 Dec 2022 02:27:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12067022830250736275/ Frame B56D 		105 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=Cxc9dFEv8F&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c8f795775c551a46218aea6c5aeadbe7c367b8d4860c9471d48f53e7351641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:35 GMT
expires
Fri, 15 Dec 2023 08:01:35 GMT
last-modified
Tue, 07 Jun 2022 13:05:10 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 15C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJhUbLSHBvg5kDOTtHXG-tS0itG2Y5tU3j_I7mPsqzx6_z8m2d46XZ9pCQ0IGFz_--mzVKkIDMpxowQsAmizPw_1VzZnAbyXcx5htvBOWX8QLGbo78c_YebbaW_GbmdIek2FqNHKos3GCyVp0dH_UFwHjW8czHEBwZK7vy4gKqvAOl-1hs1PNnc-VVxdoulW8ttFOHr58me3X7FIQEl9fwGAucOvaX7NrIXXAg5_iwSVSP2Ei-u3DtehuTNxCI9i8q5b_zsUMpcoRMDtFK8elLFd8fk9eOX79ctoT-62AVyOYVnn9K-VVAET0RmKuceoi3oXiiLyGzMmpxTOmi2Av7E8MrlnZy5S5OEoJR8WkKJ_-U2Jiv9Jbgg8tXhJbJnYIFnZSdxC9NpMzS5ubxjDQDYbbgiykiKCG7miVySVPUydiH4Xfz01WEG4lI4Qm08jU8mZORKTgyH6Snl_F89MrrMn2GC6k2rfnY7gs2MUOtGVkM6quW_4Ly62tcO9vg6Qb-o6BuArFo4NwBiCk49qqyIM7PLRaT7kLXxWGl3FCOM0SeyPDHWWSgcOBmISAMDm_VYw14rQ_ALtbLkUEl9TXYZCxs2B9-5bB9-IPDZ6dicinDKO4A5Z9wM_URfgoZxYVzcc1fFq2ytu3q0eHWrRdHaSC4SE-J3bC2hf7df2cfQkbWD0JaIsECS2e-jLiiBLBzAWjZ1kSUfObADJb3tLLGPa3TJGcBuqf_pcg1-dRoaiQcPBV6FSjv2Zx6slAv9pbjZAzjPNAy9E9Dslxuv_JY7FuDpacLNMdHHE5PuoATqiANJdVdW0Qn9m7cMwXoiYyiL0tGi4c2_nyiPYlvQXa6BxCIJ_DuPYe_yRu0GgbCzrN0McgEcWlzbKgGB3F7yCWaK7wKUucOGZeLm4jHKVUiLccAwX4Fvt56FKrnjutTyft_cw5p5F6SRa5FOqQ_HC-vgGgLFxQUbfdetju5W6wo2s1UNimcp3vuqnjmx84ev4XjRa5ix8pH1HfvOxeVgBb-QsPFhFVcLlSfrq4a0ZXWQ3aYvmhmiT3E-QzIsOHCuV4TtKyN7Rz1oJ_hxj-4G6kTyrfgXgDmPwByoJ7zd5BfH76jfLI-5HZ-IwhGxq0FxL_aUD8u-VTlIqSysKGcVbsZhhSwUSSMfPKh4BqTptRG7VdB5EK8rlRcB8oHfK9cTv6xSUzPGagYxCGbvYWIOVuJY_gaA0hzFEurvOJl7wTykqOUtegl_ILXoAKrbPfh&sai=AMfl-YQAL9q9-rYfVqPRvwJ8zBQ9R3LCbUSVNL6xWnQtdOFCowgCjvKDbYFSE9JMrSqlJpl6cEsJUNA2kUeME57pirm79_0SXUf-chufpbGRsEotklr8L4xxE6oNlvzrcV-DjYXmd2t8WcAV6BXi26EuYbtXEF_llaM6Igfx_BUXjAAzGtcD05tOrTwWMdDHIRzWOmz97JMMxcuT8FsLx0oImvAaKZLlblo5HGM5ZHAnXmfwjWyZBmlCWjkn4WR9D4hmx4C4WwxERg4&sig=Cg0ArKJSzLrMKSJq9l3lEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=156&cbvp=1&cstd=150&cisv=r20221207.08266&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 15 Dec 2022 08:01:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 08:01:35 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 6EC8 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
499954
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4775
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 13:09:01 GMT
expires
Sat, 09 Dec 2023 13:09:01 GMT
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame EB12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ct_BlXdSaY96hNaGY-cAPsOir8Ab49Lf6bfrekfWQEY6k3qCoMBABIK2Q9B5glYKAgKAHoAGyisGqAcgBCakC4pd5R6vDqD6oAwHIA0iqBNMBT9B0uP-BeUSiYmpLnwb3ib0dWxBMM4c-aMq5SHZ0KVtOTPFLpzvwuuFCEVEcM1Lt5vEFapQDGj5z_AUrRYSKWOm3AdzUxwcWa_OYovftDFi0mCLofi82yeUD_BzV7nwHJlSTG-NUZUPe0ggeoTpBPRiz6dNkAmgrcOoi2BwtZyUIEWHLi7bf1O7y2MCNeg8Oe5n_lUB0WD0CvrM4iHvNZLpXYfconzTQhv2ZYgoSo5vlBQ-4P1OzW5tDIwMs94PmtKJj_dApDsdsVsNClxoeMQ6Q2MAEld7N-pkEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7b1vtUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQxNZQ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItMzEzOTEzNDg4MzcwODc2MRgA&sigh=9GGKRozvOa4&uach_m=[UACH]&cid=CAQSOwDq26N9JjYjwvmtwM6_LwJkgh7LhreTnTUakc4N05VLOtA-5aVrfXMRROv7Gb14XR6KN239RcKasAorGAEgEw&template_id=419
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 15 Dec 2022 08:01:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame EB12 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
53726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 17:06:09 GMT
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 7F4B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 06:47:48 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 2052
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1014661/62144022/xbbe/creative/adj?p=APEucNVsvVz9eEDWldUZydTk3vYU7YjQeMf6hB1O_5BRnQL7RayN2KE&d=CokBAKAmf-Cm6P1IkIQhzXm-3qcAk5VPBJLwtLYZH61TMMG9FVnY-ob6aYUd_wV...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVsvVz9eEDWldUZydTk3vYU7YjQeMf6hB1O_5BRnQL7RayN2KE&d=CokBAKAmf-Cm6P1IkIQhzXm-3qcAk5VPBJLwtLYZH61TMMG9FVnY-ob6aYUd_wV7Cco1LJ-BBjU4xkhVXgEg_eztz...
52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVsvVz9eEDWldUZydTk3vYU7YjQeMf6hB1O_5BRnQL7RayN2KE&d=CokBAKAmf-Cm6P1IkIQhzXm-3qcAk5VPBJLwtLYZH61TMMG9FVnY-ob6aYUd_wV7Cco1LJ-BBjU4xkhVXgEg_eztzAz0B4UTi2JuPHSGF_DXWQSAm6WHtZU9nOdyOg0MPyOKbjiBM6_5kJEpcqVGYrHOl2KHkxXsY-isaFkQip_E6hV4Cyt12mC7dcoSuRMAoCZ_4P9y61Y0lXA3H6GkBiQRGiSdZmiO1fbBSwXzAj1XD545pURSxRUXOqELoLYViYjNalgk9Sj5H7PfC0Ucl8nm63ZVUX7dw3xsY3YEyypFmKffR97r3SkI8XohcaVsvtY4CZr4GmRXxc-yQrZS6ShPUoR1gkbv9j7cvGrvoSBpWT5yqMwU-wAvwxEhu9hh6bTE5wRcwFxH7sp-o9qEx-U4TO1A_SX7njw2nFE6VIR2KgR0zSqI79rCdBrvki11ZdqEqv6y9YXg6OWB8rnyOSw-6xMj1yzm5rSbKzS88dZRHxQwZxQcltlUCPO7w2RkS5v8sTsdgSlNr5XUNxpnmKax23rZQ4XJqSoZevPK0lGjQoRK5hM7n5M0DN8FiXZsNhZTYRZhKYwt0RL9TTqNDvavY5oNrAizBNBq7m-_m_Ze5j_aXJB73Eqq3vp2E_f7QNvOGPvt4ka_LHCzpS4qFb7G8f9CIxiBumRYnf9WFTad7WwQony7l0mBEip_cfumAdwRdVUAWqGX0HsfTf45uEG6ysq_VIRu2-JJUSKsX0LwPOfJXScrME7iRbpkKrGi3Fns8bplYflCHhU6QV9xknPUj6lQREb6dg5GldfeB67nY7oBf2Ns7vfo1eyXnVK8Q49iZz4HAGKRCCOnvbpezBnXJsKyQi2mGy1ARtwK_nTdG7LzvGcEN29V8k3zrOiP5Pbqey5v5TfO7Sc6en_wsIuip97SlKAatnJ3VLKu9no2cyDnCUnC9TuntlYdGR4snxH6Y5IpXPkFy8JOiG1XrCNULJoPo7dCeP7wBmwED54aoGSd84_j3iaS2ciWpKnl6wclzSo1N7U8kykVtx1_cpIyBr0xxxxhj8vjz_o7TFKnXbVjCXEFGOATGDDi6oXj7u9IRDXgs2OawVE1RVdrZRXutpB-MSz-_ACh4JRWVL1PHN8KOh3FcqOWjNhqBE0GGw5EGLXNP_mr1y8r5DvziAPifHGutz18qSqPjIEWxY8pJXdDGr-D4HY64jWINsV7q11acyhlXoiNVrgSDwGKZYC1J5kfNt8p0ZrfpSTtsfVdoLcuXtgTchvO4Zh7tCeCoyG-aHuHLNbAg2W53I6A81fk89jdlr5wrR_w5QkYS_rzQuentzyfeC3Rw7NhMbHET_cl7GZz17zybylSuFUsn3GHOD1f-FbfChGNG7i0OpctKhJiavyAROsbVLh9kwb5v9DWXFy_MsOXFauZdqSIgdYOSCTN4C0yEG-Ng3TvsqXRcciaToUJ1B1RgxJZLunr8UHTrK_8VujsRi6UWTVh7Y_uYsfyx-D3bp88J6geG-1W3a0hPH3Q6GY1nRl9qXPiUiaH5kce05Ge_AS7tV8AP7EOl2SOcy9tlPooGsLyUiwV-D1OJ2a94YP8WT4qlYaPbTknCiRlMt56RYuN2KDttuKKiiVBHw334rtwLKukHE8NlVo5azjd0mKNw5tZjMKmbueae-ueHE_FhSb0QPjz2v6vJyg7qO20lDyXwKoZDVINQxvoYatUpcDKiJK7hc43Fuc52VClYLf-8qKMdnhoA8oBZffCPqVyhk_3z_YPgYLWQbA43mmIakkUal1PLI6INghOAiuw4fH4zDuKQVB38AzkxqgaQO_9fgc3z7wdUIWRqMutPddQ9qZ_dUL6VYLX8LbHc_VKCOG1UW6bnc151oUpL1e7TwS4AbdNXdJcJCFTXwtVjgUgMQIm4ed6Kd7v5i2ikjj2ASExpEL2rfvv6-w4v_TsjDB3sK1oWurcahZycEq9685qXsPS660L9MEM3iGDE4l3_lyvBUZUJAHx_GY_9t6hg8F6iemfQoyYCluiRHgk94OLA_9MAEqyBwyrVfdiaFtsoaQ4eeQU6k2AWP8u8MJbytQk57S4TmaTa9X9ZoKPybtDuWuPyJjVGFKYWn-bi7DhHXkzVR5Z7gCnmSxXfQcBHKYtfwEQz1Wu_tdvDhu_WFl5o7Dk8Md8iidYTcifiQWLIr47Csp0omVVsMn1uRMMdlfaQJ1G5nnv2cQXYmxxZg2RFKZX4vMUS1HBHVRsdwIVqRauzhGAR6mfodPOPm60HSXvEgQ_AtxI5YUJHcZM-pYJ1eae5zVhXviF9R70b3R0Llg_NvYA_HNxMDJ8XMIaxnwKkLWO3CbrCUy3OnOnZqxYBP2Hmg9udQCQ7Gjkq-riw-SXkKEQWqKvP-31QHPlNRVg2EXZPjmyinXB5TVKuRqbHzBXwFBxH11DohhfOFFMeNDQOEWg9VRGfkXAX1-CXdpsRDrRyWZnQ4U2o8CYKd_paTjLEWnRnV0DCPKmk4QhTWfb6ARwnGnJpylB2bOfPH1RBKNoRbD68te-ML5cjCVhKBfoD8udRA3inRCz-5ris6K4lZlPxJN4vmOPZEAVAywVY1kWtUTgnEoAduV-80uKgo7MOC7OctlHbPf0hw3jI0sLlzqlNxSNcXhPzq85MGQtv0WdtAQueogZTm0KaqEFXU46xdV6poNsxU4CNfPVC9gIBb74SyT1PaYtNW0nu6F3a7yiJN644ao1Ccs0nDEkGPvDlSYHKkSBT9z-e1DlDopquAZ8T8n_xbltJnt0OXKU8XQ3Gbub1c4RQ8kqHqlJ-j-VQiaQs9CqsuzaoealIflBp-YlCfjpYnA3SCSShd2VvENu0wIkTn_gRjcuUU_56XAcwI1xHjsXjdh-Ad5tqqmxHhoc4jnUpihwzjGlHDz2X02sNCu1QmA5FveXEwcjTPfG3HuHQKaeUaZjIHrl3O1i3Hdm8fKVo1MmkgkpWcAQ-r-yeXQHy7B9ntwjm0q3iDZZqHVzTmGDdWHD1vnJSpEioc508OkGpThOlqhBdpovZTheP4I6szzoTLpyZQVrDCgvaPFPjR3Q3SLpl0CpIOu1JOA-n3AfE-JIWVfgMhsC9evm8SNhBU7zgXBY-biWuk76lbbPYPHtqVnb88Ef_RleZhfDDR2mCZkBkeQbB3YVrmsEYBDuabO3UN_VD8jEDuiQZruGJEsba1l2tg7fj7PFH6D-k1p0j0jN5PvFpoAGh9CF91rvmdI2a2A_HPV2rTAvHFehuMZ2THbKeE0rDQXBU9dBymbSBTW0YFNCJt_K_R_pSxWqAKvkW1QieN-Fas2hA1zyxEWXSBfjYdS_RVs-o03BmyDtatnCA5xJ4-BZNBI_Uw9HQFdHi99tHQE5dd4BvxrKgGcgSLEuy7_PUtZgYc5b2N_P00C8D2w1x_-NJ6myO2P5zHZHzHD-CH-Qo2Qjf3GQwqzMFs3LxcCcYh0bjF1ROSIJ5PjL-cQayHuTzSJzf2hY98vlrIm6WW2R6hpDCAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgE2AB
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
64.233.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f154.1e100.net
Software
cafe /
Resource Hash
fde4aa8406132d1c37dcea8010cff9261b79db0506885769e418f4baeba2a949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21183
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
nginx
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVsvVz9eEDWldUZydTk3vYU7YjQeMf6hB1O_5BRnQL7RayN2KE&d=CokBAKAmf-Cm6P1IkIQhzXm-3qcAk5VPBJLwtLYZH61TMMG9FVnY-ob6aYUd_wV7Cco1LJ-BBjU4xkhVXgEg_eztzAz0B4UTi2JuPHSGF_DXWQSAm6WHtZU9nOdyOg0MPyOKbjiBM6_5kJEpcqVGYrHOl2KHkxXsY-isaFkQip_E6hV4Cyt12mC7dcoSuRMAoCZ_4P9y61Y0lXA3H6GkBiQRGiSdZmiO1fbBSwXzAj1XD545pURSxRUXOqELoLYViYjNalgk9Sj5H7PfC0Ucl8nm63ZVUX7dw3xsY3YEyypFmKffR97r3SkI8XohcaVsvtY4CZr4GmRXxc-yQrZS6ShPUoR1gkbv9j7cvGrvoSBpWT5yqMwU-wAvwxEhu9hh6bTE5wRcwFxH7sp-o9qEx-U4TO1A_SX7njw2nFE6VIR2KgR0zSqI79rCdBrvki11ZdqEqv6y9YXg6OWB8rnyOSw-6xMj1yzm5rSbKzS88dZRHxQwZxQcltlUCPO7w2RkS5v8sTsdgSlNr5XUNxpnmKax23rZQ4XJqSoZevPK0lGjQoRK5hM7n5M0DN8FiXZsNhZTYRZhKYwt0RL9TTqNDvavY5oNrAizBNBq7m-_m_Ze5j_aXJB73Eqq3vp2E_f7QNvOGPvt4ka_LHCzpS4qFb7G8f9CIxiBumRYnf9WFTad7WwQony7l0mBEip_cfumAdwRdVUAWqGX0HsfTf45uEG6ysq_VIRu2-JJUSKsX0LwPOfJXScrME7iRbpkKrGi3Fns8bplYflCHhU6QV9xknPUj6lQREb6dg5GldfeB67nY7oBf2Ns7vfo1eyXnVK8Q49iZz4HAGKRCCOnvbpezBnXJsKyQi2mGy1ARtwK_nTdG7LzvGcEN29V8k3zrOiP5Pbqey5v5TfO7Sc6en_wsIuip97SlKAatnJ3VLKu9no2cyDnCUnC9TuntlYdGR4snxH6Y5IpXPkFy8JOiG1XrCNULJoPo7dCeP7wBmwED54aoGSd84_j3iaS2ciWpKnl6wclzSo1N7U8kykVtx1_cpIyBr0xxxxhj8vjz_o7TFKnXbVjCXEFGOATGDDi6oXj7u9IRDXgs2OawVE1RVdrZRXutpB-MSz-_ACh4JRWVL1PHN8KOh3FcqOWjNhqBE0GGw5EGLXNP_mr1y8r5DvziAPifHGutz18qSqPjIEWxY8pJXdDGr-D4HY64jWINsV7q11acyhlXoiNVrgSDwGKZYC1J5kfNt8p0ZrfpSTtsfVdoLcuXtgTchvO4Zh7tCeCoyG-aHuHLNbAg2W53I6A81fk89jdlr5wrR_w5QkYS_rzQuentzyfeC3Rw7NhMbHET_cl7GZz17zybylSuFUsn3GHOD1f-FbfChGNG7i0OpctKhJiavyAROsbVLh9kwb5v9DWXFy_MsOXFauZdqSIgdYOSCTN4C0yEG-Ng3TvsqXRcciaToUJ1B1RgxJZLunr8UHTrK_8VujsRi6UWTVh7Y_uYsfyx-D3bp88J6geG-1W3a0hPH3Q6GY1nRl9qXPiUiaH5kce05Ge_AS7tV8AP7EOl2SOcy9tlPooGsLyUiwV-D1OJ2a94YP8WT4qlYaPbTknCiRlMt56RYuN2KDttuKKiiVBHw334rtwLKukHE8NlVo5azjd0mKNw5tZjMKmbueae-ueHE_FhSb0QPjz2v6vJyg7qO20lDyXwKoZDVINQxvoYatUpcDKiJK7hc43Fuc52VClYLf-8qKMdnhoA8oBZffCPqVyhk_3z_YPgYLWQbA43mmIakkUal1PLI6INghOAiuw4fH4zDuKQVB38AzkxqgaQO_9fgc3z7wdUIWRqMutPddQ9qZ_dUL6VYLX8LbHc_VKCOG1UW6bnc151oUpL1e7TwS4AbdNXdJcJCFTXwtVjgUgMQIm4ed6Kd7v5i2ikjj2ASExpEL2rfvv6-w4v_TsjDB3sK1oWurcahZycEq9685qXsPS660L9MEM3iGDE4l3_lyvBUZUJAHx_GY_9t6hg8F6iemfQoyYCluiRHgk94OLA_9MAEqyBwyrVfdiaFtsoaQ4eeQU6k2AWP8u8MJbytQk57S4TmaTa9X9ZoKPybtDuWuPyJjVGFKYWn-bi7DhHXkzVR5Z7gCnmSxXfQcBHKYtfwEQz1Wu_tdvDhu_WFl5o7Dk8Md8iidYTcifiQWLIr47Csp0omVVsMn1uRMMdlfaQJ1G5nnv2cQXYmxxZg2RFKZX4vMUS1HBHVRsdwIVqRauzhGAR6mfodPOPm60HSXvEgQ_AtxI5YUJHcZM-pYJ1eae5zVhXviF9R70b3R0Llg_NvYA_HNxMDJ8XMIaxnwKkLWO3CbrCUy3OnOnZqxYBP2Hmg9udQCQ7Gjkq-riw-SXkKEQWqKvP-31QHPlNRVg2EXZPjmyinXB5TVKuRqbHzBXwFBxH11DohhfOFFMeNDQOEWg9VRGfkXAX1-CXdpsRDrRyWZnQ4U2o8CYKd_paTjLEWnRnV0DCPKmk4QhTWfb6ARwnGnJpylB2bOfPH1RBKNoRbD68te-ML5cjCVhKBfoD8udRA3inRCz-5ris6K4lZlPxJN4vmOPZEAVAywVY1kWtUTgnEoAduV-80uKgo7MOC7OctlHbPf0hw3jI0sLlzqlNxSNcXhPzq85MGQtv0WdtAQueogZTm0KaqEFXU46xdV6poNsxU4CNfPVC9gIBb74SyT1PaYtNW0nu6F3a7yiJN644ao1Ccs0nDEkGPvDlSYHKkSBT9z-e1DlDopquAZ8T8n_xbltJnt0OXKU8XQ3Gbub1c4RQ8kqHqlJ-j-VQiaQs9CqsuzaoealIflBp-YlCfjpYnA3SCSShd2VvENu0wIkTn_gRjcuUU_56XAcwI1xHjsXjdh-Ad5tqqmxHhoc4jnUpihwzjGlHDz2X02sNCu1QmA5FveXEwcjTPfG3HuHQKaeUaZjIHrl3O1i3Hdm8fKVo1MmkgkpWcAQ-r-yeXQHy7B9ntwjm0q3iDZZqHVzTmGDdWHD1vnJSpEioc508OkGpThOlqhBdpovZTheP4I6szzoTLpyZQVrDCgvaPFPjR3Q3SLpl0CpIOu1JOA-n3AfE-JIWVfgMhsC9evm8SNhBU7zgXBY-biWuk76lbbPYPHtqVnb88Ef_RleZhfDDR2mCZkBkeQbB3YVrmsEYBDuabO3UN_VD8jEDuiQZruGJEsba1l2tg7fj7PFH6D-k1p0j0jN5PvFpoAGh9CF91rvmdI2a2A_HPV2rTAvHFehuMZ2THbKeE0rDQXBU9dBymbSBTW0YFNCJt_K_R_pSxWqAKvkW1QieN-Fas2hA1zyxEWXSBfjYdS_RVs-o03BmyDtatnCA5xJ4-BZNBI_Uw9HQFdHi99tHQE5dd4BvxrKgGcgSLEuy7_PUtZgYc5b2N_P00C8D2w1x_-NJ6myO2P5zHZHzHD-CH-Qo2Qjf3GQwqzMFs3LxcCcYh0bjF1ROSIJ5PjL-cQayHuTzSJzf2hY98vlrIm6WW2R6hpDCAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgE2AB
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame BCA7 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
7316719
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
38O2MaI0p6NPb5fKXV5UIirS-3ghAMdf1HEScamukLeYXkdhhI9nmg==
truncated
/ Frame BD6E 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 046B 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1671091295.dop223.fr8.t,1671091295.cds158.fr8.shn,1671091295.cds158.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
Enabler_01_247.js
s0.2mdn.net/879366/ Frame B56D 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=Cxc9dFEv8F&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=Cxc9dFEv8F&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Dec 2022 12:49:08 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6EC8 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
46998
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 15 Dec 2022 18:58:17 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6EC8 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
80437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 15 Dec 2022 09:40:58 GMT
120fb889c9d3d02c8d3dd0555cf62ab3.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 6EC8 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 10 Dec 2022 01:22:34 GMT
age
455941
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30375
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 10 Dec 2023 01:22:34 GMT
4.js
static.adsafeprotected.com/ Frame 15C1
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1034476/65088021/4.js?ias_dspID=3&ias_campId=29064847&ias_pubId=pub-7872228587460333&ias_chanId=1&ias_placementId=17475009973&bidurl=https://pelotainvernal.com...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:7e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 16:54:37 GMT
x-amz-version-id
2Pg_7dCiVzLnRDq1elVhHSnZiqqlc8yQ
content-encoding
gzip
via
1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
227219
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 12 Dec 2022 16:54:35 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
wmPgG9yHiqG8uwn27Qzbz3duiPM5gPhXNotTHP1bZA0jStCGVbD85A==

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8175 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
7316719
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
8OIZIVYsljkkDkwMNYUeKrhMDQmWUlbhuBJx4yHYxf9JP3JJZDHvZw==
dt
dt.adsafeprotected.com/ Frame 2052 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1014661&asId=524e230d-316b-7077-1c41-9884a355f148&tv=%7Bc:wQM9ij,pingTime:-3,time:147,type:v,im:%7BpBlk:47%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:147,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B140~0%5D,as:%5B140~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c*.1014661-62144022%7C1c1%7C1c21%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1,idMap:1c*,rmeas:1,rend:0,renddet:IMG.us,siq:25%7D&br=c
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2052 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1014661&asId=524e230d-316b-7077-1c41-9884a355f148&tv=%7Bc:wQM9ik,pingTime:-6,time:148,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:149,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B142~0%5D,as:%5B142~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c*.1014661-62144022%7C1c1%7C1c21%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1,idMap:1c*,rmeas:1,rend:0,renddet:IMG.us,siq:25%7D&tpiLookup=ao:pelotainvernal.com*&br=c
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 15C1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=e9fccf6c-1904-fbfd-8bff-42d59b5f2d12&tv=%7Bc:wQM9iC,pingTime:-3,time:71,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:71,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c.1014661-62144022%7C1c1%7C1c21%7C1c3%7C1d*.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g,idMap:1d*,rmeas:1,rend:0,renddet:na,siq:22%7D&br=c
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 15C1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=e9fccf6c-1904-fbfd-8bff-42d59b5f2d12&tv=%7Bc:wQM9iD,pingTime:-6,time:72,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:72,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c.1014661-62144022%7C1c1%7C1c21%7C1c3%7C1d*.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g,idMap:1d*,rmeas:1,rend:0,renddet:na,siq:22%7D&tpiLookup=ao:pelotainvernal.com*&br=c
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2052 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1014661&asId=524e230d-316b-7077-1c41-9884a355f148&tv=%7Bc:wQM9iK,pingTime:-2,time:174,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:569,beZ:570,mfA:573,cmA:574,inA:574,inZ:578,prA:578,prZ:587,si:593,poA:595,bl:616,poZ:616,cmZ:616,mfZ:616,loA:717,loZ:720,ltA:743,ltZ:743%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:174,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B167~0%5D,as:%5B167~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c*.1014661-62144022%7C1c1%7C1c21%7C1d.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1,idMap:1c*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:25,sinceFw:148,readyFired:false%7D&br=c
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
t
t.lkqd.net/ Frame 40E2 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:35 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:35 GMT
server
nginx
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame EB12 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:48:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
69172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 12:48:43 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 103F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
65775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 13:45:20 GMT
etag
48472445140208031
expires
Thu, 15 Dec 2022 13:45:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame EB12 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
53726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 17:06:09 GMT
dt
dt.adsafeprotected.com/ Frame 15C1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=e9fccf6c-1904-fbfd-8bff-42d59b5f2d12&tv=%7Bc:wQM9iY,pingTime:-2,time:93,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:655,beZ:656,mfA:658,cmA:659,inA:659,inZ:664,prA:664,prZ:671,si:676,poA:677,poZ:699,cmZ:699,mfZ:699,loA:727,loZ:729,ltA:747,ltZ:747%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:93,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B86~0%5D,as:%5B86~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c.1014661-62144022%7C1c1%7C1c21%7C1c3%7C1d*.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g,idMap:1d*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:22,sinceFw:70,readyFired:true%7D&br=c
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
7296e22ca20ac6472628647a52a912af.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame 6EC8 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/7296e22ca20ac6472628647a52a912af.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 12 Dec 2022 20:40:02 GMT
x-content-type-options
nosniff
age
213693
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8880
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Dec 2023 20:40:02 GMT
0eeebe2aab7fa2fb99c2a447383fb9a6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame 6EC8 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/0eeebe2aab7fa2fb99c2a447383fb9a6.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 10 Dec 2022 02:07:48 GMT
x-content-type-options
nosniff
age
453227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 10 Dec 2023 02:07:48 GMT
undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 6EC8 		43 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 15 Dec 2022 08:01:35 GMT
css
fonts.googleapis.com/ Frame 6EC8 		6 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 06:17:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Dec 2022 08:01:35 GMT
LandRoverWeb-Bold.woff
s0.2mdn.net/creatives/assets/4524566/ Frame B56D 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4524566/LandRoverWeb-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=Cxc9dFEv8F&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5459851818636571b7286afd1a08ccd3991e479808e70ee8dc7b2ffca2201e63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=Cxc9dFEv8F&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:58:15 GMT
x-content-type-options
nosniff
age
200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18968
x-xss-protection
0
last-modified
Thu, 05 May 2022 09:00:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Dec 2022 08:13:15 GMT
pixel
cm.g.doubleclick.net/ Frame 103F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESENtmJoez6W-E34tyhTfVc8U&google_cver=1&google_push=AavPq0OJkCibQeJ-DA9C37fEQ9SrBVTuJB0iz7MH3NNLnpaBq0ujiCnzwcVMM5VoYCxfRJym9lEWhZNhfyvlehqvm-P59hS6HGHw4PAz
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=15F7324444424827B009E7D07B9D1C10&google_push=AavPq0OJkCibQeJ-DA9C37fEQ9SrBVTuJB0iz7MH3NNLnpaBq0ujiCnzwcVMM5VoYCxfRJym9lEWhZNhfyvlehq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=15F7324444424827B009E7D07B9D1C10&google_push=AavPq0OJkCibQeJ-DA9C37fEQ9SrBVTuJB0iz7MH3NNLnpaBq0ujiCnzwcVMM5VoYCxfRJym9lEWhZNhfyvlehqvm-P59hS6HGHw4PAz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 08:01:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=15F7324444424827B009E7D07B9D1C10&google_push=AavPq0OJkCibQeJ-DA9C37fEQ9SrBVTuJB0iz7MH3NNLnpaBq0ujiCnzwcVMM5VoYCxfRJym9lEWhZNhfyvlehqvm-P59hS6HGHw4PAz
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Dec 2022 08:01:35 GMT
pixel
cm.g.doubleclick.net/ Frame 103F
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEMQA4U5SHoxgYeErP0F0rwM&google_cver=1&google_push=AavPq0Ne0gqhFAwmXGMSehF8new5TgSDfMVN8hlkW4C4AeFB9J1MG1iYMKSXpTRZaqg2JyXmSJmuqkwjYtLhFpMX8igsEAfKvFbNZE1j
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0Ne0gqhFAwmXGMSehF8new5TgSDfMVN8hlkW4C4AeFB9J1MG1iYMKSXpTRZaqg2JyXmSJmuqkwjYtLhFpMX8igsEAfKvFbNZE1j&google_hm=Q0FFU0VNUUE0VTVTS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0Ne0gqhFAwmXGMSehF8new5TgSDfMVN8hlkW4C4AeFB9J1MG1iYMKSXpTRZaqg2JyXmSJmuqkwjYtLhFpMX8igsEAfKvFbNZE1j&google_hm=Q0FFU0VNUUE0VTVTSG94Z1llRXJQMEYwcndN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:35 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0Ne0gqhFAwmXGMSehF8new5TgSDfMVN8hlkW4C4AeFB9J1MG1iYMKSXpTRZaqg2JyXmSJmuqkwjYtLhFpMX8igsEAfKvFbNZE1j&google_hm=Q0FFU0VNUUE0VTVTSG94Z1llRXJQMEYwcndN
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 103F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGeG5AQqfL3S4CxWyHYkceA&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGeG5AQqfL3S4CxWyHYkceA&google_hm=Y5rUX40-tHOdKK-xH-IX6wAACHcAAAAB&google_nid=index&google_push=AavPq0N_e3w_TGB32HfSWQmZV567-gO125ivj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGeG5AQqfL3S4CxWyHYkceA&google_hm=Y5rUX40-tHOdKK-xH-IX6wAACHcAAAAB&google_nid=index&google_push=AavPq0N_e3w_TGB32HfSWQmZV567-gO125ivjAsdb6fx7JijmvcAvdCr0anlC94i7DVHAtdZt7ip1F9t6V1fD3hOU4c47vTv1ZZO-b-l
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksv7U3RtoNRYJ%2Fq0isuoXg%2BC%2BlGIYnap2MCs2JsZpnchtoV%2Fv%2FX4kY9i%2FmZFNOWTeM333pb9lMtaBgtXD%2BsMHbAFkvx8gbTyIUAKiIBWpr7jpmY7z%2FGbMI0AbbHdgeIuZ6bZKkPEkFpoyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGeG5AQqfL3S4CxWyHYkceA&google_hm=Y5rUX40-tHOdKK-xH-IX6wAACHcAAAAB&google_nid=index&google_push=AavPq0N_e3w_TGB32HfSWQmZV567-gO125ivjAsdb6fx7JijmvcAvdCr0anlC94i7DVHAtdZt7ip1F9t6V1fD3hOU4c47vTv1ZZO-b-l
cache-control
no-cache
cf-ray
779da6f6685d6910-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 103F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0NUvsl96d6-1WzpKwWqLAO7y3rAYKYAuUZgL1V1YuX-p9hwwEpVNznJWyfpen2pxNKHQOyo0X7FV5KY1jIv-zisZoXD--JkhGM&redir=https%3A%2F%2Fcm.g.do...
  • https://sync.targeting.unrulymedia.com/csync/RX-d84dcd17-c05e-416e-b3f2-661987daf16e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NUvsl96d6-1WzpKwWqL...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NUvsl96d6-1WzpKwWqLAO7y3rAYKYAuUZgL1V1YuX-p9hwwEpVNznJWyfpen2pxNKHQOyo0X7FV5KY1jIv-zisZoXD--JkhGM&google_hm=A9hNzRfAXkFus_JmGYfa8W4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NUvsl96d6-1WzpKwWqLAO7y3rAYKYAuUZgL1V1YuX-p9hwwEpVNznJWyfpen2pxNKHQOyo0X7FV5KY1jIv-zisZoXD--JkhGM&google_hm=A9hNzRfAXkFus_JmGYfa8W4
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NUvsl96d6-1WzpKwWqLAO7y3rAYKYAuUZgL1V1YuX-p9hwwEpVNznJWyfpen2pxNKHQOyo0X7FV5KY1jIv-zisZoXD--JkhGM&google_hm=A9hNzRfAXkFus_JmGYfa8W4
date
Thu, 15 Dec 2022 08:01:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd84dcd17c05e416eb3f2661987daf16e003
content-type
text/html
googleredir
googlecm.hit.gemius.pl/ Frame 103F 		0
0
report
sync.teads.tv/um/ Frame 103F
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEpBfpf-PWfzeQXmqoeSj3w&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0M7ERtnkVUv08l-6qLVRpdbTOwR5J-wizl0KwFvlLdjyOpW6CtFmJMaelM3J7FGjeCOQv4lK_n7peBVeL_OIS-oe8C2xvfRYs33dw
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 08:01:35 GMT
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 103F
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJtj9fhVJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=99611486-5a17-4503-a1b0-ab1982a65b33&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=99611486-5a17-4503-a1b0-ab1982a65b33&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=99611486-5a17-4503-a1b0-ab1982a65b33&%%GOOGLE_PUSH_PAIR%%
date
Thu, 15 Dec 2022 08:01:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 103F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUVEsvfXJ_3m04d9iIj74dwpN8TAKvGzIqNskzpqRGJfAk8mLC-6NpGke8ANzpYrQhDsZ9vcSu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 046B 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1671091295723
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:35 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1671091295.dop145.fr8.t,1671091295.cds246.fr8.shn,1671091295.cds246.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=91b7d2daf75e38e3488ea6d5e96eb7d4&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1653_7177282464950342166&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:36 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671091296059079-375
Expires
Thu, 15 Dec 2022 08:01:36 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 046B 		301 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fpelotainvernal.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-73.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:35 GMT
Server
nginx
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1671091295769040-368
Expires
Thu, 15 Dec 2022 08:01:35 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 046B 		67 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C63065%2C1%2C1875891067626048350611712314%2C%2C&_fw_gdpr_consent=&vav=ba1954d10db6fd43c37c30896e85899f&vaviv=b6d43814a1b036175c2a79eab8ff03c0&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fpelotainvernal.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-73.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:35 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1671091295792032-334
Expires
Thu, 15 Dec 2022 08:01:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 15C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJhUbLSHBvg5kDOTtHXG-tS0itG2Y5tU3j_I7mPsqzx6_z8m2d46XZ9pCQ0IGFz_--mzVKkIDMpxowQsAmizPw_1VzZnAbyXcx5htvBOWX8QLGbo78c_YebbaW_GbmdIek2FqNHKos3GCyVp0dH_UFwHjW8czHEBwZK7vy4gKqvAOl-1hs1PNnc-VVxdoulW8ttFOHr58me3X7FIQEl9fwGAucOvaX7NrIXXAg5_iwSVSP2Ei-u3DtehuTNxCI9i8q5b_zsUMpcoRMDtFK8elLFd8fk9eOX79ctoT-62AVyOYVnn9K-VVAET0RmKuceoi3oXiiLyGzMmpxTOmi2Av7E8MrlnZy5S5OEoJR8WkKJ_-U2Jiv9Jbgg8tXhJbJnYIFnZSdxC9NpMzS5ubxjDQDYbbgiykiKCG7miVySVPUydiH4Xfz01WEG4lI4Qm08jU8mZORKTgyH6Snl_F89MrrMn2GC6k2rfnY7gs2MUOtGVkM6quW_4Ly62tcO9vg6Qb-o6BuArFo4NwBiCk49qqyIM7PLRaT7kLXxWGl3FCOM0SeyPDHWWSgcOBmISAMDm_VYw14rQ_ALtbLkUEl9TXYZCxs2B9-5bB9-IPDZ6dicinDKO4A5Z9wM_URfgoZxYVzcc1fFq2ytu3q0eHWrRdHaSC4SE-J3bC2hf7df2cfQkbWD0JaIsECS2e-jLiiBLBzAWjZ1kSUfObADJb3tLLGPa3TJGcBuqf_pcg1-dRoaiQcPBV6FSjv2Zx6slAv9pbjZAzjPNAy9E9Dslxuv_JY7FuDpacLNMdHHE5PuoATqiANJdVdW0Qn9m7cMwXoiYyiL0tGi4c2_nyiPYlvQXa6BxCIJ_DuPYe_yRu0GgbCzrN0McgEcWlzbKgGB3F7yCWaK7wKUucOGZeLm4jHKVUiLccAwX4Fvt56FKrnjutTyft_cw5p5F6SRa5FOqQ_HC-vgGgLFxQUbfdetju5W6wo2s1UNimcp3vuqnjmx84ev4XjRa5ix8pH1HfvOxeVgBb-QsPFhFVcLlSfrq4a0ZXWQ3aYvmhmiT3E-QzIsOHCuV4TtKyN7Rz1oJ_hxj-4G6kTyrfgXgDmPwByoJ7zd5BfH76jfLI-5HZ-IwhGxq0FxL_aUD8u-VTlIqSysKGcVbsZhhSwUSSMfPKh4BqTptRG7VdB5EK8rlRcB8oHfK9cTv6xSUzPGagYxCGbvYWIOVuJY_gaA0hzFEurvOJl7wTykqOUtegl_ILXoAKrbPfh&sai=AMfl-YQAL9q9-rYfVqPRvwJ8zBQ9R3LCbUSVNL6xWnQtdOFCowgCjvKDbYFSE9JMrSqlJpl6cEsJUNA2kUeME57pirm79_0SXUf-chufpbGRsEotklr8L4xxE6oNlvzrcV-DjYXmd2t8WcAV6BXi26EuYbtXEF_llaM6Igfx_BUXjAAzGtcD05tOrTwWMdDHIRzWOmz97JMMxcuT8FsLx0oImvAaKZLlblo5HGM5ZHAnXmfwjWyZBmlCWjkn4WR9D4hmx4C4WwxERg4&sig=Cg0ArKJSzLrMKSJq9l3lEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=581&vt=11&dtpt=425&dett=3&cstd=150&cisv=r20221207.08266&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 08:01:35 GMT
l
www.google.com/ads/measurement/ Frame EB12 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIaW5NzSixc94QKFu5aWNMiN8BriePNSnAfaFf6RS16i9DmsazRewTe3qKJrEYv3PpBVe6vtbJ-sqHLZUtjj1NnXaoEA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EB12 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 08:01:35 GMT
truncated
/ Frame EB12 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd8bbf100f8f628aa2c0a2d732ce0bcecbd8f2b803d4ec8d07cd3f7bbe63f64f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 2052 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1014661/62144022/xbbe/creative/adj?p=APEucNVsvVz9eEDWldUZydTk3vYU7YjQeMf6hB1O_5BRnQL7RayN2KE&d=CokBAKAmf-Cm6P1IkIQhzXm-3qcAk5VPBJLwtLYZH61TMMG9FVnY-ob6aYUd_wV7Cco1LJ-BBjU4xkhVXgEg_eztzAz0B4UTi2JuPHSGF_DXWQSAm6WHtZU9nOdyOg0MPyOKbjiBM6_5kJEpcqVGYrHOl2KHkxXsY-isaFkQip_E6hV4Cyt12mC7dcoSuRMAoCZ_4P9y61Y0lXA3H6GkBiQRGiSdZmiO1fbBSwXzAj1XD545pURSxRUXOqELoLYViYjNalgk9Sj5H7PfC0Ucl8nm63ZVUX7dw3xsY3YEyypFmKffR97r3SkI8XohcaVsvtY4CZr4GmRXxc-yQrZS6ShPUoR1gkbv9j7cvGrvoSBpWT5yqMwU-wAvwxEhu9hh6bTE5wRcwFxH7sp-o9qEx-U4TO1A_SX7njw2nFE6VIR2KgR0zSqI79rCdBrvki11ZdqEqv6y9YXg6OWB8rnyOSw-6xMj1yzm5rSbKzS88dZRHxQwZxQcltlUCPO7w2RkS5v8sTsdgSlNr5XUNxpnmKax23rZQ4XJqSoZevPK0lGjQoRK5hM7n5M0DN8FiXZsNhZTYRZhKYwt0RL9TTqNDvavY5oNrAizBNBq7m-_m_Ze5j_aXJB73Eqq3vp2E_f7QNvOGPvt4ka_LHCzpS4qFb7G8f9CIxiBumRYnf9WFTad7WwQony7l0mBEip_cfumAdwRdVUAWqGX0HsfTf45uEG6ysq_VIRu2-JJUSKsX0LwPOfJXScrME7iRbpkKrGi3Fns8bplYflCHhU6QV9xknPUj6lQREb6dg5GldfeB67nY7oBf2Ns7vfo1eyXnVK8Q49iZz4HAGKRCCOnvbpezBnXJsKyQi2mGy1ARtwK_nTdG7LzvGcEN29V8k3zrOiP5Pbqey5v5TfO7Sc6en_wsIuip97SlKAatnJ3VLKu9no2cyDnCUnC9TuntlYdGR4snxH6Y5IpXPkFy8JOiG1XrCNULJoPo7dCeP7wBmwED54aoGSd84_j3iaS2ciWpKnl6wclzSo1N7U8kykVtx1_cpIyBr0xxxxhj8vjz_o7TFKnXbVjCXEFGOATGDDi6oXj7u9IRDXgs2OawVE1RVdrZRXutpB-MSz-_ACh4JRWVL1PHN8KOh3FcqOWjNhqBE0GGw5EGLXNP_mr1y8r5DvziAPifHGutz18qSqPjIEWxY8pJXdDGr-D4HY64jWINsV7q11acyhlXoiNVrgSDwGKZYC1J5kfNt8p0ZrfpSTtsfVdoLcuXtgTchvO4Zh7tCeCoyG-aHuHLNbAg2W53I6A81fk89jdlr5wrR_w5QkYS_rzQuentzyfeC3Rw7NhMbHET_cl7GZz17zybylSuFUsn3GHOD1f-FbfChGNG7i0OpctKhJiavyAROsbVLh9kwb5v9DWXFy_MsOXFauZdqSIgdYOSCTN4C0yEG-Ng3TvsqXRcciaToUJ1B1RgxJZLunr8UHTrK_8VujsRi6UWTVh7Y_uYsfyx-D3bp88J6geG-1W3a0hPH3Q6GY1nRl9qXPiUiaH5kce05Ge_AS7tV8AP7EOl2SOcy9tlPooGsLyUiwV-D1OJ2a94YP8WT4qlYaPbTknCiRlMt56RYuN2KDttuKKiiVBHw334rtwLKukHE8NlVo5azjd0mKNw5tZjMKmbueae-ueHE_FhSb0QPjz2v6vJyg7qO20lDyXwKoZDVINQxvoYatUpcDKiJK7hc43Fuc52VClYLf-8qKMdnhoA8oBZffCPqVyhk_3z_YPgYLWQbA43mmIakkUal1PLI6INghOAiuw4fH4zDuKQVB38AzkxqgaQO_9fgc3z7wdUIWRqMutPddQ9qZ_dUL6VYLX8LbHc_VKCOG1UW6bnc151oUpL1e7TwS4AbdNXdJcJCFTXwtVjgUgMQIm4ed6Kd7v5i2ikjj2ASExpEL2rfvv6-w4v_TsjDB3sK1oWurcahZycEq9685qXsPS660L9MEM3iGDE4l3_lyvBUZUJAHx_GY_9t6hg8F6iemfQoyYCluiRHgk94OLA_9MAEqyBwyrVfdiaFtsoaQ4eeQU6k2AWP8u8MJbytQk57S4TmaTa9X9ZoKPybtDuWuPyJjVGFKYWn-bi7DhHXkzVR5Z7gCnmSxXfQcBHKYtfwEQz1Wu_tdvDhu_WFl5o7Dk8Md8iidYTcifiQWLIr47Csp0omVVsMn1uRMMdlfaQJ1G5nnv2cQXYmxxZg2RFKZX4vMUS1HBHVRsdwIVqRauzhGAR6mfodPOPm60HSXvEgQ_AtxI5YUJHcZM-pYJ1eae5zVhXviF9R70b3R0Llg_NvYA_HNxMDJ8XMIaxnwKkLWO3CbrCUy3OnOnZqxYBP2Hmg9udQCQ7Gjkq-riw-SXkKEQWqKvP-31QHPlNRVg2EXZPjmyinXB5TVKuRqbHzBXwFBxH11DohhfOFFMeNDQOEWg9VRGfkXAX1-CXdpsRDrRyWZnQ4U2o8CYKd_paTjLEWnRnV0DCPKmk4QhTWfb6ARwnGnJpylB2bOfPH1RBKNoRbD68te-ML5cjCVhKBfoD8udRA3inRCz-5ris6K4lZlPxJN4vmOPZEAVAywVY1kWtUTgnEoAduV-80uKgo7MOC7OctlHbPf0hw3jI0sLlzqlNxSNcXhPzq85MGQtv0WdtAQueogZTm0KaqEFXU46xdV6poNsxU4CNfPVC9gIBb74SyT1PaYtNW0nu6F3a7yiJN644ao1Ccs0nDEkGPvDlSYHKkSBT9z-e1DlDopquAZ8T8n_xbltJnt0OXKU8XQ3Gbub1c4RQ8kqHqlJ-j-VQiaQs9CqsuzaoealIflBp-YlCfjpYnA3SCSShd2VvENu0wIkTn_gRjcuUU_56XAcwI1xHjsXjdh-Ad5tqqmxHhoc4jnUpihwzjGlHDz2X02sNCu1QmA5FveXEwcjTPfG3HuHQKaeUaZjIHrl3O1i3Hdm8fKVo1MmkgkpWcAQ-r-yeXQHy7B9ntwjm0q3iDZZqHVzTmGDdWHD1vnJSpEioc508OkGpThOlqhBdpovZTheP4I6szzoTLpyZQVrDCgvaPFPjR3Q3SLpl0CpIOu1JOA-n3AfE-JIWVfgMhsC9evm8SNhBU7zgXBY-biWuk76lbbPYPHtqVnb88Ef_RleZhfDDR2mCZkBkeQbB3YVrmsEYBDuabO3UN_VD8jEDuiQZruGJEsba1l2tg7fj7PFH6D-k1p0j0jN5PvFpoAGh9CF91rvmdI2a2A_HPV2rTAvHFehuMZ2THbKeE0rDQXBU9dBymbSBTW0YFNCJt_K_R_pSxWqAKvkW1QieN-Fas2hA1zyxEWXSBfjYdS_RVs-o03BmyDtatnCA5xJ4-BZNBI_Uw9HQFdHi99tHQE5dd4BvxrKgGcgSLEuy7_PUtZgYc5b2N_P00C8D2w1x_-NJ6myO2P5zHZHzHD-CH-Qo2Qjf3GQwqzMFs3LxcCcYh0bjF1ROSIJ5PjL-cQayHuTzSJzf2hY98vlrIm6WW2R6hpDCAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgE2AB&ias_dspID=3&ias_campId=28377781&ias_pubId=pub-7872228587460333&ias_chanId=1&ias_placementId=17661916541&bidurl=https://pelotainvernal.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jcwAABZPREP4vDuzyqdFvm&adsafe_url=https%3A%2F%2Fpelotainvernal.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpelotainvernal.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:524e230d-316b-7077-1c41-9884a355f148,c:wQM9gk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-f857cd7bf-gl4g4,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c*.1014661-62144022%7C1c1%7C1c21%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:b1e4abdd-7c4e-11ed-8bbe-16eb003ef668,v:19.8.377,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 09:27:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
81255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 09:27:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 2052 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1014661/62144022/xbbe/creative/adj?p=APEucNVsvVz9eEDWldUZydTk3vYU7YjQeMf6hB1O_5BRnQL7RayN2KE&d=CokBAKAmf-Cm6P1IkIQhzXm-3qcAk5VPBJLwtLYZH61TMMG9FVnY-ob6aYUd_wV7Cco1LJ-BBjU4xkhVXgEg_eztzAz0B4UTi2JuPHSGF_DXWQSAm6WHtZU9nOdyOg0MPyOKbjiBM6_5kJEpcqVGYrHOl2KHkxXsY-isaFkQip_E6hV4Cyt12mC7dcoSuRMAoCZ_4P9y61Y0lXA3H6GkBiQRGiSdZmiO1fbBSwXzAj1XD545pURSxRUXOqELoLYViYjNalgk9Sj5H7PfC0Ucl8nm63ZVUX7dw3xsY3YEyypFmKffR97r3SkI8XohcaVsvtY4CZr4GmRXxc-yQrZS6ShPUoR1gkbv9j7cvGrvoSBpWT5yqMwU-wAvwxEhu9hh6bTE5wRcwFxH7sp-o9qEx-U4TO1A_SX7njw2nFE6VIR2KgR0zSqI79rCdBrvki11ZdqEqv6y9YXg6OWB8rnyOSw-6xMj1yzm5rSbKzS88dZRHxQwZxQcltlUCPO7w2RkS5v8sTsdgSlNr5XUNxpnmKax23rZQ4XJqSoZevPK0lGjQoRK5hM7n5M0DN8FiXZsNhZTYRZhKYwt0RL9TTqNDvavY5oNrAizBNBq7m-_m_Ze5j_aXJB73Eqq3vp2E_f7QNvOGPvt4ka_LHCzpS4qFb7G8f9CIxiBumRYnf9WFTad7WwQony7l0mBEip_cfumAdwRdVUAWqGX0HsfTf45uEG6ysq_VIRu2-JJUSKsX0LwPOfJXScrME7iRbpkKrGi3Fns8bplYflCHhU6QV9xknPUj6lQREb6dg5GldfeB67nY7oBf2Ns7vfo1eyXnVK8Q49iZz4HAGKRCCOnvbpezBnXJsKyQi2mGy1ARtwK_nTdG7LzvGcEN29V8k3zrOiP5Pbqey5v5TfO7Sc6en_wsIuip97SlKAatnJ3VLKu9no2cyDnCUnC9TuntlYdGR4snxH6Y5IpXPkFy8JOiG1XrCNULJoPo7dCeP7wBmwED54aoGSd84_j3iaS2ciWpKnl6wclzSo1N7U8kykVtx1_cpIyBr0xxxxhj8vjz_o7TFKnXbVjCXEFGOATGDDi6oXj7u9IRDXgs2OawVE1RVdrZRXutpB-MSz-_ACh4JRWVL1PHN8KOh3FcqOWjNhqBE0GGw5EGLXNP_mr1y8r5DvziAPifHGutz18qSqPjIEWxY8pJXdDGr-D4HY64jWINsV7q11acyhlXoiNVrgSDwGKZYC1J5kfNt8p0ZrfpSTtsfVdoLcuXtgTchvO4Zh7tCeCoyG-aHuHLNbAg2W53I6A81fk89jdlr5wrR_w5QkYS_rzQuentzyfeC3Rw7NhMbHET_cl7GZz17zybylSuFUsn3GHOD1f-FbfChGNG7i0OpctKhJiavyAROsbVLh9kwb5v9DWXFy_MsOXFauZdqSIgdYOSCTN4C0yEG-Ng3TvsqXRcciaToUJ1B1RgxJZLunr8UHTrK_8VujsRi6UWTVh7Y_uYsfyx-D3bp88J6geG-1W3a0hPH3Q6GY1nRl9qXPiUiaH5kce05Ge_AS7tV8AP7EOl2SOcy9tlPooGsLyUiwV-D1OJ2a94YP8WT4qlYaPbTknCiRlMt56RYuN2KDttuKKiiVBHw334rtwLKukHE8NlVo5azjd0mKNw5tZjMKmbueae-ueHE_FhSb0QPjz2v6vJyg7qO20lDyXwKoZDVINQxvoYatUpcDKiJK7hc43Fuc52VClYLf-8qKMdnhoA8oBZffCPqVyhk_3z_YPgYLWQbA43mmIakkUal1PLI6INghOAiuw4fH4zDuKQVB38AzkxqgaQO_9fgc3z7wdUIWRqMutPddQ9qZ_dUL6VYLX8LbHc_VKCOG1UW6bnc151oUpL1e7TwS4AbdNXdJcJCFTXwtVjgUgMQIm4ed6Kd7v5i2ikjj2ASExpEL2rfvv6-w4v_TsjDB3sK1oWurcahZycEq9685qXsPS660L9MEM3iGDE4l3_lyvBUZUJAHx_GY_9t6hg8F6iemfQoyYCluiRHgk94OLA_9MAEqyBwyrVfdiaFtsoaQ4eeQU6k2AWP8u8MJbytQk57S4TmaTa9X9ZoKPybtDuWuPyJjVGFKYWn-bi7DhHXkzVR5Z7gCnmSxXfQcBHKYtfwEQz1Wu_tdvDhu_WFl5o7Dk8Md8iidYTcifiQWLIr47Csp0omVVsMn1uRMMdlfaQJ1G5nnv2cQXYmxxZg2RFKZX4vMUS1HBHVRsdwIVqRauzhGAR6mfodPOPm60HSXvEgQ_AtxI5YUJHcZM-pYJ1eae5zVhXviF9R70b3R0Llg_NvYA_HNxMDJ8XMIaxnwKkLWO3CbrCUy3OnOnZqxYBP2Hmg9udQCQ7Gjkq-riw-SXkKEQWqKvP-31QHPlNRVg2EXZPjmyinXB5TVKuRqbHzBXwFBxH11DohhfOFFMeNDQOEWg9VRGfkXAX1-CXdpsRDrRyWZnQ4U2o8CYKd_paTjLEWnRnV0DCPKmk4QhTWfb6ARwnGnJpylB2bOfPH1RBKNoRbD68te-ML5cjCVhKBfoD8udRA3inRCz-5ris6K4lZlPxJN4vmOPZEAVAywVY1kWtUTgnEoAduV-80uKgo7MOC7OctlHbPf0hw3jI0sLlzqlNxSNcXhPzq85MGQtv0WdtAQueogZTm0KaqEFXU46xdV6poNsxU4CNfPVC9gIBb74SyT1PaYtNW0nu6F3a7yiJN644ao1Ccs0nDEkGPvDlSYHKkSBT9z-e1DlDopquAZ8T8n_xbltJnt0OXKU8XQ3Gbub1c4RQ8kqHqlJ-j-VQiaQs9CqsuzaoealIflBp-YlCfjpYnA3SCSShd2VvENu0wIkTn_gRjcuUU_56XAcwI1xHjsXjdh-Ad5tqqmxHhoc4jnUpihwzjGlHDz2X02sNCu1QmA5FveXEwcjTPfG3HuHQKaeUaZjIHrl3O1i3Hdm8fKVo1MmkgkpWcAQ-r-yeXQHy7B9ntwjm0q3iDZZqHVzTmGDdWHD1vnJSpEioc508OkGpThOlqhBdpovZTheP4I6szzoTLpyZQVrDCgvaPFPjR3Q3SLpl0CpIOu1JOA-n3AfE-JIWVfgMhsC9evm8SNhBU7zgXBY-biWuk76lbbPYPHtqVnb88Ef_RleZhfDDR2mCZkBkeQbB3YVrmsEYBDuabO3UN_VD8jEDuiQZruGJEsba1l2tg7fj7PFH6D-k1p0j0jN5PvFpoAGh9CF91rvmdI2a2A_HPV2rTAvHFehuMZ2THbKeE0rDQXBU9dBymbSBTW0YFNCJt_K_R_pSxWqAKvkW1QieN-Fas2hA1zyxEWXSBfjYdS_RVs-o03BmyDtatnCA5xJ4-BZNBI_Uw9HQFdHi99tHQE5dd4BvxrKgGcgSLEuy7_PUtZgYc5b2N_P00C8D2w1x_-NJ6myO2P5zHZHzHD-CH-Qo2Qjf3GQwqzMFs3LxcCcYh0bjF1ROSIJ5PjL-cQayHuTzSJzf2hY98vlrIm6WW2R6hpDCAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgE2AB&ias_dspID=3&ias_campId=28377781&ias_pubId=pub-7872228587460333&ias_chanId=1&ias_placementId=17661916541&bidurl=https://pelotainvernal.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jcwAABZPREP4vDuzyqdFvm&adsafe_url=https%3A%2F%2Fpelotainvernal.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpelotainvernal.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:524e230d-316b-7077-1c41-9884a355f148,c:wQM9gk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-f857cd7bf-gl4g4,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c*.1014661-62144022%7C1c1%7C1c21%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:b1e4abdd-7c4e-11ed-8bbe-16eb003ef668,v:19.8.377,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:41:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
69591
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 12:41:44 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2052 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfmbDELNjJL0BvkmjVu7o-sfZTPyVn20-_PLu-sfwCv3W9ypfotV2WXeKYGEjdxUhPFnNipjIWSIGWso3ZxliXgvus20tD97Wto-v0Dl2zCUztrcwoH0VQgTzeu4PeGAOH9eo7leA1KdbZnfstAkzGIzG_g2U2f6kupT-yCLWtKaHBOTAGBYVVZSrt7ypX0Vn3XHbl0JgCDRpYaiE&sai=AMfl-YT7aOZb587hwhlaAVXDs44BHg0jUwfnDN4XVQPEt1k8rPwIEAUcdevwlg2GQsaQXfupssIVzS0EloTZKOLizCH4TlYOKFrAnV2AODjeiDHzcSOkgZK_Kpb03AP92q4kqxHRTTU3IdWxlU6XSGL7h652yaQ&sig=Cg0ArKJSzAMtG_iCgytUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221207.23474&arae=0&ftch=1&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1014661/62144022/xbbe/creative/adj?p=APEucNVsvVz9eEDWldUZydTk3vYU7YjQeMf6hB1O_5BRnQL7RayN2KE&d=CokBAKAmf-Cm6P1IkIQhzXm-3qcAk5VPBJLwtLYZH61TMMG9FVnY-ob6aYUd_wV7Cco1LJ-BBjU4xkhVXgEg_eztzAz0B4UTi2JuPHSGF_DXWQSAm6WHtZU9nOdyOg0MPyOKbjiBM6_5kJEpcqVGYrHOl2KHkxXsY-isaFkQip_E6hV4Cyt12mC7dcoSuRMAoCZ_4P9y61Y0lXA3H6GkBiQRGiSdZmiO1fbBSwXzAj1XD545pURSxRUXOqELoLYViYjNalgk9Sj5H7PfC0Ucl8nm63ZVUX7dw3xsY3YEyypFmKffR97r3SkI8XohcaVsvtY4CZr4GmRXxc-yQrZS6ShPUoR1gkbv9j7cvGrvoSBpWT5yqMwU-wAvwxEhu9hh6bTE5wRcwFxH7sp-o9qEx-U4TO1A_SX7njw2nFE6VIR2KgR0zSqI79rCdBrvki11ZdqEqv6y9YXg6OWB8rnyOSw-6xMj1yzm5rSbKzS88dZRHxQwZxQcltlUCPO7w2RkS5v8sTsdgSlNr5XUNxpnmKax23rZQ4XJqSoZevPK0lGjQoRK5hM7n5M0DN8FiXZsNhZTYRZhKYwt0RL9TTqNDvavY5oNrAizBNBq7m-_m_Ze5j_aXJB73Eqq3vp2E_f7QNvOGPvt4ka_LHCzpS4qFb7G8f9CIxiBumRYnf9WFTad7WwQony7l0mBEip_cfumAdwRdVUAWqGX0HsfTf45uEG6ysq_VIRu2-JJUSKsX0LwPOfJXScrME7iRbpkKrGi3Fns8bplYflCHhU6QV9xknPUj6lQREb6dg5GldfeB67nY7oBf2Ns7vfo1eyXnVK8Q49iZz4HAGKRCCOnvbpezBnXJsKyQi2mGy1ARtwK_nTdG7LzvGcEN29V8k3zrOiP5Pbqey5v5TfO7Sc6en_wsIuip97SlKAatnJ3VLKu9no2cyDnCUnC9TuntlYdGR4snxH6Y5IpXPkFy8JOiG1XrCNULJoPo7dCeP7wBmwED54aoGSd84_j3iaS2ciWpKnl6wclzSo1N7U8kykVtx1_cpIyBr0xxxxhj8vjz_o7TFKnXbVjCXEFGOATGDDi6oXj7u9IRDXgs2OawVE1RVdrZRXutpB-MSz-_ACh4JRWVL1PHN8KOh3FcqOWjNhqBE0GGw5EGLXNP_mr1y8r5DvziAPifHGutz18qSqPjIEWxY8pJXdDGr-D4HY64jWINsV7q11acyhlXoiNVrgSDwGKZYC1J5kfNt8p0ZrfpSTtsfVdoLcuXtgTchvO4Zh7tCeCoyG-aHuHLNbAg2W53I6A81fk89jdlr5wrR_w5QkYS_rzQuentzyfeC3Rw7NhMbHET_cl7GZz17zybylSuFUsn3GHOD1f-FbfChGNG7i0OpctKhJiavyAROsbVLh9kwb5v9DWXFy_MsOXFauZdqSIgdYOSCTN4C0yEG-Ng3TvsqXRcciaToUJ1B1RgxJZLunr8UHTrK_8VujsRi6UWTVh7Y_uYsfyx-D3bp88J6geG-1W3a0hPH3Q6GY1nRl9qXPiUiaH5kce05Ge_AS7tV8AP7EOl2SOcy9tlPooGsLyUiwV-D1OJ2a94YP8WT4qlYaPbTknCiRlMt56RYuN2KDttuKKiiVBHw334rtwLKukHE8NlVo5azjd0mKNw5tZjMKmbueae-ueHE_FhSb0QPjz2v6vJyg7qO20lDyXwKoZDVINQxvoYatUpcDKiJK7hc43Fuc52VClYLf-8qKMdnhoA8oBZffCPqVyhk_3z_YPgYLWQbA43mmIakkUal1PLI6INghOAiuw4fH4zDuKQVB38AzkxqgaQO_9fgc3z7wdUIWRqMutPddQ9qZ_dUL6VYLX8LbHc_VKCOG1UW6bnc151oUpL1e7TwS4AbdNXdJcJCFTXwtVjgUgMQIm4ed6Kd7v5i2ikjj2ASExpEL2rfvv6-w4v_TsjDB3sK1oWurcahZycEq9685qXsPS660L9MEM3iGDE4l3_lyvBUZUJAHx_GY_9t6hg8F6iemfQoyYCluiRHgk94OLA_9MAEqyBwyrVfdiaFtsoaQ4eeQU6k2AWP8u8MJbytQk57S4TmaTa9X9ZoKPybtDuWuPyJjVGFKYWn-bi7DhHXkzVR5Z7gCnmSxXfQcBHKYtfwEQz1Wu_tdvDhu_WFl5o7Dk8Md8iidYTcifiQWLIr47Csp0omVVsMn1uRMMdlfaQJ1G5nnv2cQXYmxxZg2RFKZX4vMUS1HBHVRsdwIVqRauzhGAR6mfodPOPm60HSXvEgQ_AtxI5YUJHcZM-pYJ1eae5zVhXviF9R70b3R0Llg_NvYA_HNxMDJ8XMIaxnwKkLWO3CbrCUy3OnOnZqxYBP2Hmg9udQCQ7Gjkq-riw-SXkKEQWqKvP-31QHPlNRVg2EXZPjmyinXB5TVKuRqbHzBXwFBxH11DohhfOFFMeNDQOEWg9VRGfkXAX1-CXdpsRDrRyWZnQ4U2o8CYKd_paTjLEWnRnV0DCPKmk4QhTWfb6ARwnGnJpylB2bOfPH1RBKNoRbD68te-ML5cjCVhKBfoD8udRA3inRCz-5ris6K4lZlPxJN4vmOPZEAVAywVY1kWtUTgnEoAduV-80uKgo7MOC7OctlHbPf0hw3jI0sLlzqlNxSNcXhPzq85MGQtv0WdtAQueogZTm0KaqEFXU46xdV6poNsxU4CNfPVC9gIBb74SyT1PaYtNW0nu6F3a7yiJN644ao1Ccs0nDEkGPvDlSYHKkSBT9z-e1DlDopquAZ8T8n_xbltJnt0OXKU8XQ3Gbub1c4RQ8kqHqlJ-j-VQiaQs9CqsuzaoealIflBp-YlCfjpYnA3SCSShd2VvENu0wIkTn_gRjcuUU_56XAcwI1xHjsXjdh-Ad5tqqmxHhoc4jnUpihwzjGlHDz2X02sNCu1QmA5FveXEwcjTPfG3HuHQKaeUaZjIHrl3O1i3Hdm8fKVo1MmkgkpWcAQ-r-yeXQHy7B9ntwjm0q3iDZZqHVzTmGDdWHD1vnJSpEioc508OkGpThOlqhBdpovZTheP4I6szzoTLpyZQVrDCgvaPFPjR3Q3SLpl0CpIOu1JOA-n3AfE-JIWVfgMhsC9evm8SNhBU7zgXBY-biWuk76lbbPYPHtqVnb88Ef_RleZhfDDR2mCZkBkeQbB3YVrmsEYBDuabO3UN_VD8jEDuiQZruGJEsba1l2tg7fj7PFH6D-k1p0j0jN5PvFpoAGh9CF91rvmdI2a2A_HPV2rTAvHFehuMZ2THbKeE0rDQXBU9dBymbSBTW0YFNCJt_K_R_pSxWqAKvkW1QieN-Fas2hA1zyxEWXSBfjYdS_RVs-o03BmyDtatnCA5xJ4-BZNBI_Uw9HQFdHi99tHQE5dd4BvxrKgGcgSLEuy7_PUtZgYc5b2N_P00C8D2w1x_-NJ6myO2P5zHZHzHD-CH-Qo2Qjf3GQwqzMFs3LxcCcYh0bjF1ROSIJ5PjL-cQayHuTzSJzf2hY98vlrIm6WW2R6hpDCAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgE2AB&ias_dspID=3&ias_campId=28377781&ias_pubId=pub-7872228587460333&ias_chanId=1&ias_placementId=17661916541&bidurl=https://pelotainvernal.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jcwAABZPREP4vDuzyqdFvm&adsafe_url=https%3A%2F%2Fpelotainvernal.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpelotainvernal.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:524e230d-316b-7077-1c41-9884a355f148,c:wQM9gk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-f857cd7bf-gl4g4,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c*.1014661-62144022%7C1c1%7C1c21%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:b1e4abdd-7c4e-11ed-8bbe-16eb003ef668,v:19.8.377,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 08:01:35 GMT
6137778444009705737
s0.2mdn.net/simgad/ Frame 2052 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6137778444009705737
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95a6c7d00feb6f985bd9e15fba7bbd6b4d2a26c39f6f52aaf4be4cfd9164da52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 05:01:34 GMT
x-content-type-options
nosniff
age
529201
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57421
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 13:27:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 05:01:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B56D 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e01985774488a39ff9cd287bdf2d43ba8b813f248d07c9e588dfbd5eddd19da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5730
x-xss-protection
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:35 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671091295812067-401
Expires
Thu, 15 Dec 2022 08:01:35 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V051PRT9N6GKYRY4KKGV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:35 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671091295806061-366
Expires
Thu, 15 Dec 2022 08:01:35 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 6EC8 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 20:48:04 GMT
x-content-type-options
nosniff
age
472411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18688
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 20:48:04 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 6EC8 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 17:51:13 GMT
x-content-type-options
nosniff
age
223822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:51:13 GMT
Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 6EC8 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:05:28 GMT
x-content-type-options
nosniff
age
503767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20496
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 12:05:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2052 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfmbDELNjJL0BvkmjVu7o-sfZTPyVn20-_PLu-sfwCv3W9ypfotV2WXeKYGEjdxUhPFnNipjIWSIGWso3ZxliXgvus20tD97Wto-v0Dl2zCUztrcwoH0VQgTzeu4PeGAOH9eo7leA1KdbZnfstAkzGIzG_g2U2f6kupT-yCLWtKaHBOTAGBYVVZSrt7ypX0Vn3XHbl0JgCDRpYaiE&sai=AMfl-YT7aOZb587hwhlaAVXDs44BHg0jUwfnDN4XVQPEt1k8rPwIEAUcdevwlg2GQsaQXfupssIVzS0EloTZKOLizCH4TlYOKFrAnV2AODjeiDHzcSOkgZK_Kpb03AP92q4kqxHRTTU3IdWxlU6XSGL7h652yaQ&sig=Cg0ArKJSzAMtG_iCgytUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=67&vt=11&dtpt=66&dett=2&cstd=0&cisv=r20221207.23474&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1014661/62144022/xbbe/creative/adj?p=APEucNVsvVz9eEDWldUZydTk3vYU7YjQeMf6hB1O_5BRnQL7RayN2KE&d=CokBAKAmf-Cm6P1IkIQhzXm-3qcAk5VPBJLwtLYZH61TMMG9FVnY-ob6aYUd_wV7Cco1LJ-BBjU4xkhVXgEg_eztzAz0B4UTi2JuPHSGF_DXWQSAm6WHtZU9nOdyOg0MPyOKbjiBM6_5kJEpcqVGYrHOl2KHkxXsY-isaFkQip_E6hV4Cyt12mC7dcoSuRMAoCZ_4P9y61Y0lXA3H6GkBiQRGiSdZmiO1fbBSwXzAj1XD545pURSxRUXOqELoLYViYjNalgk9Sj5H7PfC0Ucl8nm63ZVUX7dw3xsY3YEyypFmKffR97r3SkI8XohcaVsvtY4CZr4GmRXxc-yQrZS6ShPUoR1gkbv9j7cvGrvoSBpWT5yqMwU-wAvwxEhu9hh6bTE5wRcwFxH7sp-o9qEx-U4TO1A_SX7njw2nFE6VIR2KgR0zSqI79rCdBrvki11ZdqEqv6y9YXg6OWB8rnyOSw-6xMj1yzm5rSbKzS88dZRHxQwZxQcltlUCPO7w2RkS5v8sTsdgSlNr5XUNxpnmKax23rZQ4XJqSoZevPK0lGjQoRK5hM7n5M0DN8FiXZsNhZTYRZhKYwt0RL9TTqNDvavY5oNrAizBNBq7m-_m_Ze5j_aXJB73Eqq3vp2E_f7QNvOGPvt4ka_LHCzpS4qFb7G8f9CIxiBumRYnf9WFTad7WwQony7l0mBEip_cfumAdwRdVUAWqGX0HsfTf45uEG6ysq_VIRu2-JJUSKsX0LwPOfJXScrME7iRbpkKrGi3Fns8bplYflCHhU6QV9xknPUj6lQREb6dg5GldfeB67nY7oBf2Ns7vfo1eyXnVK8Q49iZz4HAGKRCCOnvbpezBnXJsKyQi2mGy1ARtwK_nTdG7LzvGcEN29V8k3zrOiP5Pbqey5v5TfO7Sc6en_wsIuip97SlKAatnJ3VLKu9no2cyDnCUnC9TuntlYdGR4snxH6Y5IpXPkFy8JOiG1XrCNULJoPo7dCeP7wBmwED54aoGSd84_j3iaS2ciWpKnl6wclzSo1N7U8kykVtx1_cpIyBr0xxxxhj8vjz_o7TFKnXbVjCXEFGOATGDDi6oXj7u9IRDXgs2OawVE1RVdrZRXutpB-MSz-_ACh4JRWVL1PHN8KOh3FcqOWjNhqBE0GGw5EGLXNP_mr1y8r5DvziAPifHGutz18qSqPjIEWxY8pJXdDGr-D4HY64jWINsV7q11acyhlXoiNVrgSDwGKZYC1J5kfNt8p0ZrfpSTtsfVdoLcuXtgTchvO4Zh7tCeCoyG-aHuHLNbAg2W53I6A81fk89jdlr5wrR_w5QkYS_rzQuentzyfeC3Rw7NhMbHET_cl7GZz17zybylSuFUsn3GHOD1f-FbfChGNG7i0OpctKhJiavyAROsbVLh9kwb5v9DWXFy_MsOXFauZdqSIgdYOSCTN4C0yEG-Ng3TvsqXRcciaToUJ1B1RgxJZLunr8UHTrK_8VujsRi6UWTVh7Y_uYsfyx-D3bp88J6geG-1W3a0hPH3Q6GY1nRl9qXPiUiaH5kce05Ge_AS7tV8AP7EOl2SOcy9tlPooGsLyUiwV-D1OJ2a94YP8WT4qlYaPbTknCiRlMt56RYuN2KDttuKKiiVBHw334rtwLKukHE8NlVo5azjd0mKNw5tZjMKmbueae-ueHE_FhSb0QPjz2v6vJyg7qO20lDyXwKoZDVINQxvoYatUpcDKiJK7hc43Fuc52VClYLf-8qKMdnhoA8oBZffCPqVyhk_3z_YPgYLWQbA43mmIakkUal1PLI6INghOAiuw4fH4zDuKQVB38AzkxqgaQO_9fgc3z7wdUIWRqMutPddQ9qZ_dUL6VYLX8LbHc_VKCOG1UW6bnc151oUpL1e7TwS4AbdNXdJcJCFTXwtVjgUgMQIm4ed6Kd7v5i2ikjj2ASExpEL2rfvv6-w4v_TsjDB3sK1oWurcahZycEq9685qXsPS660L9MEM3iGDE4l3_lyvBUZUJAHx_GY_9t6hg8F6iemfQoyYCluiRHgk94OLA_9MAEqyBwyrVfdiaFtsoaQ4eeQU6k2AWP8u8MJbytQk57S4TmaTa9X9ZoKPybtDuWuPyJjVGFKYWn-bi7DhHXkzVR5Z7gCnmSxXfQcBHKYtfwEQz1Wu_tdvDhu_WFl5o7Dk8Md8iidYTcifiQWLIr47Csp0omVVsMn1uRMMdlfaQJ1G5nnv2cQXYmxxZg2RFKZX4vMUS1HBHVRsdwIVqRauzhGAR6mfodPOPm60HSXvEgQ_AtxI5YUJHcZM-pYJ1eae5zVhXviF9R70b3R0Llg_NvYA_HNxMDJ8XMIaxnwKkLWO3CbrCUy3OnOnZqxYBP2Hmg9udQCQ7Gjkq-riw-SXkKEQWqKvP-31QHPlNRVg2EXZPjmyinXB5TVKuRqbHzBXwFBxH11DohhfOFFMeNDQOEWg9VRGfkXAX1-CXdpsRDrRyWZnQ4U2o8CYKd_paTjLEWnRnV0DCPKmk4QhTWfb6ARwnGnJpylB2bOfPH1RBKNoRbD68te-ML5cjCVhKBfoD8udRA3inRCz-5ris6K4lZlPxJN4vmOPZEAVAywVY1kWtUTgnEoAduV-80uKgo7MOC7OctlHbPf0hw3jI0sLlzqlNxSNcXhPzq85MGQtv0WdtAQueogZTm0KaqEFXU46xdV6poNsxU4CNfPVC9gIBb74SyT1PaYtNW0nu6F3a7yiJN644ao1Ccs0nDEkGPvDlSYHKkSBT9z-e1DlDopquAZ8T8n_xbltJnt0OXKU8XQ3Gbub1c4RQ8kqHqlJ-j-VQiaQs9CqsuzaoealIflBp-YlCfjpYnA3SCSShd2VvENu0wIkTn_gRjcuUU_56XAcwI1xHjsXjdh-Ad5tqqmxHhoc4jnUpihwzjGlHDz2X02sNCu1QmA5FveXEwcjTPfG3HuHQKaeUaZjIHrl3O1i3Hdm8fKVo1MmkgkpWcAQ-r-yeXQHy7B9ntwjm0q3iDZZqHVzTmGDdWHD1vnJSpEioc508OkGpThOlqhBdpovZTheP4I6szzoTLpyZQVrDCgvaPFPjR3Q3SLpl0CpIOu1JOA-n3AfE-JIWVfgMhsC9evm8SNhBU7zgXBY-biWuk76lbbPYPHtqVnb88Ef_RleZhfDDR2mCZkBkeQbB3YVrmsEYBDuabO3UN_VD8jEDuiQZruGJEsba1l2tg7fj7PFH6D-k1p0j0jN5PvFpoAGh9CF91rvmdI2a2A_HPV2rTAvHFehuMZ2THbKeE0rDQXBU9dBymbSBTW0YFNCJt_K_R_pSxWqAKvkW1QieN-Fas2hA1zyxEWXSBfjYdS_RVs-o03BmyDtatnCA5xJ4-BZNBI_Uw9HQFdHi99tHQE5dd4BvxrKgGcgSLEuy7_PUtZgYc5b2N_P00C8D2w1x_-NJ6myO2P5zHZHzHD-CH-Qo2Qjf3GQwqzMFs3LxcCcYh0bjF1ROSIJ5PjL-cQayHuTzSJzf2hY98vlrIm6WW2R6hpDCAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgE2AB&ias_dspID=3&ias_campId=28377781&ias_pubId=pub-7872228587460333&ias_chanId=1&ias_placementId=17661916541&bidurl=https://pelotainvernal.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jcwAABZPREP4vDuzyqdFvm&adsafe_url=https%3A%2F%2Fpelotainvernal.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpelotainvernal.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:524e230d-316b-7077-1c41-9884a355f148,c:wQM9gk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-f857cd7bf-gl4g4,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c*.1014661-62144022%7C1c1%7C1c21%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:b1e4abdd-7c4e-11ed-8bbe-16eb003ef668,v:19.8.377,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 08:01:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 73FC 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
65775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 13:45:20 GMT
etag
48472445140208031
expires
Thu, 15 Dec 2022 13:45:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2052 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf01df540711dce7335fe8e5a9c1a4ae78d4b1cf179aec4bbc58071bdbfb0dc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B56D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 08:01:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ACAE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7Qj0X9SaY5W2BpDggQfC2aG4CQAAAAA4AeAEAg&bg=!oaKloubNAAYgquz3AKo7ACkAdvg8WhO8KFfMFvKZ6RojFSwZESumwbKcNngWQOnG6a-X9Mk6O2QxegIAAAHKUgAAAAJoAQeZAzGI0anWr3IkabdyAHjN_YICq5CWTKPLLCrVBgUAaLQZLatU9uztTdwSoNf5dikv4uV_YETWyY_ApqTGJ1Jcri1E5iuB1wGUYTXgB7eX-bUoi9PCbeNX8_Fcoo2Sf_yjdpooeDMe7f4FklBN-V5_xhLgWQdPJff4eVirSAAnNMwSEADS4BALW_mkqJZkAF1O7wPbKr_vWGoN2S1Nk-HZBmCObKMErFtyPQCy9_708tckNdjbpT8DipTXiSsWdmJm0_IOoo_baZpx3sjle7t6fBjXuyg2rp4EstXaV2ULXDoMaJGg66Cw76tuSPDcX8bl0WCjDK-eapjqYAFjdSKEBWgO6BWPR4_0OUHNKh-IPXs3ZuqzRCn3uoQ2eS5XsJkxkKuxGVbAn8DS-iQYi4tg6zMcCRk4O71cBC3EPAGvIG-OnzVsyihVwJ7OQK_XvTzRSTLyFBRxDPfgVohtTKfWLfCU02Y5ckO_lb-FVRhMa4i3_gh5bL-AHQNKLR9O_Xpk2r_9KzDOjqQst6BeFTzJOyOxprbkQRcMbUvaAiaFtHHttuYRyh8zaXuSVCa2DccO3-J0btt5PJ9SzoBTHipEiPqE2GsbcJeWdkUh_os_tsElUiT1Z0kUDkZNKEaXy1_zjQ8RkjS4Nl6_pyS1Ka92Zy0ipTJ-Zj1KanngrgP5PCF_HXQEsKJKu95cnGF1LmoFaOGvkiEVcfftctvAT75rgTTBgYUQstG-2_5H_JsGdIMhVIm6AZZuMnc4KGtlBRYqx_mqzZCggtPVHHxhiCmNZpNxYP1hLLkA15CH2hvhCjzE8pzWbT7PEcWGlMTQxYDCGbwTKmEzfLogzVBO2mI-uXeaG64EX5lxRGOUDSK6b9V_e5Vo3sB5crqWKgwHmn7IkH4bHK2TzwFgrlR0PzKhlFlpu2N3l3cL5kEA6hsoa_ehoraO0z63gx8D01Mqa7OBlDmGp2rIZFgmApIIyuSYgv844ehK8rf9rMSwQPe_qJE-sVTTAfun3JASFBXZizfgP30mcVcJjjzfnTGMUdpbxo6AobZQSVo5A64pVGzqv2_hrqjTG5rvkXidpE7lLoh7YTxd
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
t
t.lkqd.net/ Frame 40E2 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
dt
dt.adsafeprotected.com/ Frame 2052 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1014661&asId=524e230d-316b-7077-1c41-9884a355f148&tv=%7Bc:wQM9py,pingTime:-10,time:596,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671091296020%7C%7C84b7eeccf5937a1a97966ced12ad7a3b%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7Cae121358eda1ff42f7c89034f9e79ef4%7C%7C6a9a640d40c79e87d09d0cd06ee999af%7C%7C026321f8a9ebb4848969bbad07f4ddf2%7C%7C9fc58377573cccd44b0b9507c1ee8361%7C%7C8b648db8fb0589718841e3d8d2433c66%7C%7C1663701684,im:%7BpWait:41,pci:%7Btdr:554%7D%7D%7D
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dpixel
cms.quantserve.com/ Frame 73FC 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFGgo3OcIqHEutjomioAMZc&google_cver=1&google_push=AavPq0OJAoScVNb5Y6WLpaYWzk-DYZdqXDKKOFqsKSbQgeKbeZBsFRfSBqq94dHIrO_AfTUAMXkjEtrdHBUXliHx-Ha5TbIsa8Q
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 73FC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAo6cfTMUJp1KpAsprVnBZQ&google_cver=1&google_push=AavPq0NdWG033oeHLHbTU1Raji0rVzMHiGt3vNSqkB22cfkel0EcYTqYaNsknpxewqKyPJxwfxtLPDVgZZOi531x...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3RNjmtRfTACgO8DLpZJ0Kw&google_push=AavPq0NdWG033oeHLHbTU1Raji0rVzMHiGt3vNSqkB22cfkel0EcYTqYaNsknpxewqKyPJxwfxtLPDVgZZOi531x4pdGCVfv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3RNjmtRfTACgO8DLpZJ0Kw&google_push=AavPq0NdWG033oeHLHbTU1Raji0rVzMHiGt3vNSqkB22cfkel0EcYTqYaNsknpxewqKyPJxwfxtLPDVgZZOi531x4pdGCVfvfLK_
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 15 Dec 2022 08:01:36 GMT
Server
MT3 224 5671b77 master zrh-pixel-x4 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3RNjmtRfTACgO8DLpZJ0Kw&google_push=AavPq0NdWG033oeHLHbTU1Raji0rVzMHiGt3vNSqkB22cfkel0EcYTqYaNsknpxewqKyPJxwfxtLPDVgZZOi531x4pdGCVfvfLK_
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 08:01:35 GMT
pixel
cm.g.doubleclick.net/ Frame 73FC
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAfWYdjAgA8K2hhWOFy4jJE&google_cver=1&google_push=AavPq0P58MenIgisRq3Y3P5TCCsvdxDsLT7WDALhCjZVg-uGJFR-lFtsAsbPsFxq7cmqlCUbvGAjBfCR_Hz...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0P58MenIgisRq3Y3P5TCCsvdxDsLT7WDALhCjZVg-uGJFR-lFtsAsbPsFxq7cmqlCUbvGAjBfCR_Hz1J0GqWpk7rutugHAB&google_hm=95sRZe7gTKq7S5TUyt3o7xQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0P58MenIgisRq3Y3P5TCCsvdxDsLT7WDALhCjZVg-uGJFR-lFtsAsbPsFxq7cmqlCUbvGAjBfCR_Hz1J0GqWpk7rutugHAB&google_hm=95sRZe7gTKq7S5TUyt3o7xQ
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0P58MenIgisRq3Y3P5TCCsvdxDsLT7WDALhCjZVg-uGJFR-lFtsAsbPsFxq7cmqlCUbvGAjBfCR_Hz1J0GqWpk7rutugHAB&google_hm=95sRZe7gTKq7S5TUyt3o7xQ
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 73FC
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEI_1IXXWuYMdxwyskUyCquE&google_cver=1&google_push=AavPq0Nt__WpP8VM_VorxW3aWJJrpeQ6XHqtxr60CJ5Ft9S2lD9PzgD2SZtNcCcOVndTc44Od5MB7_Jkvkdg3m...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0Nt__WpP8VM_VorxW3aWJJrpeQ6XHqtxr60CJ5Ft9S2lD9PzgD2SZtNcCcOVndTc44Od5MB7_Jkvkdg3mTS5SbbNsvegmHc&google_hm=hmOa1F8cO5SKKTser...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0Nt__WpP8VM_VorxW3aWJJrpeQ6XHqtxr60CJ5Ft9S2lD9PzgD2SZtNcCcOVndTc44Od5MB7_Jkvkdg3mTS5SbbNsvegmHc&google_hm=hmOa1F8cO5SKKTserA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D639AD45F1C3B948A293B1EACBLIS
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0Nt__WpP8VM_VorxW3aWJJrpeQ6XHqtxr60CJ5Ft9S2lD9PzgD2SZtNcCcOVndTc44Od5MB7_Jkvkdg3mTS5SbbNsvegmHc&google_hm=hmOa1F8cO5SKKTserA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D639AD45F1C3B948A293B1EACBLIS
date
Thu, 15 Dec 2022 08:01:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 73FC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK2edYiUNO2G8Ap71rHQHys&google_cver=1&google_push=AavPq0OURmQDDH2pPeZ0ZmxYaqcgMsQiv5Wsxy5L8RvKNd70yNiINOwhBCeO1Wug8t3vc5oQ25I1emS1...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODc4MTM5ODYxNjkxNjQxMjEwOQ&google_push=AavPq0OURmQDDH2pPeZ0ZmxYaqcgMsQiv5Wsxy5L8RvKNd70yNiINOwhBCeO1Wug8t3vc5oQ25I1em...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODc4MTM5ODYxNjkxNjQxMjEwOQ&google_push=AavPq0OURmQDDH2pPeZ0ZmxYaqcgMsQiv5Wsxy5L8RvKNd70yNiINOwhBCeO1Wug8t3vc5oQ25I1emS16QmlEBu6tuB2Va2HVs-5
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODc4MTM5ODYxNjkxNjQxMjEwOQ&google_push=AavPq0OURmQDDH2pPeZ0ZmxYaqcgMsQiv5Wsxy5L8RvKNd70yNiINOwhBCeO1Wug8t3vc5oQ25I1emS16QmlEBu6tuB2Va2HVs-5
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 73FC
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n1V4jD2vT2yRU_BnTT21RA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n1V4jD2vT2yRU_BnTT21RA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NeSTJ736Hda5xEohkPABw599-Mac9TWskDTNWXbzxjtx0j3ZWKl5DfcZs4cDW88P9HB9rBgtqJxS6IMenHAX-IpcwAzzY
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n1V4jD2vT2yRU_BnTT21RA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NeSTJ736Hda5xEohkPABw599-Mac9TWskDTNWXbzxjtx0j3ZWKl5DfcZs4cDW88P9HB9rBgtqJxS6IMenHAX-IpcwAzzY
date
Thu, 15 Dec 2022 08:01:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 73FC
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFJqhOBni0SXqJ1vbLahI60&google_cver=1&google_push=AavPq0M0-WyMIPa6pjhQXtpemvs6rWUaOOHO0g5nk0qBZb2RXSL35xnOGdTmS8JL8DgcDJSPZ3ieGpQwTBuR-OCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0M0-WyMIPa6pjhQXtpemvs6rWUaOOHO0g5nk0qBZb2RXSL35xnOGdTmS8JL8DgcDJSPZ3ieGpQwTBuR-OCqNKeRrSGvG2t9
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0M0-WyMIPa6pjhQXtpemvs6rWUaOOHO0g5nk0qBZb2RXSL35xnOGdTmS8JL8DgcDJSPZ3ieGpQwTBuR-OCqNKeRrSGvG2t9
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 08:01:36 GMT
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0M0-WyMIPa6pjhQXtpemvs6rWUaOOHO0g5nk0qBZb2RXSL35xnOGdTmS8JL8DgcDJSPZ3ieGpQwTBuR-OCqNKeRrSGvG2t9
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
DA7F-GHfkzmCwPZRajma38cMqX2c2aLC6Rj90ssjk7XCpX5VtJ4a_Q==
attr
cm.g.doubleclick.net/pixel/ Frame 73FC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LaV0vFM5yEFu1xKper4PlNJ33evFp075DwotPdDDjPqbN5KB194CCdjEpRq-QzQFnb4jXf
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 8129 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 06:47:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F4B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BC9IKX9SaY7-GB6WYlQffg6uwAwAAAAA4AeAEAg&bg=!qqmlqe3NAAYgquz3AKo7ACkAdvg8WrQt7AeSalUW9hzjOzO8kBr1MYTHsGMLZ1Io5Ytgp0l4hdCvjQIAAAFhUgAAAAJoAQeZAxHs80VKYx8jGItwG6QjkkAgZguZhFDj6arFvG58NahwJYEI76seQezzz25hH2S3yTBlQT6wChF-wnszson_QCd4xHhAnDXdaQYfPYHFqnj_nqE-vdmyPkeI8kWqtZHthLjWL5YLBOge3lRRxL4258ET7djBfkN46xykzAgRnoIDZ88824yFXKIfGCjMza7Bb_VTd5N2uyYTNjsVDZOb6_tcA7dofYFKWxvq4mQvPhCibhhCOBg8ibeqFUPLhPV0NLCYRlRO47bWVFnQxEEtjWJZT1ywsLmEsOch3UQPxvKELGh3aDyQp4DrS1QurXICMn9g7zmD84zFNiTrhiapuV-8zG8fbi2_Bqn_jm1bsClwFHp5qbUt6xl3sSXdHT4BM0lvuz_d8u8XAt7Wjpn4oAvhWEFw9RBpy7kZyQgPpnldcYVn38qv2hCAsCKfnUzr04kLdGzesdUNH0aW6a8hvLILaz6re-pAmlJHWMBsUm42rFc3NTOyVQAhqBUtbxbrqBuRaXlAyqguT-Pu0_ui2tSS28QyDX-jkovKj1RTasbNvEKfF1FTu3139GZVvxAkQ40EIY79m7rDD5-wF9z4YsZE28JFjjaLkUZOHdqOSgc9XD8Hw6Baeh8f-NL6M0jfPwfPuZHfjyWE_6-abmmUjhPAzfa6a2z-uEKTqqUAqXcPvRTGyUv9FEMtybE0EeSSikT2Hha_c8EfRk3ihU_gtL6hvqSSt3a5VIWbaiTpDF_2KvEpK_YtE6s7UeW3HWqQsDYw0_qfpKS9AadIdXhA9OxQHPxQ2MfksoXnfdglcvLGi7DtPrANS_9KvAuSfhfVQD4jxPNxJn6cJcOdFduAgevpFbdHf2HWwjT1rN_iKcAFG-qNa-zGIHap9OSx9Ws9LR5UWpsjjbhLzagRpeUuaGrvRW_bUliiRM_mvP29ZmLNNbF2WEp4dXZIgf0L7L5B1oOZzEDyBQPkjR2iuXpG9UUkobua472CyjdLr5_TAl7wid269VcZVmR712Wc3Jg2xe_5uyJ7-iyAgCREtfHZe79Tcw
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 6EC8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 06:47:48 GMT
dt
dt.adsafeprotected.com/ Frame 15C1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=e9fccf6c-1904-fbfd-8bff-42d59b5f2d12&tv=%7Bc:wQM9q3,time:532,type:e,im:%7Bpci:%7Btdr:240%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:532,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B525~0%5D,as:%5B525~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c.1014661-62144022%7C1c1%7C1c21%7C1c3%7C1d*.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sis:267%7D&br=c
Requested by
Host: 20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
URL: https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
logo_w_300x600.png
s0.2mdn.net/sadbundle/12067022830250736275/ Frame B56D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12067022830250736275/logo_w_300x600.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c625353285d7d98b8ef8539024d908be74987505dc331a3ccf10711d88e3045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=Cxc9dFEv8F&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 16:25:36 GMT
x-content-type-options
nosniff
age
574560
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2170
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:05:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Dec 2023 16:25:36 GMT
logo_b_300x600.png
s0.2mdn.net/sadbundle/12067022830250736275/ Frame B56D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12067022830250736275/logo_b_300x600.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd335627b30cb609116c9ed19b9e56c8fb0861c6b9d94e25b3e4317e8a3e38dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=Cxc9dFEv8F&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 16:25:36 GMT
x-content-type-options
nosniff
age
574560
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2166
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:05:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Dec 2023 16:25:36 GMT
60026183_20220510011745965_L663_21MY_PHEV_122_GLHD_300x600.jpg
s0.2mdn.net/ads/richmedia/studio/60026183/ Frame B56D 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60026183/60026183_20220510011745965_L663_21MY_PHEV_122_GLHD_300x600.jpg
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4426d9dc1b5ce4b685321f70147ac19b7a6f059bf4267131f6586c55a1ed4b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=Cxc9dFEv8F&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:25:51 GMT
x-content-type-options
nosniff
age
56145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50192
x-xss-protection
0
last-modified
Tue, 10 May 2022 08:17:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Dec 2022 16:25:51 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 15C1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTL4QTpPIe90yGzPT0phUfabAIxbaBDJIvEPWIItBhsqxDDj1weJIGZNirh0Ip7RMVEol0RKyydNVWBCSHXfOvlwmWpe29O2-Cu8ub4Wgyunhv5-GJcoqe3ujq3_2dsBHydl2xPg&sai=AMfl-YSEuzozxySebfgEAOoxgV8O9cyPt4Y6sDfAL7Wgr2NHA4tS82aBu-civjMJUqs3F8T0lJ09vuqthVJzOzVIhijkqpkjZsnAvANIjuGrFBlrqjNg92UhsgXxhb3lQg&sig=Cg0ArKJSzJgpzOZxS98jEAE&cid=CAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgEw&id=lidar2&mcvt=1015&p=574,1408,614,1449&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2344183488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671091294864&rpt=375&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f9079f7a882b55c9ac34c904a8190e206f0b8203b8531d1c99feb31d4a34c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11144
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 2052 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1014661&asId=524e230d-316b-7077-1c41-9884a355f148&tv=%7Bc:wQM9vC,time:972,type:e,im:%7BpLoad:884%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:349,o:623,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B616~0%5D,as:%5B616~728.90%5D%7D%7D,%7Bsl:i,t:623,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B349~100%5D,as:%5B349~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:288,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c*.1014661-62144022%7C1c1%7C1c21%7C1d.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:25,sis:385%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 08:01:36 GMT
ad
v.lkqd.net/ Frame A4FF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=29050910&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0e56bd4257c01a9b0c966f0e21a5491a45af5ec6fe2ada3701b3956d34cf8de4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:36 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1402
dt
dt.adsafeprotected.com/ Frame 15C1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=e9fccf6c-1904-fbfd-8bff-42d59b5f2d12&tv=%7Bc:wQM9wP,pingTime:-10,time:952,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671091296020%7C%7C84b7eeccf5937a1a97966ced12ad7a3b%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7Cae121358eda1ff42f7c89034f9e79ef4%7C%7C6a9a640d40c79e87d09d0cd06ee999af%7C%7C026321f8a9ebb4848969bbad07f4ddf2%7C%7C9fc58377573cccd44b0b9507c1ee8361%7C%7C8b648db8fb0589718841e3d8d2433c66%7C%7C1663701684,sca:%7Bspg:524e230d-316b-7077-1c41-9884a355f148%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 05FC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
140
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:59:16 GMT
expires
Fri, 15 Dec 2023 07:59:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BA15 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7f63590fb8b8568a328ee5318ca982d6840af2780bc08de720f368e33e5065ed
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n-yNztTtePd3XF5fwhFKHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-n-yNztTtePd3XF5fwhFKHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 08:01:36 GMT
expires
Thu, 15 Dec 2022 08:01:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame BA15 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=2272291473544869&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 05FC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 06:47:48 GMT
vpaid.js
ad.lkqd.net/vpaid/ Frame 48B1 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:36 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1671091296.cds221.fr8.hn,1671091296.cds268.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 8B43 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 15 Dec 2022 08:01:36 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1671091296.cds221.fr8.hn,1671091296.cds226.fr8.c
ad
v.lkqd.net/ Frame 48B1 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=29050910&m=&rtv=1&thost=pelotainvernal.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
8576f9d10865df0e20cd7cc7ab884fc0e52278af6437624cf6adf99a651322a6

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 08:01:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2548
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=29050910&m=&rtv=1&thost=pelotainvernal.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
generate_204
tpc.googlesyndication.com/ Frame 05FC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qQh1eQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cs
cs.lkqd.net/ Frame 8B43
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=aca8e628-d05b-42d1-a220-fb94d013e922
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=aca8e628-d05b-42d1-a220-fb94d013e922
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=aca8e628-d05b-42d1-a220-fb94d013e922
date
Thu, 15 Dec 2022 08:01:36 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 8B43 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 8B43 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 8B43
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 8B43
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Date
Thu, 15 Dec 2022 08:01:36 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame B008 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:36 GMT
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame EB12 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusuBxhp9LELw_X4hl9ePaQISe9JJQo9M3kIdPLJcIA3fg_PZS_PRiAFW-w9poriIYfhPDKCBP4Y5QYZrHxJTVSCWvqnkVmnYaOVYltR-QafKVRK9vwILhq5S4RmG03X7ldl5yD8g&sai=AMfl-YQFIKO79TgGfedwpm2j5xBEkv3Rf2YJRGTm9EdK3GlfFU-8EJDQXkgDKl6a_FrBDbQhRvABzj-frHbytFRqeEe_wIzKfp72wwsI8Zp3ItTK5YbyKQ9fU3xF5Ba5Rg&sig=Cg0ArKJSzMvN2Se85aFdEAE&cid=CAQSOwDq26N9JjYjwvmtwM6_LwJkgh7LhreTnTUakc4N05VLOtA-5aVrfXMRROv7Gb14XR6KN239RcKasAorGAEgEw&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,920,1000,1000,1000&tos=0,920,80,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671091295305&rpt=582&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		831 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C3449937309650904805204685773%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-73.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7789986b617e64614407a82db5bae208bbb3f428bfc31fc25fd1d63a3d66deb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:36 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
831
x-sticky-vk
1671091296880076-398
Expires
Thu, 15 Dec 2022 08:01:36 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2052 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu06gpsfGLrCCHC5UkKJCfwIbrZKh8yVKcujNQxy_sctb3ikzrv_MrIwZVEXmpQuyB3uLH46ylmEUSQYjzNmG7HGRwfYgWToFDmKeOxcrcrbVAJWyQM9Igy3K9Ru-3V_CzQjF4ORg&sai=AMfl-YRtPpukaF2ClIP-NQBg_JkxxXj5ws3Ow2L0fR839ai_CQ7oTLT4oqJWfdv3GStWfr9kjbHqx0HGdZ-Mo9WSFCSJAP60wagd7iPZj_K9gYupL4dqPsTKL7Ir7uMM4Q&sig=Cg0ArKJSzHHK-CkopDMDEAE&cid=CAQSOwDq26N9vvByuPseGdvrdhuqJE-yqz8H1hYM5tJfSzZUfnmCcLsVFHtzK243ClUwThOVsf_exEMTg6KfGAEgEw&id=lidar2&mcvt=1001&p=485,275,575,1003&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1811199381&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671091294855&rpt=1058&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:37 GMT
server
nginx
t
t.lkqd.net/ Frame B008 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 48B1 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 0245 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1671091295.dop223.fr8.t,1671091296.cds158.fr8.shn,1671091296.cds158.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 0245 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1671091297020
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:37 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1671091295.dop145.fr8.t,1671091297.cds246.fr8.shn,1671091297.cds246.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame 0245 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGJsNgM4eB30Pr07uoADD6o&google_cver=1&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671091297049073-342
Expires
Thu, 15 Dec 2022 08:01:37 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 0245 		301 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fpelotainvernal.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-73.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:37 GMT
Server
nginx
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1671091297049006-342
Expires
Thu, 15 Dec 2022 08:01:37 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 0245 		67 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C63065%2C1%2C3449937309650904805204685773%2C%2C&_fw_gdpr_consent=&vav=ef47cfb74be026fdfd48df5a780faa05&vaviv=02efe37fdb61e3ea8385a17b46c587f4&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fpelotainvernal.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-73.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:37 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1671091297038052-423
Expires
Thu, 15 Dec 2022 08:01:37 GMT
dt
dt.adsafeprotected.com/ Frame 2052 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1014661&asId=524e230d-316b-7077-1c41-9884a355f148&tv=%7Bc:wQM9Gd,pingTime:1,time:1629,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:23%7D,%7Bpiv:100,vs:i,r:,t:623%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1006,o:623,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B616~0%5D,as:%5B616~728.90%5D%7D%7D,%7Bsl:i,t:623,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:207,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c*.1014661-62144022%7C1c1%7C1c21%7C1d.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:25,sis:385%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:37 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2052 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1014661&asId=524e230d-316b-7077-1c41-9884a355f148&tv=%7Bc:wQM9Gd,pingTime:1,time:1629,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:23%7D,%7Bpiv:100,vs:i,r:,t:623%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1006,o:623,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B616~0%5D,as:%5B616~728.90%5D%7D%7D,%7Bsl:i,t:623,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:207,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c*.1014661-62144022%7C1c1%7C1c21%7C1d.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:25,sis:385%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:37 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
t
t.lkqd.net/ Frame B008 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:37 GMT
server
nginx
user-matching
ads.stickyadstv.com/ Frame 0245 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7R58J47J1XRBGKJEH704
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671091297039064-353
Expires
Thu, 15 Dec 2022 08:01:37 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671091297075052-422
Expires
Thu, 15 Dec 2022 08:01:37 GMT
t
t.lkqd.net/ Frame B008 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:37 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=2272291473544869&bg=!vr2lvfnNAAYgquz3AKo7ACkAdvg8WmiGitwoIP-pz64Rso2EjTfP2kVvgstp1Lp8fXs-HBHDH9tyQAIAAACXUgAAAANoAQeZAtyfY1k8qbmxRxLLd-Yzvj0n1x2H3wzT8-o54PCw3CEi40UJO9XajX2pwF6wIUJnyrxq_t-Uc4qqZ16zos6KvOTJI-WRVkeMn401WA3eAyk3T-g1SuXJHxo_BDfRnSkTw6v2S0MAH5rdEobKqzRIibF84XuhocdzpcacHgHQeqnHFTvrEJsNqwPNlgQRepya24zX_esekceZkJy20l6yuDHnGUoUp7LQp7DjfKMSllFgt912FiYmLhdrsF9I3PcquNuw4jupD3yfMO0VA09Bw4jRiq4QWpZ5VF6btgPCQVIJeQaWYINX695r28f6isPV_xVvTATRJ9Cx87_MXfZaiy1tDNn4-FQfeSBSfD1jXrYWzFImhiipVkeHUbIV9QH5kWhRlBhauOb0T-kJo9ZxXO0Wwu8m4trYBs5MB7_9WwRN7Cn59_W6KeUrIvZH4x3i--18bAnrfmj9ijyCVx6yXcFYXYClzZBXG9tVBRMdsZduL4-j7QAke-XUeKL7sbIkC1hHbHaff_9sruGMa20ba8p5ngTiidWsk0wm5st2VtnFz0u2rY_eXgusEEX-tvpVo-oIC9PWFHrnXadrP1LCWHbx9faXTrOVoKORL9cI3uHDk0WnfpC9SEmN2sgMLqxMoCNf0hd85D_q0fpX-ifW3RWIgpvryFgMADYH022lU8x41jPhwVj9a4vVFcuYwD6UUvgiO5Lr_bFzynCIHJxtLWsRLdb8rtFmbsAki6b_inL1vQG8xRPLcJZmuHDQty1ojjWYkkqO-Vx3--GcFbUFmPLFFUkJs0j6yC9kZ7neEejRZGgHymvtH3rEQ6GlsskXP6e31Y-x5geNY8kegdsD-xHSlqA4Z713sGXR4vCmwreM6GESUHeiePcDsOoGeVTN1nGoi8980aE7cDyMr62rihzXSwfE3zNHNhRbu64RRJ2q4nQu6vmD5t35a_aCTOmSt3znFRUS-QTYtdzktAM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
bridge
cm.adgrx.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=0
43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=0
Protocol
H2
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:37 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-5
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fx5t%2F7haZlydEd1pvbfCUJCVe2500CH%2BV4aOB74%2FLZwU7GrVbfTE1xkImU1FIqVZA52eSg3Gl8ux%2B1IyUjCAUyJecF85dvH2uuRY0e0rBMy4E%2FDilWrv2Ww5skgIRunXcDcPr5LZ"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=0
cache-control
no-cache
cf-ray
779da7002ee99a2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
cksync.php
cs.media.net/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-68-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:37 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
44
X-MNET-HL2
E
Expires
Thu, 15 Dec 2022 08:01:37 GMT
/
onetag-sys.com/usync/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store
dt
dt.adsafeprotected.com/ Frame 15C1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=e9fccf6c-1904-fbfd-8bff-42d59b5f2d12&tv=%7Bc:wQM9PM,pingTime:1,time:2127,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:21%7D,%7Bpiv:100,vs:i,r:,t:1126%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1126,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1119~0,0~100%5D,as:%5B1119~300.600%5D%7D%7D,%7Bsl:i,t:1126,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c.1014661-62144022%7C1c1%7C1c21%7C1c3%7C1d*.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sis:267%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:37 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 15C1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=e9fccf6c-1904-fbfd-8bff-42d59b5f2d12&tv=%7Bc:wQM9PM,pingTime:1,time:2127,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:21%7D,%7Bpiv:100,vs:i,r:,t:1126%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1126,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1119~0,0~100%5D,as:%5B1119~300.600%5D%7D%7D,%7Bsl:i,t:1126,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c.1014661-62144022%7C1c1%7C1c21%7C1c3%7C1d*.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sis:267%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:37 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ad
v.lkqd.net/ Frame A4FF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=7669971&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
8dc3f10c1ab086694adad7264e89e05ff727bfe3205b471072b251d7f92f5943

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:37 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1401
vpaid.js
ad.lkqd.net/vpaid/ Frame A97E 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:37 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1671091297.cds221.fr8.hn,1671091297.cds268.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 655E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 15 Dec 2022 08:01:37 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1671091297.cds221.fr8.hn,1671091297.cds226.fr8.c
ad
v.lkqd.net/ Frame A97E 		22 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=7669971&m=&rtv=1&thost=pelotainvernal.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
6f936123a8e1632738bfae621c5c358af3b766106058b437c0a2da3615d3054e

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 08:01:38 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3560
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=7669971&m=&rtv=1&thost=pelotainvernal.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 15 Dec 2022 08:01:37 GMT
server
nginx
cs
cs.lkqd.net/ Frame 655E
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=dffcd5d5-377f-4c99-ba8d-de4a96ffe6f8
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=dffcd5d5-377f-4c99-ba8d-de4a96ffe6f8
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=dffcd5d5-377f-4c99-ba8d-de4a96ffe6f8
date
Thu, 15 Dec 2022 08:01:37 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 655E 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 655E 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 655E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 655E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Date
Thu, 15 Dec 2022 08:01:37 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 771E 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:38 GMT
server
nginx
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		831 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C1201141525404280241285854681%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-73.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ec154fc3da0932366d09528c91a73f7c779384e21e3c409263c79df81b0ad94e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:38 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
831
x-sticky-vk
1671091298114034-410
Expires
Thu, 15 Dec 2022 08:01:38 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:38 GMT
server
nginx
t
t.lkqd.net/ Frame 771E 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame A97E 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_f51ac984.js
vpaid.springserve.com/production/ Frame 3CAC 		506 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_f51ac984.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7a00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 17:09:30 GMT
content-encoding
br
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
last-modified
Tue, 06 Dec 2022 22:05:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
658329
etag
W/"b030ae2df4f66a78701be0f4e1a3a52f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
mEkt6ACik222Aat4VgKKh61FJuB8CQZkXgKWX2jdyqmYnOibWfPepg==
t
t.lkqd.net/ Frame 771E 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:38 GMT
server
nginx
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 3CAC 		978 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091298056,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8587f60006097aea76fdcafdfbfcfc4be14696383111153d99d6809bd5dcdcea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:38 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
602
expires
Thu, 15 Dec 2022 08:01:38 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame D4C9 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091298056,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:38 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 06:03:39 GMT
server
Apache
etag
"277a2-5e7fbf52bc8c8-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38047
showad.js
ads.pubmatic.com/AdServer/js/ Frame 55E1 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091298056,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=21255
content-encoding
gzip
content-length
13946
content-type
text/html
date
Thu, 15 Dec 2022 08:01:38 GMT
expires
Thu, 15 Dec 2022 13:55:53 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame D4C9 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091298056,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:38 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=21255
accept-ranges
bytes
content-length
13946
expires
Thu, 15 Dec 2022 13:55:53 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 55E1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74145692&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a0374feeb6d4daf5b53d2db407364b90823a6c67743488342e5cefa5a84b333e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 15 Dec 2022 08:01:37 GMT
content-length
1984
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame B8F4
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=e-Ah7innLexgsSjtKbc163i2Kr5g5C3uf7LxSvrv
42 B
512 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=e-Ah7innLexgsSjtKbc163i2Kr5g5C3uf7LxSvrv
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 08:01:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 15 Dec 2022 08:01:38 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=e-Ah7innLexgsSjtKbc163i2Kr5g5C3uf7LxSvrv
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 14D1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177282473554278555&gdpr=0&gdpr_consent=
42 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177282473554278555&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 08:01:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 15 Dec 2022 08:01:38 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177282473554278555&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
rtset
bh.contextweb.com/bh/ Frame 3E54
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUkEwN0hOYWtBQUNLZ3ZYSkZoUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADRA07HNakAACKgvXJFhQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1479
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BFiKJCzZQbhiwzPXTk2_yNly2hQ
42 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 08:01:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 08:01:38 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Pug
simage2.pubmatic.com/AdServer/ Frame 7974
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rUYgADk_LG7QAe&gdpr=0&gdpr_consent=&_test=Y5rUYgADk_LG7QAe
1 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rUYgADk_LG7QAe&gdpr=0&gdpr_consent=&_test=Y5rUYgADk_LG7QAe
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 08:01:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 15 Dec 2022 08:01:38 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rUYgADk_LG7QAe&gdpr=0&gdpr_consent=&_test=Y5rUYgADk_LG7QAe
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220024-HHN
x-timer
S1671091299.645737,VS0,VE0
p
a.audrte.com/ Frame 55E1
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=9F55788C-3DAF-4F6C-9153-F0674D3DB544
  • https://a.audrte.com/p
0
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 55E1
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9F55788C-3DAF-4F6C-9153-F0674D3DB544&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9F55788C-3DAF-4F6C-9153-F0674D3DB544&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9F55788C-3DAF-4F6C-9153-F0674D3DB544&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:37 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:37 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=9F55788C-3DAF-4F6C-9153-F0674D3DB544&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 55E1
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Thu, 15 Dec 2022 08:01:38 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
generic
match.adsrvr.org/track/cmf/ Frame 55E1
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=9F55788C-3DAF-4F6C-9153-F0674D3DB544&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 55E1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4e7efd3c-7697-47d3-b5b6-2533fae3233d&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99611486-5a17-4503-a1b0-ab1982a65b33&gdpr=&gdpr_consent=&gdpr_pd=
1 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99611486-5a17-4503-a1b0-ab1982a65b33&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 08:01:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99611486-5a17-4503-a1b0-ab1982a65b33&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 15 Dec 2022 08:01:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
9F55788C-3DAF-4F6C-9153-F0674D3DB544
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 55E1 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/9F55788C-3DAF-4F6C-9153-F0674D3DB544?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:6f22:82f:ef72:b8eb Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 55E1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KsiUf8FE2uUpdLe9.U4a9T_Le96dveU-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KsiUf8FE2uUpdLe9.U4a9T_Le96dveU-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KsiUf8FE2uUpdLe9.U4a9T_Le96dveU-~A&gdpr=0&gdpr_consent=
date
Thu, 15 Dec 2022 08:01:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 55E1 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 55E1 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:37 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame D4C9 		27 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091298056,,&us_privacy=&cb=1671091298350&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fpelotainvernal.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fpelotainvernal.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-12-15%208:1:38&ranreq=0.32481340385165614&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091298056,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:38 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://pelotainvernal.com
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame D4C9 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671091299&wa=0&vadsId=-1&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
i
vid-io-cle.springserve.com/vd/ Frame 3CAC 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=d1945925&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.218.58.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-218-58-137.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:38 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
st.pubmatic.com/ Frame 3CAC 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671091298&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 9397 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1671091295.dop223.fr8.t,1671091299.cds158.fr8.shn,1671091299.cds158.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
t
t.lkqd.net/ Frame 771E 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:39 GMT
server
nginx
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 9397 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1671091299096
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:39 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1671091295.dop145.fr8.t,1671091299.cds246.fr8.shn,1671091299.cds246.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame 9397 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671091299097016-351
Expires
Thu, 15 Dec 2022 08:01:39 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 9397 		301 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fpelotainvernal.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-73.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:39 GMT
Server
nginx
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1671091299092043-429
Expires
Thu, 15 Dec 2022 08:01:39 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 9397 		67 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C63065%2C1%2C1201141525404280241285854681%2C%2C&_fw_gdpr_consent=&vav=bfae9a2ff5691c38406cace174fcaf4b&vaviv=d21b39d7c1a7a23ec8d15a8e4bff6d5a&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fpelotainvernal.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-73.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:39 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1671091299135012-376
Expires
Thu, 15 Dec 2022 08:01:39 GMT
user-matching
ads.stickyadstv.com/ Frame 9397 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671091299156020-393
Expires
Thu, 15 Dec 2022 08:01:39 GMT
user-matching
ads.stickyadstv.com/ Frame 9397 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RA7F7HNVRCC4SCR3ZWR2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671091299108085-352
Expires
Thu, 15 Dec 2022 08:01:39 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:39 GMT
server
nginx
t
t.lkqd.net/ Frame 771E 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame A4FF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=15905219&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0ff104671207e0ec8452e26ee395eb572b78b559e1faf60cd3b1afb48f42d760

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:39 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1400
vpaid.js
ad.lkqd.net/vpaid/ Frame 1080 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:39 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1671091299.cds221.fr8.hn,1671091299.cds268.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 41A3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 15 Dec 2022 08:01:39 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1671091299.cds221.fr8.hn,1671091299.cds226.fr8.c
ad
v.lkqd.net/ Frame 1080 		22 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=15905219&m=&rtv=1&thost=pelotainvernal.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
c02fdfe8709110eaf2458eae95e6cd299d7797f2804a1b88f84cdcc2f39ddadd

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 08:01:40 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3560
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=15905219&m=&rtv=1&thost=pelotainvernal.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 15 Dec 2022 08:01:40 GMT
server
nginx
cs
cs.lkqd.net/ Frame 41A3
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=54e9ed24-2b05-4a5a-8768-c0b0595bec5d
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=54e9ed24-2b05-4a5a-8768-c0b0595bec5d
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=54e9ed24-2b05-4a5a-8768-c0b0595bec5d
date
Thu, 15 Dec 2022 08:01:40 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 41A3 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 41A3 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 41A3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 41A3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
Date
Thu, 15 Dec 2022 08:01:40 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 556C 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:40 GMT
server
nginx
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C31870792491072362751307836361%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-73.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b690015f016899859a1697c100d8edd27146aca340eb903c7311fa4b84e98630

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:40 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
832
x-sticky-vk
1671091300158098-389
Expires
Thu, 15 Dec 2022 08:01:40 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:40 GMT
server
nginx
t
t.lkqd.net/ Frame 556C 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 1080 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_f51ac984.js
vpaid.springserve.com/production/ Frame 04C3 		506 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_f51ac984.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7a00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 17:09:30 GMT
content-encoding
br
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
last-modified
Tue, 06 Dec 2022 22:05:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
658331
etag
W/"b030ae2df4f66a78701be0f4e1a3a52f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
SOwhUQMYH1RkErmXMu4qnLt1iRySK70zRpCjTrhek4yzRYOPaZ3VZg==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 04C3 		978 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091300155,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7f3326550829b6649576986aac0b500371cf01da7957bc73b890cbc076132e6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:40 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
602
expires
Thu, 15 Dec 2022 08:01:40 GMT
t
t.lkqd.net/ Frame 556C 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:40 GMT
server
nginx
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame C588 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091300155,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:40 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 06:03:39 GMT
server
Apache
etag
"277a2-5e7fbf52bc8c8-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38047
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1AC0 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091300155,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=21253
content-encoding
gzip
content-length
13946
content-type
text/html
date
Thu, 15 Dec 2022 08:01:40 GMT
expires
Thu, 15 Dec 2022 13:55:53 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame C588 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091300155,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:40 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=21253
accept-ranges
bytes
content-length
13946
expires
Thu, 15 Dec 2022 13:55:53 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1AC0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47733057&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6b2f529daa5c4edb41b40af9c7b21e2b3eea5883a3b65311c01ebd26e31c064a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 15 Dec 2022 08:01:39 GMT
content-length
1871
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 1570 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 15 Dec 2022 08:01:40 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2C1E
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
174 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 08:01:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 15 Dec 2022 08:01:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame D2F5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
779da716294091dd-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 08:01:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
779da714cf0b91dd-FRA
content-type
text/html
date
Thu, 15 Dec 2022 08:01:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1660
bridge
cm.adgrx.com/ Frame CFCF 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 15 Dec 2022 08:01:40 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-5
generic
match.adsrvr.org/track/cmf/ Frame 6A0E
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4837438487
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4837438487
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 15 Dec 2022 08:01:40 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 15 Dec 2022 08:01:40 GMT
etag
RXd84dcd17c05e416eb3f2661987daf16e003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4837438487
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame 8496 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Dec 2022 08:01:40 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-1609ffe1c74d@version_1.531
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 40AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 15 Dec 2022 08:01:40 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
image2.pubmatic.com/AdServer/ Frame 8579
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage...
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=6e9d33cf61a265beaf9604f967f1fcae&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjghYMSVRajhQVQVa
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 1AC0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dd13639a-d45f-4c00-a03b-c0cba592742b
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dd13639a-d45f-4c00-a03b-c0cba592742b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 15 Dec 2022 08:01:40 GMT
Server
MT3 224 5671b77 master zrh-pixel-x5 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dd13639a-d45f-4c00-a03b-c0cba592742b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 08:01:39 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1AC0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3757162666768938953&gdpr=0&gdpr_consent=&us_privacy=
1 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3757162666768938953&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 08:01:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3757162666768938953&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 1AC0
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8e6b3f1f-ccf3-43ab-9cf1-a81e2996fa2d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8e6b3f1f-ccf3-43ab-9cf1-a81e2996fa2d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 08:01:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8e6b3f1f-ccf3-43ab-9cf1-a81e2996fa2d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 15 Dec 2022 08:01:40 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 1AC0
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1711690457971926349
42 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1711690457971926349
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 08:01:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:40 GMT
AN-X-Request-Uuid
57cf0d96-3540-4b34-9f33-4fe21408a5a6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1711690457971926349
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame C588 		27 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091300155,,&us_privacy=&cb=1671091300442&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fpelotainvernal.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fpelotainvernal.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-12-15%208:1:40&ranreq=0.15628648985835825&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671091300155,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:40 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://pelotainvernal.com
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame C588 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671091301&wa=0&vadsId=-1&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
i
vid-io-cle.springserve.com/vd/ Frame 04C3 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=4f395b60&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.218.58.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-218-58-137.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
st.pubmatic.com/ Frame 04C3 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671091300&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame F15D 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1671091295.dop223.fr8.t,1671091301.cds158.fr8.shn,1671091301.cds158.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
dt
dt.adsafeprotected.com/ Frame 2052 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1014661&asId=524e230d-316b-7077-1c41-9884a355f148&tv=%7Bc:wQMaKc,pingTime:5,time:5720,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:23%7D,%7Bpiv:100,vs:i,r:,t:623%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5097,o:623,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B616~0%5D,as:%5B616~728.90%5D%7D%7D,%7Bsl:i,t:623,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5097~100%5D,as:%5B5097~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:176,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c*.1014661-62144022%7C1c1%7C1c21%7C1d.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:25,sis:385%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:41 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2052 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1014661&asId=524e230d-316b-7077-1c41-9884a355f148&tv=%7Bc:wQMaKc,pingTime:5,time:5720,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:23%7D,%7Bpiv:100,vs:i,r:,t:623%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5097,o:623,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B616~0%5D,as:%5B616~728.90%5D%7D%7D,%7Bsl:i,t:623,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5097~100%5D,as:%5B5097~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:176,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c*.1014661-62144022%7C1c1%7C1c21%7C1d.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:25,sis:385%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:41 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
t
t.lkqd.net/ Frame 556C 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:41 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:41 GMT
server
nginx
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame F15D 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1671091301177
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 08:01:41 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1671091295.dop145.fr8.t,1671091301.cds246.fr8.shn,1671091301.cds246.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame F15D 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671091301182020-397
Expires
Thu, 15 Dec 2022 08:01:41 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame F15D 		301 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fpelotainvernal.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-73.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:41 GMT
Server
nginx
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1671091301205011-336
Expires
Thu, 15 Dec 2022 08:01:41 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame F15D 		67 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C63065%2C1%2C31870792491072362751307836361%2C%2C&_fw_gdpr_consent=&vav=ae878e7a2eaf881eb28992d559c331dd&vaviv=0593daeda840b90d88eade53452da240&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fpelotainvernal.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-73.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:41 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1671091301175068-349
Expires
Thu, 15 Dec 2022 08:01:41 GMT
user-matching
ads.stickyadstv.com/ Frame F15D 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTFiN2QyZGFmNzVlMzhlMzQ4OGVhNmQ1ZTk2ZWI3ZDQ=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671091301175097-385
Expires
Thu, 15 Dec 2022 08:01:41 GMT
user-matching
ads.stickyadstv.com/ Frame F15D 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BM9ZCRAAX2V4SQWR6EQZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 08:01:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=91b7d2daf75e38e3488ea6d5e96eb7d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671091301276008-359
Expires
Thu, 15 Dec 2022 08:01:41 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 08:01:41 GMT
server
nginx
t
t.lkqd.net/ Frame 556C 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Thu, 15 Dec 2022 08:01:41 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
dt
dt.adsafeprotected.com/ Frame 15C1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=e9fccf6c-1904-fbfd-8bff-42d59b5f2d12&tv=%7Bc:wQMaSi,pingTime:5,time:6127,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:21%7D,%7Bpiv:100,vs:i,r:,t:1126%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1126,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1119~0,0~100%5D,as:%5B1119~300.600%5D%7D%7D,%7Bsl:i,t:1126,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:176,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c.1014661-62144022%7C1c1%7C1c21%7C1c3%7C1d*.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sis:267%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:41 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 15C1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=e9fccf6c-1904-fbfd-8bff-42d59b5f2d12&tv=%7Bc:wQMaSi,pingTime:5,time:6127,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:21%7D,%7Bpiv:100,vs:i,r:,t:1126%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1126,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1119~0,0~100%5D,as:%5B1119~300.600%5D%7D%7D,%7Bsl:i,t:1126,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:176,fm:tq4oM24+11%7C1211%7C1212%7C131%7C132%7C14%7C15%7C161%7C162%7C171%7C18%7C191%7C192%7C1a%7C1b%7C1c.1014661-62144022%7C1c1%7C1c21%7C1c3%7C1d*.1034476-65088021%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sis:267%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:acfb:2d89:a7ac:cd68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 08:01:41 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ad
v.lkqd.net/ Frame A4FF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=40568678&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
53617bea918081b8e442458beee48fbfffbcc8b1c279d523d5af2f862bd3d93e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:41 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1399
vpaid.js
ad.lkqd.net/vpaid/ Frame D67B 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:41 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1671091301.cds221.fr8.hn,1671091301.cds268.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 03FF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 15 Dec 2022 08:01:42 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1671091302.cds221.fr8.hn,1671091302.cds226.fr8.c
ad
v.lkqd.net/ Frame D67B 		0
0
ad
v.lkqd.net/ Frame 		0
0
cs
cs.lkqd.net/ Frame 03FF
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=6e296730-e6a7-4b9f-83b0-bb7dae30acc6
0
0
cs
cs.lkqd.net/ Frame 03FF 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 03FF 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 03FF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:01:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3757162666768938953
pragma
no-cache
date
Thu, 15 Dec 2022 08:01:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 03FF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOYUAJSd6Xy3oQV5xnGsmDo&google_cver=1&google_push=AavPq0NF4K-008omh_G2nRO8165iTAUesvLVLHwQKkEu8LBITtbehSaOFGHAKUEOLJ8uQgz1TY7NQe8EMGvLfj6iUIcVicuD6SsdpqpsMg
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADRA07HNakAACKgvXJFhQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Domain
a.audrte.com
URL
https://a.audrte.com/p
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjghYMSVRajhQVQVa
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
v.lkqd.net
URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=40568678&m=&rtv=1&thost=pelotainvernal.com
Domain
v.lkqd.net
URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=40568678&m=&rtv=1&thost=pelotainvernal.com
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=6e296730-e6a7-4b9f-83b0-bb7dae30acc6
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=BFiKJCzZQbhiwzPXTk2_yNly2hQ

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontentvisibilityautostatechange object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| googletag object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| a0_0x597fa9 function| a0_0x143e number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| pbjs function| a0_0x4b0d function| $ function| jQuery object| pbjsChunk object| ADAGIO object| mnet object| _seedtagq object| webpackJsonp1670931680439 function| requestAnimationFrame1 function| cancelAnimationFrame1 function| getVPAIDAd boolean| _seedtagLoaded object| _seedtag function| callPlayers function| __tcfapi_8928924878912 object| vpaidLoader object| lkqd object| mobile_blocked_mfs function| lkqd_http_response number| uidEvent object| bootstrap function| moment object| ko function| GameSocket function| SmartBanner function| gtag object| dataLayer function| ViewModel object| apd_options object| google_tag_manager object| google_ama_state number| google_rum_task_id_counter object| google_image_requests string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector boolean| fifabAlready function| fi_fab object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| sas object| apntag object| _ADAGIO object| fiUtils object| ONFOCUS function| setImmediate function| clearImmediate object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_132 object| Criteo object| Criteo_identitytag_132 object| google_llp object| GoogleGcLKhOms

101 Cookies

Domain/Path Name / Value
.pelotainvernal.com/ Name: __gads
Value: ID=39bad8454e8057a0:T=1671091291:S=ALNI_Mb5ZkJuYuvEj9hSv92HRMbspqDNTQ
.pelotainvernal.com/ Name: __gpi
Value: UID=00000b92ae414513:T=1671091291:RT=1671091291:S=ALNI_MZqD6vsYvmZbCxtayi0qX3-htP5Xg
.doubleclick.net/ Name: IDE
Value: AHWqTUmBcfAlw-NxpRFcyrs02dMbLV3G8a2Eg5JFN-cGETZbgjpSCQVUWV50RxSWaiw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ads.stickyadstv.com/ Name: UID
Value: 91b7d2daf75e38e3488ea6d5e96eb7d4
.quantserve.com/ Name: mc
Value: 639ad45c-b0bdd-d5e21-75a2a
.pelotainvernal.com/ Name: __qca
Value: P0-216112849-1671091292598
.turn.com/ Name: uid
Value: 3757162666768938953
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-04588a24-2cd9-41b8-62c3-33d74e4dbfc8.%2Bi%2FofAkyOzi4SQhCyGlWNB9Y4sxU9VwFU1u71%2Bgpnc8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ABFiKJCzZQbhiwzPXTk2_yNly2hQ.J8o8H8BZ9ESb4Kdzpv9DCBPk8wWedwQgTyp4CxE1lww
pelotainvernal.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.pelotainvernal.com/ Name: _pubcid
Value: ebd2de10-8a36-4059-b6ef-7471c7d536c9
.bidswitch.net/ Name: tuuid
Value: 99611486-5a17-4503-a1b0-ab1982a65b33
.bidswitch.net/ Name: c
Value: 1671091293
.bidswitch.net/ Name: tuuid_lu
Value: 1671091293
.yahoo.com/ Name: A3
Value: d=AQABBF3UmmMCEP7vULCmxme_kZRuuLJr6_IFEgEBAQElnGOkYwAAAAAA_eMAAA&S=AQAAAt1nxORDVD4AH6tTFSAD-3Q
.pelotainvernal.com/ Name: _ga
Value: GA1.2.1506290039.1671091292
.pelotainvernal.com/ Name: _gid
Value: GA1.2.1121866092.1671091294
.pelotainvernal.com/ Name: _gat_gtag_UA_19230497_1
Value: 1
a.vidoomy.com/ Name: SSCookie
Value: 1
s.pelotainvernal.com/ Name: AWSALB
Value: iOma4E9nHxV5BxT+7XUCg+sja2XP5ozd3J/wFovo3uC6jlgg6bZ14TMkAUXU1R8hnMNyHnOHmPkrzw/Q5pRqX6Ry8Y3XLH81cs41tJPf2e1CpGFq81RClGm94P7F
s.pelotainvernal.com/ Name: AWSALBCORS
Value: iOma4E9nHxV5BxT+7XUCg+sja2XP5ozd3J/wFovo3uC6jlgg6bZ14TMkAUXU1R8hnMNyHnOHmPkrzw/Q5pRqX6Ry8Y3XLH81cs41tJPf2e1CpGFq81RClGm94P7F
.rubiconproject.com/ Name: khaos
Value: LBOSLYTE-1Y-JTTZ
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqiftp4yPaNkbU1ZxogGjlwOA+xFj1I9scPlNhSTbzUQ2YXu3OW/iPhSkyj9x8eeR3thoi474+Tg2jYHTlS9mMvGIFatoJ0DXuyqVI1k5poNA==
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 9F55788C-3DAF-4F6C-9153-F0674D3DB544
.pelotainvernal.com/ Name: cto_bidid
Value: VlnYV19JRmM4VU1OSmc1N3c5andrQlNTSzNRcGdWcmF5Szd4Q1NMNDFGeW5qc21na09ud0d6cnR4NU9HakhxQlhxZE1XOVNVWFNBJTJGRFYlMkIzUTc0cDNldkJYekElM0QlM0Q
.adnxs.com/ Name: uuid2
Value: 1711690457971926349
.weborama.fr/ Name: AFFICHE_W
Value: 0@seuB7YrQDT47
.simpli.fi/ Name: suid
Value: 15F7324444424827B009E7D07B9D1C10
.mathtag.com/ Name: uuid
Value: dd13639a-d45f-4c00-a03b-c0cba592742b
.de17a.com/ Name: guid
Value: 1.7825749370303073270
.zeotap.com/ Name: zc
Value: 217c8383-d91f-4fb7-4a8b-b6cc4bb63d9a
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1711690457971926349&KRTB&23339-1711690457971926349
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:dd13639a-d45f-4c00-a03b-c0cba592742b&KRTB&16736-uid:dd13639a-d45f-4c00-a03b-c0cba592742b&KRTB&23019-uid:dd13639a-d45f-4c00-a03b-c0cba592742b&KRTB&23208-uid:dd13639a-d45f-4c00-a03b-c0cba592742b
.adform.net/ Name: uid
Value: 8781398616916412109
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-7825749370303073270
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMsQEX54o0H-m28eqNg1vkI&KRTB&16514-CAESEMsQEX54o0H-m28eqNg1vkI&KRTB&23025-CAESEMsQEX54o0H-m28eqNg1vkI&KRTB&23386-CAESEMsQEX54o0H-m28eqNg1vkI
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8781398616916412109&KRTB&23263-8781398616916412109
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.amazon-adsystem.com/ Name: ad-id
Value: AxXuEgru70zxg9ptjHKqkMk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.criteo.com/ Name: uid
Value: 965d573a-dea9-4f80-9c01-e89d89d2a78f
.casalemedia.com/ Name: CMPS
Value: 2167
.casalemedia.com/ Name: CMPRO
Value: 2167
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVVnoKAB!]tbPl1M>e)ZlrFUfJ+tGXxom<tc.kY9mnea=]RfEUeg9?2(]fZsn9K^RR/b3If)y3KL9D3I?+c8<U_j
.casalemedia.com/ Name: CMID
Value: Y5rUX40.tHOdKK.xH.IX6wAA
.pelotainvernal.com/ Name: cto_bundle
Value: 4YXpUl85c0Q0RDU3ZHZuRVZQR2RUaDYlMkJDbU5rTDRUQnlRbDZQR0lnbFVFbUZqVzBIV2xtV1A3YjVRY1NYRUh3N3A0aTVuUFRuamx3ZXJZZjg4TlFTNzdxdkJNZlJPcGphZnRSUiUyRmw2cSUyRlV6YmFqZVNOJTJGN25wYURhYkVnTnlHOE1YYkMzV0R2dTNXQlpaaFNJbTZicWVvaTJiQnBBUlNJYnM4dVVTOWdIRzdpQ0ZhbyUzRA
.ctnsnet.com/ Name: gid_CAESEAfWYdjAgA8K2hhWOFy4jJE
Value: 1
.blismedia.com/ Name: b
Value: 639AD45F1C3B948A293B1EACBLIS
ads.avct.cloud/ Name: uuid
Value: 5ced002d-f936-4238-8659-072d97ea7cf1
.agkn.com/ Name: ab
Value: 0001%3ALpmgI%2BHYi5TagKZn7D92zJu17zRLWmCF
.agkn.com/ Name: u
Value: C|0CEArLZDfKy2Q3wAAAAAAAQ13AQCAAQpAAAAAAA
.ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
.ads.stickyadstv.com/ Name: pxId
Value: 7169
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d84dcd17-c05e-416e-b3f2-661987daf16e-003%22%7D
.mathtag.com/ Name: mt_mop
Value: 4:1671091296
.ctnsnet.com/ Name: cid
Value: f79b1165eee04caabb4b94d4cadde8ef
.fwmrm.net/ Name: _uid
Value: "l1653_7177282464950342166"
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: l1653_7177282464950342166
.ads.stickyadstv.com/ Name: MRM_UID
Value: l1653_7177282464950342166
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEGJsNgM4eB30Pr07uoADD6o
.casalemedia.com/ Name: CMTS
Value: 3244
.quantserve.com/ Name: d
Value: EJcBDgHoJ4EO-TA
.analytics.yahoo.com/ Name: IDSYNC
Value: "1982~28uw:18z8~28uw"
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-e-Ah7innLexgsSjtKbc163i2Kr5g5C3uf7LxSvrv&KRTB&19420-e-Ah7innLexgsSjtKbc163i2Kr5g5C3uf7LxSvrv&KRTB&22979-e-Ah7innLexgsSjtKbc163i2Kr5g5C3uf7LxSvrv&KRTB&23403-e-Ah7innLexgsSjtKbc163i2Kr5g5C3uf7LxSvrv
.adfarm1.adition.com/ Name: UserID1
Value: 7177282473554278555
.onaudience.com/ Name: cookie
Value: cab3f8590cbd5d50
.onaudience.com/ Name: done_redirects147
Value: 1
.fiftyt.com/ Name: fifid
Value: fdb04ac4-e1d2-403b-6d9c-2ec16cd14304
.fiftyt.com/ Name: cs
Value: MTY3MTA5MTI5OHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fO9xPWyFoFg3AeSe2vXGzqg9RbsHcKSlZXx-dZNs3MY5
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7177282473554278555&KRTB&23278-7177282473554278555&KRTB&23369-7177282473554278555
.semasio.net/ Name: SEUNCY
Value: 45D538205093610
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-BFiKJCzZQbhiwzPXTk2_yNly2hQ&KRTB&23334-BFiKJCzZQbhiwzPXTk2_yNly2hQ&KRTB&23417-BFiKJCzZQbhiwzPXTk2_yNly2hQ&KRTB&23426-BFiKJCzZQbhiwzPXTk2_yNly2hQ
.fiftyt.com/ Name: fppm
Value: 20221215080138
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5rUYgADk_LG7QAe
.bidr.io/ Name: bito
Value: AADRA07HNakAACKgvXJFhQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.sportradarserving.com/ Name: zuuid
Value: 4e7efd3c-7697-47d3-b5b6-2533fae3233d
.sportradarserving.com/ Name: c
Value: 1671091298
.sportradarserving.com/ Name: zuuid_lu
Value: 1671091298
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1671091298
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y5rUYgADk_LG7QAe&KRTB&22978-Y5rUYgADk_LG7QAe&KRTB&23194-Y5rUYgADk_LG7QAe&KRTB&23209-Y5rUYgADk_LG7QAe
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-99611486-5a17-4503-a1b0-ab1982a65b33
.audrte.com/ Name: arcki2
Value: 6bcDoaZXbNMTi-I-LDdXCVMjQ!20220908!1671091298825!ip#217.114.218.20
.audrte.com/ Name: arcki2_pubmatic
Value: 9F55788C-3DAF-4F6C-9153-F0674D3DB544!20220908!1671091298829
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: DPSync3
Value: 1672272000%3A241_197_227_245_235_226_221_219_201%7C1671148800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1672358400%3A35%7C1671926400%3A63%7C1672272000%3A99_71_81_22_88_54_3_234_55_7_176_204_238_56_243_220_251_233_13_165_21_161_8_166%7C1673654400%3A203%7C1671667200%3A223_15_2
.csync.loopme.me/ Name: viewer_token
Value: 36c6135f-6997-4a7d-a41b-1e6ace8b4dca
.pubmatic.com/ Name: SPugT
Value: 1671091299
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3757162666768938953&KRTB&23150-3757162666768938953
.pubmatic.com/ Name: PugT
Value: 1671091300
ads.playground.xyz/ Name: connect.sid
Value: s%3AIJiweZ5txY_5iPe9N5d8Ed9RBm4470zr.1nIQ9XKPTurfrmCvHV8vzoJcCxIfuXyWnF4I8tf8JOM
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d84dcd17-c05e-416e-b3f2-661987daf16e-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.adsby.bidtheatre.com/ Name: __kuid
Value: 8e6b3f1f-ccf3-43ab-9cf1-a81e2996fa2d.440305300
.onaudience.com/ Name: done_redirects161
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: aanseFx2eNkSE0U7bdfOvyGZdb2ZdxMZdbZcZcstFuKjE0KEVjZdXAvNCFNZdoZbLW70BnxEN1McjNPkLHTiQxDMQ6Pg

6 Console Messages

Source Level URL
Text
network error URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=9F55788C-3DAF-4F6C-9153-F0674D3DB544&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOYUAJSd6Xy3oQV5xnGsmDo&google_cver=1&google_push=AavPq0NF4K-008omh_G2nRO8165iTAUesvLVLHwQKkEu8LBITtbehSaOFGHAKUEOLJ8uQgz1TY7NQe8EMGvLfj6iUIcVicuD6SsdpqpsMg
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
20e8afb8e455763ca9bea03ef9101e20.safeframe.googlesyndication.com
a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.lkqd.net
ad.turn.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
ap.lijit.com
aud.pubmatic.com
bh.contextweb.com
bid.g.doubleclick.net
bidswitch-eu.splicky.com
c1.adform.net
cdn-conectate.kiskoo.com
cdn.firstimpression.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.stickyadstv.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
core.iprom.net
cr.frontend.weborama.fr
cs.lkqd.net
cs.media.net
csync.loopme.me
d.agkn.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
ecdn.firstimpression.io
fastlane.rubiconproject.com
flower-ads.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
match.adsby.bidtheatre.com
match.adsrvr.org
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pelotainvernal.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid.media.net
pubmatic-match.dotomi.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s3.amazonaws.com
script.4dex.io
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
st.pubmatic.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.lkqd.net
t.seedtag.com
tpc.googlesyndication.com
tr.blismedia.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v.lkqd.net
vid-io-cle.springserve.com
vid.pubmatic.com
visitor.fiftyt.com
vpaid.pubmatic.com
vpaid.springserve.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
a.audrte.com
ads.stickyadstv.com
bh.contextweb.com
cs.lkqd.net
googlecm.hit.gemius.pl
image2.pubmatic.com
t.lkqd.net
v.lkqd.net
104.18.132.145
104.18.33.19
141.94.171.212
142.250.185.130
142.250.186.130
142.250.186.70
146.20.128.109
146.20.132.57
151.101.130.49
151.139.128.10
159.65.197.210
162.19.138.119
172.64.154.237
178.250.0.157
178.250.0.163
18.134.84.22
18.156.0.31
18.158.209.170
18.194.50.17
18.218.58.137
18.66.122.112
185.29.132.241
185.64.190.75
185.64.190.80
185.64.190.87
185.64.190.89
185.80.39.216
188.34.165.163
195.5.165.20
198.47.127.19
198.47.127.20
2.18.68.23
2001:4de0:ac18::1:a:3b
2001:4de0:ac19::1:b:3a
2001:678:cb4:bbbb::11
213.155.156.185
213.19.147.45
216.52.2.39
23.218.209.56
23.35.228.201
23.35.229.86
23.55.110.73
2600:1f13:800:7782:acfb:2d89:a7ac:cd68
2600:9000:223f:7e00:8:48e:53c0:93a1
2600:9000:223f:8e00:1b:5138:8a40:93a1
2600:9000:2240:7a00:15:6f6c:b180:93a1
2600:9000:225e:4800:6:44e3:f8c0:93a1
2602:803:c003:200::21
2606:4700:10::6816:3556
2606:4700:10::ac43:db6
2606:4700:20::681a:179
2606:4700:20::681a:9a9
2606:4700:3032::6815:6097
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700::6812:372
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2002
2a00:1450:4001:802::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:831::2002
2a00:1450:400c:c04::9d
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:16::1400
2a05:d018:d29:3601:6f22:82f:ef72:b8eb
3.124.162.93
3.19.54.139
3.69.101.30
34.102.253.54
34.107.148.139
34.111.129.221
34.111.131.239
34.149.50.64
34.240.30.150
34.245.154.233
34.91.62.186
34.96.105.8
35.186.193.173
35.201.96.126
35.214.223.115
35.244.159.8
37.157.3.20
37.252.171.52
37.252.171.84
5.161.47.120
51.89.9.254
52.217.105.206
52.223.40.198
52.46.130.91
52.94.223.167
54.208.68.206
54.208.89.30
63.32.97.75
64.233.167.154
69.20.43.192
72.251.241.196
77.243.60.138
85.114.159.93
98.98.134.243
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
008be15ff7db879ddccb3bf415d1143924af4eca6d1dd5250726ac423624f9d5
01709b4bf1919efaab359c127a778af8e15a68d835a5d8883bef166675b6c018
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
048fb04ccc3f2b72c4a113aaab9d1ab33e9b33aa9edf59cda304c683b8eecbdd
069d562355f373543f4301f6003792179269c51fb9fbb04f09cc5cbe6ac8429e
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
09778ab5d08d1983b0ba1d423603b1b0f2214947ed465534dcc9ac047bf929ba
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf08faf3e89ddb99b1d80f39c9e51b4a227959c76e8f98a57ffd52ee2d2b3f2
0e4b1313bc2267b435bf2f2a51badb9787865242cb56aa241da9cc5f832cd6dd
0e56bd4257c01a9b0c966f0e21a5491a45af5ec6fe2ada3701b3956d34cf8de4
0ff104671207e0ec8452e26ee395eb572b78b559e1faf60cd3b1afb48f42d760
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53
10d885d549021c6b2fe32b57aadc0311865bf4fb465ecf99788b0f9efd6e3ff1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14fa937604e0fd3f7f1f8fa5daa5ab7e25052e1b1b826688b0109fac4251bf6f
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19737707017ce7f188707e1e6fbae40088945cb235a8c37971b507b97d771a4b
1a5abe47806581eb04be12b1013b7926cc63950e58a5e2bb77610dc752864112
1abd25514b46661ed50e11e1c7d90e9f016e26f5dd02f96234ebf31a6bb254e1
1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e894e7cf7187c224f386656a508446013f4cd6edea742f5241ce57258db06c6
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2898db6854005fdaa609823600aa9785333c79031d76ee81d6c70f2636729010
28f9079f7a882b55c9ac34c904a8190e206f0b8203b8531d1c99feb31d4a34c7
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d9645a514be2f1499ad10538ae7f5ec034e03958de8486ad05caeeaca35b27a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e01985774488a39ff9cd287bdf2d43ba8b813f248d07c9e588dfbd5eddd19da
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3521616fbd1415fd86988bfc9773f6044497f54354e0b924f7db878f91c1af83
3620d28357207cd4b8092fe728bed5a606c78c07d4043ed225b7c3e8e58fa731
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36c2343f3359688c9948184e631420db683b3d1a105206fcf76f1354c106425e
3aa5cdd18374b285ddc76c94ee1735df8b3e518cb7202fa7feec77a3b13437a3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43ed01782a52f74351b31f996f02f0761540c3af7cdbd0693891a3e5abcfa3c1
448f77bd7ef67fefd6f9d038bb07e8dcb60f7dea64cb064bf82ce2379ad424a5
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba
47f719c1691461a5d778135c0512d51c87f8eea39be7ddad829830925902674b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e669ec87a5eff4e4a64cf5fcaad2d986005d1f8c0baba0e6c48c5d061e8f304
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4ffe1619d0cddcd71c73eb41dcf1bf9219646f36b90667b3746c8a6771375fc6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24
52084175f1ddbd7e4168245880f4dd0c69cedbcac6096306ecae4e56181ad545
53090c518a288ece7279962d2316a77c6d38709995aa213b196ffb4e42094bdb
53617bea918081b8e442458beee48fbfffbcc8b1c279d523d5af2f862bd3d93e
5459851818636571b7286afd1a08ccd3991e479808e70ee8dc7b2ffca2201e63
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b9fc343a39726f3bd297979248e261a5a1efb0fafba23e5ba72330f6117759a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496
65c8f795775c551a46218aea6c5aeadbe7c367b8d4860c9471d48f53e7351641
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6733cf93afc319e7b8f2ea92ecd2157c4e5ef8588ff72f3d4cbdc0b7885e0226
67b55fa1ac1eb182c16573559fb708578b5ff0677b376090584be98f40f7cb5b
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
6b2f529daa5c4edb41b40af9c7b21e2b3eea5883a3b65311c01ebd26e31c064a
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f936123a8e1632738bfae621c5c358af3b766106058b437c0a2da3615d3054e
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
74b0cab5322e70317fbb1faa85802ca2c89f76a7bab0b3ea4a174b01912cdb9f
74df90f5f0e27dd5df2470215692754169878aa5443c25a3515e1768e3db03b1
7789986b617e64614407a82db5bae208bbb3f428bfc31fc25fd1d63a3d66deb6
77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7e9276746ee6d70a75d8362ddd8e20aa1ce8a008c8e39c66a9e05b758f636d01
7f3326550829b6649576986aac0b500371cf01da7957bc73b890cbc076132e6e
7f63590fb8b8568a328ee5318ca982d6840af2780bc08de720f368e33e5065ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8576f9d10865df0e20cd7cc7ab884fc0e52278af6437624cf6adf99a651322a6
8587f60006097aea76fdcafdfbfcfc4be14696383111153d99d6809bd5dcdcea
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87ec184cd9b3cfb5ccbf631c766fc0d6b01d8811184a5f6f49f2ec528429dad4
88607ea9edc58a87deb722a20f0760420efe0df2453bcfebd6d2b2beaa2cfe6b
88e6c842599599da1b3799d5f4659d8f3e5fa561e7ef23755baaa2a66031431b
8c3d4ff86b6d545cfdefb8a43d03f4a1c3ff553a9344e949a727da8211cf4e8d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc3f10c1ab086694adad7264e89e05ff727bfe3205b471072b251d7f92f5943
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90f1fa22f89b5123a739a8c8cf26704336b15b6d14f06eec84e763aca31198d0
943e7b61d5b7b03515718af626fd42af9c3f851b5c67617f7e28fba98fae9401
95a6c7d00feb6f985bd9e15fba7bbd6b4d2a26c39f6f52aaf4be4cfd9164da52
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c625353285d7d98b8ef8539024d908be74987505dc331a3ccf10711d88e3045
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ef29f029b9fa395b1b18530bf08a06b3fdc15ba55494244d4aaaa0721399a84
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0374feeb6d4daf5b53d2db407364b90823a6c67743488342e5cefa5a84b333e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
a4426d9dc1b5ce4b685321f70147ac19b7a6f059bf4267131f6586c55a1ed4b3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a67612c801d54b2817687d2155b63f849b671d96ffd423cb77b36b0b66fa2192
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a7762ffb2f59d32e80faa3e01c592dd528fbab30ec2e1f52176fb2eaf0125666
a7e7b102e7009762d3eafc4193a6691ff09d3ca75a24885ba4f60c747f2a7c50
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
af9474e5a7a9093351569e5cb64b9b34596d02e5cd1ede8ead7acf41740f76cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873
b59274b06fc793177aedbfa4b52d6d2571528266198414ae2b1795d7d87bff48
b690015f016899859a1697c100d8edd27146aca340eb903c7311fa4b84e98630
b6e9fac6bd82d94790afb3085bc70eacc10002ff124da2c8f0aec58d62a42673
bac0705d11ffc896d765dc3507e2ad3abb961795b05bb857039ca92f649a0745
bd335627b30cb609116c9ed19b9e56c8fb0861c6b9d94e25b3e4317e8a3e38dd
bd4d772e30310f3db773adf243ec2121ed30e8f34f62bc15e33d4b05e1077ac8
bd558b6b0fa8256504d6f1796203c55c540013d7d4021f79241476f3ac49dac1
bd8bbf100f8f628aa2c0a2d732ce0bcecbd8f2b803d4ec8d07cd3f7bbe63f64f
bdbbb447bf69f791cb6717a186852f2b9661ca900a74d8235d37ef9ed65ac0dd
bf9911de531f730accd283f99c6e2c0bffa0254643bb091b985d065e5af6ee0f
c02fdfe8709110eaf2458eae95e6cd299d7797f2804a1b88f84cdcc2f39ddadd
c0b37e465c194ac64cda0512dca52c310a08bc4d7181098c503957f3ae3de77a
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e
c0fb80435e5880e14c09a8ea940df2b4581d5b04017491acfb784662a7da9b0c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
cb3de72456fc05ea9108c8d52846d6544e81a312ff45156281e6bf3cc95ec89c
cd257ced5860b54b3c71dd2e1c9704a552f0c2be8e63ef42cdf47e05293da1bb
cf01df540711dce7335fe8e5a9c1a4ae78d4b1cf179aec4bbc58071bdbfb0dc6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d483d83397c36e7235810c0dfc91eb71a09a190e7bd2d565acf39d7ff8e69236
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d74835ebc144bb92d18a970ca79cae0840c356a5967bb1d1d9428c32c183cdb1
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da2e2fd2eea12bb6d7316a6a244c367a378147e721f26d1779f3dc8dadc2e352
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0ca0088f668b7754bb38e0e6829e45598a63a21698c032eaa60ace0b54c4ba7
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea1b70e59d71bb9824849949981e1ca343ebfd3f5cad1eabdeb8a5bbfd7a453f
ec154fc3da0932366d09528c91a73f7c779384e21e3c409263c79df81b0ad94e
ec8c0ad5641e82785e893411a8f2881b5cd3783c6f7bc615b05705df45ef8c15
ecd11477b961dff1d3e8cbd0110dbe242ab84da7f31d3ea1e2764023a29dfad3
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee735ad9351455e1417cd144ed24de18f6311c98a1284b55cd59fd0d25489d22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f062f3b0dbd3f1365dcfbec75adccec3f87cd0789014d6bb515e41ba4e1e3d10
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b592d0a9db66140934d8835a3af0b61be49d76f82f3d6ce9b91117cfb444a8
f7077d9fc217944a67e7c90cded7a8c255a75c1f1d68aea4e2b43870a2545b50
fde4aa8406132d1c37dcea8010cff9261b79db0506885769e418f4baeba2a949
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48