diario.mx Open in urlscan Pro
143.204.98.62 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-2...
Submission: On April 11 via api (April 11th 2022, 11:07:33 am UTC) from US — Scanned from DE

Summary HTTP 372 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 41 IPs in 10 countries across 43 domains to perform 372 HTTP transactions. The main IP is 143.204.98.62, located in United States and belongs to AMAZON-02, US. The main domain is diario.mx. The Cisco Umbrella rank of the primary domain is 216015.
TLS certificate: Issued by Amazon on October 25th 2021. Valid for: a year.

This is the only time diario.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	143.204.98.62 143.204.98.62	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
48	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
23	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
9	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2 42	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3 11	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
12 20	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.223.38 185.33.223.38	29990 (ASN-APPNEX) (ASN-APPNEX)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
6 8	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
7 7	3.66.2.206 3.66.2.206	16509 (AMAZON-02) (AMAZON-02)
7 10	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
60	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
10	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
16	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 3	3.120.1.163 3.120.1.163	16509 (AMAZON-02) (AMAZON-02)
2 2	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
6 6	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
2 2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2 2	99.80.100.5 99.80.100.5	16509 (AMAZON-02) (AMAZON-02)
372	41

10 143.204.98.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-62.fra50.r.cloudfront.net

diario.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cache.addthiscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d-1723231058573517239.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3p.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 216.58.212.162 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.223.38 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.94.180.125 (Amsterdam, Netherlands) 6 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.66.2.206 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-2-206.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.126.56.137 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.1.163 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-1-163.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.161.21 (Netherlands) 2 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 3 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 82.145.213.8 (Norway) 6 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.100.5 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-100-5.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
92	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128	719 KB
60	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	1 MB
57	doubleclick.net 14 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	485 KB
39	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8262 c.mgid.com — Cisco Umbrella Rank: 5541 cdn.mgid.com — Cisco Umbrella Rank: 10746 servicer.mgid.com — Cisco Umbrella Rank: 8391 s-img.mgid.com — Cisco Umbrella Rank: 7283 cm.mgid.com — Cisco Umbrella Rank: 2107	1 MB
38	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com	811 KB
20	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	318 KB
12	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	1 KB
10	yahoo.com 7 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 300	3 KB
10	diario.mx diario.mx — Cisco Umbrella Rank: 216015	130 KB
8	spotxchange.com 6 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 531	5 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	290 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	6 KB
7	advertising.com 7 redirects pixel.advertising.com — Cisco Umbrella Rank: 371	2 KB
7	addthis.com m.addthis.com — Cisco Umbrella Rank: 1411 s7.addthis.com — Cisco Umbrella Rank: 1487	154 KB
6	opera.com 6 redirects t.adx.opera.com — Cisco Umbrella Rank: 4380	4 KB
5	openx.net rtb.openx.net — Cisco Umbrella Rank: 1537 us-u.openx.net — Cisco Umbrella Rank: 411	996 B
4	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1031	688 B
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 248	4 KB
4	ampproject.net d-1723231058573517239.ampproject.net 3p.ampproject.net — Cisco Umbrella Rank: 5089	19 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 302	40 KB
3	creativecdn.com 3 redirects creativecdn.com — Cisco Umbrella Rank: 677	948 B
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 289	2 KB
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	3 KB
3	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 350	938 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 655	614 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com — Cisco Umbrella Rank: 8109	755 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 400	733 B
2	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 2967	676 B
2	e-volution.ai 2 redirects sync.e-volution.ai — Cisco Umbrella Rank: 2906	918 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 355	903 B
2	google.de www.google.de — Cisco Umbrella Rank: 5383	608 B
2	google-analytics.com 2 redirects www.google-analytics.com — Cisco Umbrella Rank: 37	670 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 622	1 KB
1	idealmedia.io cm.idealmedia.io — Cisco Umbrella Rank: 12130	173 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 1254	347 B
1	zeotap.com mwzeom.zeotap.com — Cisco Umbrella Rank: 1566	470 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	807 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 962	324 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1127	464 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1691	703 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	413 B
1	addthiscdn.com cache.addthiscdn.com — Cisco Umbrella Rank: 37094	339 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
372	43

	Domain	Requested by
60	s0.2mdn.net	diario.mx s0.2mdn.net b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
44	pagead2.googlesyndication.com	diario.mx pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
42	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net diario.mx b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
20	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com diario.mx
20	cdn.ampproject.org	diario.mx cdn.ampproject.org securepubads.g.doubleclick.net pagead2.googlesyndication.com
16	s-img.mgid.com	diario.mx d-1723231058573517239.ampproject.net
15	fonts.gstatic.com	fonts.googleapis.com
11	www.google.com	3 redirects googleads.g.doubleclick.net diario.mx b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com tpc.googlesyndication.com
10	cm.mgid.com	jsc.mgid.com d-1723231058573517239.ampproject.net
10	googleads4.g.doubleclick.net	diario.mx
10	ups.analytics.yahoo.com	7 redirects googleads.g.doubleclick.net d-1723231058573517239.ampproject.net
10	diario.mx	diario.mx
8	sync.search.spotxchange.com	6 redirects googleads.g.doubleclick.net
8	www.gstatic.com	googleads.g.doubleclick.net
8	www.googletagservices.com	googleads.g.doubleclick.net b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com diario.mx
8	fonts.googleapis.com	diario.mx googleads.g.doubleclick.net securepubads.g.doubleclick.net s0.2mdn.net
7	pixel.advertising.com	7 redirects
6	t.adx.opera.com	6 redirects
6	s7.addthis.com	cdn.ampproject.org s7.addthis.com
6	b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	cdn.mgid.com	diario.mx jsc.mgid.com d-1723231058573517239.ampproject.net
5	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
5	securepubads.g.doubleclick.net	diario.mx securepubads.g.doubleclick.net
4	sync.teads.tv	googleads.g.doubleclick.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
4	c.amazon-adsystem.com	diario.mx c.amazon-adsystem.com
4	jsc.mgid.com	diario.mx jsc.mgid.com 3p.ampproject.net
3	creativecdn.com	3 redirects
3	x.bidswitch.net	2 redirects d-1723231058573517239.ampproject.net
3	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
3	pixel.rubiconproject.com	1 redirects d-1723231058573517239.ampproject.net
3	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	ad.360yield.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	eb2.3lift.com	2 redirects
2	an.yandex.ru	2 redirects
2	sync.e-volution.ai	2 redirects
2	match.adsrvr.org	2 redirects
2	servicer.mgid.com	jsc.mgid.com
2	www.google.de	diario.mx
2	stats.g.doubleclick.net	2 redirects
2	www.google-analytics.com	2 redirects
2	c.mgid.com	jsc.mgid.com
2	image6.pubmatic.com	2 redirects
2	3p.ampproject.net	cdn.ampproject.org d-1723231058573517239.ampproject.net
2	d-1723231058573517239.ampproject.net	cdn.ampproject.org
1	cm.idealmedia.io	d-1723231058573517239.ampproject.net
1	ssbsync.smartadserver.com	1 redirects
1	mwzeom.zeotap.com	d-1723231058573517239.ampproject.net
1	www.googletagmanager.com	cdn.ampproject.org
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	v1.addthisedge.com	s7.addthis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cache.addthiscdn.com	diario.mx
1	adservice.google.com	securepubads.g.doubleclick.net
1	m.addthis.com	cdn.ampproject.org
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
372	63

This site contains links to these domains. Also see Links.

Domain
diariomx.pressreader.com
widgets.mgid.com
www.mgid.com
clck.mgid.com
autoschihuahua.com
weather.com
www.eldiariodechihuahua.mx
eldiariodedelicias.mx
eldiariodeparral.mx
eldiariodelnoroeste.mx
clasificadopm.com

Subject Issuer	Validity	Valid
diario.mx Amazon	`2021-10-25` - `2022-11-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh

This page contains 40 frames:

Primary Page: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Frame ID: 1F2E3BDE07B3AF6C684AA96DEC9AE87A
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html
Frame ID: 039F0739B6DFDDEB479F1FDD5C67A9E6
Requests: 1 HTTP requests in this frame

Frame: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DE9FEED2CFE234BE2943A8FF83D339FC
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/dc/amp-addthis.html?_amp_=2203172113000
Frame ID: 42A666B96172780A39B50A1300A99A19
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&adk=1812271804&adf=3025194257&lmt=1649675244&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244210&bpp=3&bdt=212&idt=242&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8018077823069&frm=20&pv=2&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=257
Frame ID: 7F546B5124BCDFCB79B7EB00747E65E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2919569299&adf=3018281077&pi=t.ma~as.7916429874&w=747&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=747x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244213&bpp=2&bdt=216&idt=329&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lgkCTebP1i&p=https%3A//diario.mx&dtd=334
Frame ID: 8ED338567A68CD339018E14B16492E55
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352
Frame ID: AFDC45CBE2028A0B4EFED12B1D145DA6
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=100&slotname=6510739316&adk=588329291&adf=3499153759&pi=t.ma~as.6510739316&w=970&lmt=1649675244&psa=0&format=970x100&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244217&bpp=1&bdt=220&idt=362&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280%2C727x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9PSbIQGXpH&p=https%3A//diario.mx&dtd=368
Frame ID: 8A2C702C291353A2CD56A880E6A6803C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 615440DBDD76F10A90C9FA91635F39C2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 797CF1C69E0EE85478C7D03053BB8D46
Requests: 9 HTTP requests in this frame

Frame: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C15840E0CB93996BBCAC9A1A6045C820
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: A7CBAF6B010FC1B5A95066C42EC52393
Requests: 16 HTTP requests in this frame

Frame: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 52FFF8020D83BCC0667CD1B34DF7A9AC
Requests: 15 HTTP requests in this frame

Frame: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25A8820A8A59C6A0536E19A6159BFDA6
Requests: 14 HTTP requests in this frame

Frame: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B200DD0D32E2B6CD3960ED9844DD8BC5
Requests: 1 HTTP requests in this frame

Frame: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C52288EC04B8DF55779363B6B2BA4485
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNXx2NAPNsUDUMznNkGk2uZUFOJuPHH5yHTwP843Hv3YlpkFg8Cymw19CPxExo6zIzTsi5QP0Ihpzb8nlmn7MZ-Ixgqliib9f_sRoqsNDrOeOU8UOVWaF5QLAP2Smy1AKUC2qYUaABiiiEJ35Udvd44K-TKRVKHm5BJpKW6w6ZdKnNKUufE
Frame ID: 6C0B8F6659E1C377D5B02C573BCD5218
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNV6iMIf8o1ewGdyqb-1hPl0ryd21U2YXCB10BTpp-Khb53ixUuz6GeBaq9zICeWW-xO1WxpW6Pqqw_4Vk6cq2bDGjnGvfur05ZJcdQC2H5DsgcDzBYU3bxvxktGRsn1VSfMR3Fj1pl2DHEeyjI-14PkZX7pE12tz7CjJHeW--33L8jUvcc
Frame ID: E4CB896B73BD246A8D93E54D516564EB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLzqmccBMAE&v=APEucNVOIh0Osx_N2q3MeicwlLy2eB-1pDQPE6IEjATpWsUu7U-JFR6hdkxBklgmeveYC7Nv8Dm8uA2MaSETq5_a2LFWuSB4Uo42u6-cilEDGTrNj_YGd52gcQauXGQD3nhnOIBgNj0KhhzvZtyjhiKUNzusNHWzIX4k0TmmvYc5BEHiZh0a9a4
Frame ID: 7B7CD41A9CE478EE8A1C9A2CD16848AC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLzqmccBMAE&v=APEucNVF62OxWwubiyZVfDH18PmOQlsp00wM9rtj-267kn_MII4oLIJMxqyhySt5FXRbiuTysP1mpaZFCmvbTyBI5yzz-4poCAQIxVHEDl7soaY-TQvC4w0k5lRTkGvvqltPDzLx1xsOzFXPS5FYPjgkMTtM-ksmPrH_AFouCq83G6QyKdL79-I
Frame ID: B760BF806E29179F0F3A173F2D33A71A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXZ5LRvcwfkANZMCX6okbw85ZzIBj-wvYimVGSJ8UwRZrkfv4ajA8HU1vM3ntuA6eKbIJZ9DkpSgAHq_azFtODExLSvK_KiVhau00wetKso-GA2xUwTsje5dfcy0xikbDnupZWXm8ey3A7PrC4Wt2HxWybng&dbm_d=AKAmf-DX3ccM9T6hyERWDdbIqpXfCyWe65VzcYi2zBRkysEdVThAZ3smAQDuGwxeCBD4zz5jtIjroEBhuFT9ELSx8hgzv48ka45dJkakDPkp8iGcDR5ME_QO680o-axIl6qt9Xe76vK9q0QZ4hq-3qVcSFbCXt6Lqy_amQhlcAYlR1EVEaiESW0TUN4vOG-wXqnwMwxdJNv8tDY7L9UXR8aA-pR3mNjhoYoGkH2ikes9DL1TxTHtOc7TFlN4fHVjlUvXRUV02Vno4hJ_tebmnjBA8_vrn4ehxiNii1Jy-dJ0e9bBhzKxyUpIkvnQxa0b17wxIsq1qACDwJECcWv9LWwiGk0nsshQrPZNhxbSUG6s49BrdzBNnUPLFVWThL0cI1RBU90HRD8fgCMJKLeaL7u7Jhr3JppBOUBDxAjmoBB280x-Mj2fx_f9k9Rov4l5p-pGBMMa781lifL7nvW3tM8wIKxg8HwwQSLcrrKfBClVtbU5d18mqYKjtle1Wc_Ms9W5V15bX6Gtt1n79eEJTwPr4IJtC9KQ4pJJmPQx3TAfYHa0OaLrfGEsaieY5Mz8_-frei-TsVEkpM3DgnrkKq8vgONRHCAOIyscU2YIPLk2X3c4xUNdcv0dqb99rIiNQegQoMlnUIK2igaSbR-_eL3yLeow6hXDYQkQcjbO4000ZTWVmtp0SCS4Nui3oROhYSk7ApFByo7ZCP1HnyerHuhEsD_V-huYYU53BCFLV6MZmEQtGpbbHuhY5V2CTg3eIkeNYj_hIG4450iOZoHToEL1ir7GdjFNPyAnpvbg9uTlCqiCArnQG3NDk5AJpExzx2x1idMgpiDxDmo3lpIrH53hjbT_0Id6CXiBUqeYkJBHlc18Pl6gi_OLdX8-Rtb_SeDaEX9DhzYxK2kLj4AsbrbhEuLLopUQk2oHVGk_aDgmyx7DjyTAM4j8VhRY_sxUFnpAzUAhY49VVRQH3VWT7HsPXc8pnBLd9_a7h4ifckyjbfdDssFG0PZch6RpzjgVXVOg4zgotZ7aHRZdeD9CJT_8EOVj8Qnh7E2d55MdG1LrrZ9BTKitd-3IUOoqvzi2wtqNfnBy2VczWgvAOZFk3k-ylKmSZYuHIipabDLcG2j9h6MakGPbVJBWPz4FrRC9gqbNQiBmbYcMSJG1t_ymOdhmadMfBA6gu0Bk_VSpxd9W8gVZ7PTPbL-nQ7BOKPSx3nOnkwhVtaczMqyFnYLE-lxqCLPCRkQHlMxILkRluoWcRl44_Kw11FMsaBp5mbTpwIXmdOAL7I-x4_ou9XEN_KMq0P9LHQLpkSQ4mSGdUDkmxxLhgwZksDncVNFVYCeXiwol5_tEWTeZdnUPOAWbwe8Dzi3wb4L-ydF_JagHpS_I7r8riM-0G2udYwWf5D9-xYa304s3nj0ey0Q5c--38V8QixhzcE3woSNxZ2RgPcLqum-4juV5QfnTWYKiQIZ7M3VMEemAvFtXMyGkdrcZlbCIkbUzmXiTBDxsd6MWKOVV2nmLZUb0xfTildwliU1rvu66n0_a6I5KY81nuVdj9O0YbG66pIODlWhtzY0wo0OJMyJfrqxgBUY6BA4ORuBeqIwMM1ntVlTcWUH55zXHEiJ1nXW6_jI9vXgRTWhuiuSsrviQNj4KuB8Z1kbHnzZ_iTxrcUJTQ3E5gxvJ-9x2GXzRDqZKijQCBZRheIY5so-ssfYl632yGyOJkgBdrXO1nyW-EX6N8qlidDI8_4cehwOgfipGo53MsFLt6pjUzF_9xBPkzraN5aAvy1s0xD2HIlulZbXmuOCDPwerdQ0UXSNL13fPiISpJJthVJpqeyJnlFKWqrk84T0Cqcbef4Agrfa__IUb5TgfqRq4zVspD0YjL-kyy-X05-ZO2vudUWeMVNzJAOrrunNueo8d-_TQU6lzFQv6_H5EPiQ7tV2fl3TlTmDYvTvbsvUmLGSRgv0aE-SNtKdNBDTmqrge31vKWvnqCBwYw-8jbj8Wldc8pWvSsbcLxQI6bdEi13JrPPmL_A5bq_iUShS0Uvpme21MnmIZU94FW4fPVLeGS3Etg-vi7sg53UdNyHrQwQJW2XRO1KnQS-WsND_qrUU9_uR-TowT35mJqfwkwYGe4iOBkJwRjk7FJmrcb8gXAc_AEgpYMNEzexnh6kl5qMCti-UMr2vGMknEJ74Exw5liRg0Jtr6Iz49PO14yAyHgl-emLJ_b1rXZYMahaIHH1YHRr689W5SeCm3WDPkp_S-Wd0EZgrR3vtln8_ssxLmyhYNaX-eJSmmBG6-yaUUbOcNlORiymsX1uTAjX7ee6Ta2cCKFQ6BFbu-uv1YrTkxsyXX07rZFOyRfYKoK2Xq6PVQ3QjEyeiiV9REhgKnhFc6HZvl_ra54RDc2hQTeth9HuCe8mQ3Bm7uMFaZRIP6_u3NPCK-fKGIVeWuvYD79KJjs0EEifMNQc7o8tq2k4lev5Rwtbe_IKRBjgo61S-PnHJk7RcK51nDD-w2bTx2yKenbBzC1MldT-rGHB4SXKNo94o1yfVe-8hj2zke8EAgsCF8wdLTj8rWU6HgSQOItekhbFVycVDAjrb9kCwaGXZ6_SkK0VbrBd6QYqGjAJIe41xCWgaAd5lT5ntUkmLB9Om8sPUJxyPyedbbV_Hj41kOWmbQmQcn-PfoO0vR3G7XGH3VvgPuk3AX7Z3LtynuloPaeo-w4qcs16uZQEHnBrQgJ6fQw1vNmUjUlDsiJ-l0io-lqhULEGxZeq5v-b-lCu6G1Unj8jjpX8w68eHIaKen2Hzqz6ZQsFl-J-_K6vbE_z1ZN4LdYoPMvZwKnTg0DvdxH4nvCI7ZH0KA1XuGtjDpj1mNGG8nP8OFkL-OrxREeSiAt6os-QHsc77VZREvMDh5696Bclb-wQGjB3eK2zbcXaOQ_7Hx4sCm3EYGONmwKC0QEB3ajNqUOhEDFJ7x7DSv9eif5PvoNT4lib-x7LIzZwyhIG-fMx9C34lmOuy92QxyFz2yy0eTrtxTOaJTUUJEfBgLYW5StlVbf2DMfHhLBBUJKtKJT3Ag-PtwJMRw4eX0k0NaLzOKwBXd2oQkJlfHrO9leXfXYt-9hPMj9pC0bVriAqivpzNvbByVebLNLUw9n62gRd05j7csrhgmWgLnXyg47pxmNtsOqhCrYNnj4yu4OUHc72is6YBd6-88Y7yvLFUsOciw_wEcaQXU_6HAlvbN777G-lb6D1NEhuACj_k-fdcqL4qF5kbZFuuQ1vHMSx6sf_JERoeGl8f7M_Zh3yvWlYFHiviDba6I9HEh4Cz0UreroIjD1JewYApOYvoCBOWzoNKIJeASpq2r&cid=CAASKORoiE6V4oXgJRihD0CujR4n_fFmYpMzniRmlXgh6RtErtd5RhtJsE4&rfl=2%2Chttps%253A%252F%252Fdiario.mx%252F%240
Frame ID: 18363648823831329384550339C9D571
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGP7rmccBMAE&v=APEucNXiaCcJAe-Vt4nVp2FaFm3Oxm5yN3BkxwLcfuKbSIB_pGUBXKmVH_84B0TWm3N7MkxBe9_s1-OwEDzZGumiNAm479jOt_M71dwijr395M-5mTgfYFMiuqnjGk1l5q8_BsKWr7XSwUR64VHNUV9bHL9_23noVdkvakvTmsuzOUF3pe5DR08
Frame ID: 253C14CC4E1D5BA74273B6BA457C6F50
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
Frame ID: ECBEC7CA0ECB881C5BEB81098CD90FD4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
Frame ID: 092A90886E76630F9B64FFB69436C754
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5534637385780799923/index.html
Frame ID: 6F41147B63B251AFDA307BD024A0E664
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
Frame ID: CBD9CDD555D1F7F53CDFB988FB05C6AD
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
Frame ID: 8C8959E2C5B760683FADDCB686C41B01
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12929797443785239284/index.html
Frame ID: 9DDE9B81E0462AF665FF443A625EDCF0
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
Frame ID: 765347C8B81A2BDF0F22B38A3E8A322B
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 82694EAE0B8DC163B86B0A5E98EC9718
Requests: 3 HTTP requests in this frame

Frame: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Frame ID: 339A280EB891E0393DDFAED5F7B8E03A
Requests: 37 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3AD61BB7A76C79A9319A243EF27359E5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 887506C32ACABB783898B3D909A7DDC5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 56B715601E54E422CAFE7CB39E66DEE3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E44A3E5A78122F274BC2D246C38C01DB
Requests: 3 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1649675247575602672056
Frame ID: EABE3F2C67384C0B6B72D39D8494343C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
Frame ID: 8D1EB73E706BDD1BA9D13D9DC1642FB5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B06DDE79CA6EB929C0D1C61D70EDEC2D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29F355B60648583B8C4914AC62488F39
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1649675249879176439082&consentData=&gdprApplies=0
Frame ID: D77EE4D81DC54D1AE40487A78B22D007
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EU removió secretamente el malware de todo el mundo; previene ciberataques rusos

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

372
Requests

91 %
HTTPS

45 %
IPv6

43
Domains

63
Subdomains

41
IPs

10
Countries

5356 kB
Transfer

10933 kB
Size

43
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://diariomx.pressreader.com/el-diario-de-juarez
Title: Impreso

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=diario.mx&utm_medium=referral&utm_campaign=widgets&utm_content=1102083
Title: recommended by

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/11739850/i/57435972/0/pp/1/1?h=K2GBOjv7BRicm7SHJoIhehnRzT1vWq8ekQVZHV1IEvxMGwF_g609hKUY5A4lP4Dt&rid=92ad2ab2-b987-11ec-9c6c-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://autoschihuahua.com/?utm_source=el_diario_mx&utm_medium=referral&utm_campaign=autos_chihuahua&utm_content=web_general
Title: AutosChihuahua.com La mejor forma de comprar o vender tu auto - Visitar

Search URL Search Domain Scan URL

URL: https://weather.com/es-MX/tiempo/hoy/l/c4b94e90d237dcf6ca5af0cde259f9edd06436ce70dfd9fee8ddcacefdd81c34
Title: Clima

Search URL Search Domain Scan URL

URL: https://www.eldiariodechihuahua.mx/
Title: Chihuahua

Search URL Search Domain Scan URL

URL: https://eldiariodedelicias.mx/
Title: Delicias

Search URL Search Domain Scan URL

URL: https://eldiariodeparral.mx/
Title: Parral

Search URL Search Domain Scan URL

URL: https://eldiariodelnoroeste.mx/
Title: Nuevo Casas grandes

Search URL Search Domain Scan URL

URL: http://diariomx.pressreader.com/
Title: Versión Impresa

Search URL Search Domain Scan URL

URL: https://clasificadopm.com/
Title: Clasificado PM

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCfpu_bQhCwCRiwCTIIQTT4XLD4ts4 HTTP 301
https://tpc.googlesyndication.com/simgad/13012794670149908852

Request Chain 96

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCfps-C2wEQsAkYsAkyCDH2u76nni_Q HTTP 301
https://tpc.googlesyndication.com/simgad/12581545980791877918

Request Chain 141

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGJxfa4MKmN_Mg1zr3p7AKI&google_cver=1&google_push=AYg5qPI1XtJquoGilPzUjaIZlesGMvhutHxKfu71oD-iOc90B7xqz-ivPQLPQ9KgX0K830ClL2ZXppL_fDBP7pNY5vXxtXhWguU HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGJxfa4MKmN_Mg1zr3p7AKI&google_cver=1&google_push=AYg5qPI1XtJquoGilPzUjaIZlesGMvhutHxKfu71oD-iOc90B7xqz-ivPQLPQ9KgX0K830ClL2ZXppL_fDBP7pNY5vXxtXhWguU&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HJJYSgQdSgKmPEkJ_JhwqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI1XtJquoGilPzUjaIZlesGMvhutHxKfu71oD-iOc90B7xqz-ivPQLPQ9KgX0K830ClL2ZXppL_fDBP7pNY5vXxtXhWguU

Request Chain 142

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPEvrPyPc126tvuJB8u9k1g&google_cver=1&google_push=AYg5qPIJ0lhpiQxQI_RmN5P77-BoHCYFSjjIci78nhHqQXUZ8NSCz27cT5m3P7o6znMTftCclt984J2aX23sSW-Tf_PfjAvVvDg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFVTTFRUDYtMUYtSk1LUg==&google_push=AYg5qPIJ0lhpiQxQI_RmN5P77-BoHCYFSjjIci78nhHqQXUZ8NSCz27cT5m3P7o6znMTftCclt984J2aX23sSW-Tf_PfjAvVvDg

Request Chain 143

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_cver=1&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1

Request Chain 181

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxvi6Kd1kWA7YmvFrUsv04&google_cver=1

Request Chain 186

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlQL7oX5hNXqwTltLxYvuwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxvi6Kd1kWA7YmvFrUsv04&google_cver=1

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKHDC1ftntA5AB8H0f_D9fQ&google_cver=1

Request Chain 188

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc4NzU4ODY3MDA2MDUwOTI3

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEtTg0MM-zkUUYEbukfze2U&google_cver=1

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESELn329IJIS1R4ccfdnb7Yi0&google_cver=1

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEtTg0MM-zkUUYEbukfze2U&google_cver=1

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESELn329IJIS1R4ccfdnb7Yi0&google_cver=1

Request Chain 201

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFpHz8euD-G-XfYQIOHS2q4&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFpHz8euD-G-XfYQIOHS2q4&google_cver=1&__user_check__=1&sync_id=923782e3-b987-11ec-83b4-1974e5cf0406

Request Chain 202

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=92375cc5-b987-11ec-89af-10ffbde80206 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTIzOTMzNDctYjk4Ny0xMWVjLTkyZjgtMWJmOWFkOTIwMzA2

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1&apid=UP9235de59-b987-11ec-91ec-027031e56216 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1&apid=UP9235de59-b987-11ec-91ec-027031e56216&verify=true

Request Chain 204

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP9235de59-b987-11ec-91ec-027031e56216 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP9235de59-b987-11ec-91ec-027031e56216&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5MjM1ZGU1OS1iOTg3LTExZWMtOTFlYy0wMjcwMzFlNTYyMTY%3D

Request Chain 217

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFpHz8euD-G-XfYQIOHS2q4&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFpHz8euD-G-XfYQIOHS2q4&google_cver=1&__user_check__=1&sync_id=9239339f-b987-11ec-92f8-1bf9ad920306

Request Chain 218

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=923757c7-b987-11ec-8834-1bbe6fc50406 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTIzOTMzNDctYjk4Ny0xMWVjLTkyZjgtMWJmOWFkOTIwMzA2

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1&apid=UP9235de59-b987-11ec-91ec-027031e56216 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1&apid=UP9235de59-b987-11ec-91ec-027031e56216&verify=true

Request Chain 220

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP9235de59-b987-11ec-91ec-027031e56216 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP9235de59-b987-11ec-91ec-027031e56216&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5MjM1ZGU1OS1iOTg3LTExZWMtOTFlYy0wMjcwMzFlNTYyMTY%3D

Request Chain 250

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=EU%20removi%C3%B3%20secretamente%20el%20malware%20de%20todo%20el%20mundo%3B%20previene%20ciberataques%20rusos&sr=1600x1200&_utmht=1649675246447&cid=amp-Hc01O31a2Tevkc7y-IWIOg&tid=UA-36144332-1&dl=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.19410042584816578&_r=1&a=4640&z=0.29230527764464775 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.19410042584816578&_v=a1&z=0.29230527764464775 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.19410042584816578&_v=a1&z=0.29230527764464775 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.19410042584816578&_v=a1&z=0.29230527764464775&slf_rd=1&random=1112285282

Request Chain 256

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=EU%20removi%C3%B3%20secretamente%20el%20malware%20de%20todo%20el%20mundo%3B%20previene%20ciberataques%20rusos&sr=1600x1200&cid=amp-Hc01O31a2Tevkc7y-IWIOg&tid=UA-36144332-1&dl=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.8365393491755595&gjid=0.48824237289733263&_r=1&a=4640&z=0.02950020755637217&gtm=2pu000 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.8365393491755595&_v=a1&z=0.02950020755637217 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.8365393491755595&_v=a1&z=0.02950020755637217 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.8365393491755595&_v=a1&z=0.02950020755637217&slf_rd=1&random=1895985024

Request Chain 359

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=acb95b4b-060d-4a71-bd73-dc6ee672b124&ttl=1652267248

Request Chain 360

https://x.bidswitch.net/sync?dsp_id=303&user_id=m3bs21jCrt74 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m3bs21jCrt74 HTTP 302
https://pixel.advertising.com/ups/55859/sync?uid=0e834236-4bdb-4d27-a642-7778b39d351f&_origin=1&gdpr=&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=0e834236-4bdb-4d27-a642-7778b39d351f&_origin=1&gdpr=&gdpr_consent=&apid=UP9235de59-b987-11ec-91ec-027031e56216

Request Chain 361

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTNiczIxakNydDc0&muidn=m3bs21jCrt74 HTTP 302
https://cm.mgid.com/google?muidn=m3bs21jCrt74&google_ula={guid},5&google_gid=CAESEBvZ5eqJmHnpMu7K1eXIjsU&google_cver=1

Request Chain 362

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m3bs21jCrt74 HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=7279381779277216537&gdpr=0&gdpr_consent= HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 364

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=3O8DT6GM9PtbX1Spbssm&pi=mgid&tc=1

Request Chain 365

https://t.adx.opera.com/pub/sync?pubid=pub6103523253312 HTTP 302
https://an.yandex.ru/mapuid/operacom/ HTTP 302
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1 HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=50A729EFA8FF7523 HTTP 302
https://creativecdn.com/cm-notify?pi=opera HTTP 302
https://t.adx.opera.com/sync?vendor=60039&uid=3O8DT6GM9PtbX1Spbssm&pi=opera HTTP 302
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D$UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D%24UID HTTP 302
https://t.adx.opera.com/sync?vendor=60124&uid=3515075340165226367187 HTTP 302
https://ups.analytics.yahoo.com/ups/58484/occ HTTP 302
https://t.adx.opera.com/sync?vendor=60112&uid=y-fSt_EUxE2uEfoYLjMh61OChikNq45irLXYEjBDA-~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60141%26uid%3D%24UID HTTP 302
https://t.adx.opera.com/sync?vendor=60141&uid=778758867006050927 HTTP 302
https://cm.mgid.com/m?cdsp=528163&c=37eb786e0972467b8e9e5786cb95bfa3

Request Chain 366

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=60188564-7b27-458e-8660-0c9ea2398587

Request Chain 367

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=fd1ed92a-5fb8-413d-9e4b-3427783a4c21

372 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html Show response
diario.mx/estados-unidos/ 77 KB
14 KB 73ms
40ms Document
text/html 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: nginx/1.16.1 / PHP/7.3.11
Resource Hash: 1d4030e0fff5ab07441c8aac59995d771cb8a761faab7656d9bc112cabe9435a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42531
cloudfront-viewer-country: DE
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 10 Apr 2022 23:18:33 GMT
server: nginx/1.16.1
vary: Accept-Encoding
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-id: tBwpTZDeKDPJP9O3e-RPB6fVEjtFRh_6w9XsqzH_BE1WGnBt-L5nUw==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-powered-by: PHP/7.3.11

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
11 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

217b6de3bfa2f9d2f48dbab55bd6c2ffc2d4e72ccbb3030052548daa4436c3c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10380
x-xss-protection: 0
server: sffe
date: Mon, 11 Apr 2022 11:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "2022b5fb78bd5a97"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 275 KB
71 KB 176ms
153ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16adfd064401bcf61aba320c08da703112404b6a7338129018d0d799217f46bc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72403
x-xss-protection: 0
server: sffe
date: Mon, 11 Apr 2022 11:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "87c1a5ea8a261f23"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 icon
fonts.googleapis.com/ 638 B
449 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons+Outlined&display=swap

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dcbbd42424e752542d1fb56ac07717bf9e163d7f9ebed84beb1634e611ef2dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 11:07:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 11:07:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Roboto:400,500,900&display=swap

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6454288c3fdca64ab9decf97ad7aa3ad2760ae9557ab8b10205a880413dff4b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 11:07:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 11:07:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b0750a71d3400b8273391c851d80c54e7874f011b206e5b2fd83280eae43dfd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9856
x-xss-protection: 0
server: sffe
date: Mon, 11 Apr 2022 11:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "9a269adba6fec797"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e9ef66f3e31e617eab0923cc3b3067f65302790a9e7f85421ee9075a9db9f41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32365
x-xss-protection: 0
server: sffe
date: Mon, 11 Apr 2022 11:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "fc53b7c2d50de298"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4b8ac9f65bac9526c9fddd8cfd27085244bc2178849434e41b8e99a2afe0abf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23278
x-xss-protection: 0
server: sffe
date: Mon, 11 Apr 2022 11:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "e486d1ca2ddaf64d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 amp-inline-gallery-0.1.js Show response
cdn.ampproject.org/v0/ 23 KB
6 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-inline-gallery-0.1.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cc767341f5096ffa31e024ece3bf7c036a5d3ca57d603c9bb8d48194b888c76

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6312
x-xss-protection: 0
server: sffe
date: Mon, 11 Apr 2022 11:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "7f751c32adeb85c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 amp-base-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 33 KB
9 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-base-carousel-0.1.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2eb7cc7477ee2180aaee79d29347afe0aac5a0d6e648b87140fc84ed6f8b742

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9299
x-xss-protection: 0
server: sffe
date: Mon, 11 Apr 2022 11:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "442dab053ced671e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 amp-selector-0.1.js Show response
cdn.ampproject.org/v0/ 11 KB
4 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-selector-0.1.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9c956283ef35eb9461e7a59732d284bf0aef0a31b683378530f643a6f615d2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3574
x-xss-protection: 0
server: sffe
date: Mon, 11 Apr 2022 11:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "cf0679870e46da01"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 amp-lightbox-0.1.js Show response
cdn.ampproject.org/v0/ 26 KB
9 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-0.1.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

811cc2ff79995a65d15f144e10306e96333f86385decef2d2d1f8a1eafee9940

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8706
x-xss-protection: 0
server: sffe
date: Mon, 11 Apr 2022 11:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "5b5252ad9c961b7e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 amp-image-lightbox-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-image-lightbox-0.1.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd1856b1988bcec7876a826fc3555fa32d2880d2e616350e24b163ec557fdc5b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11118
x-xss-protection: 0
server: sffe
date: Mon, 11 Apr 2022 11:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "66dac0648262724b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 amp-addthis-0.1.js Show response
cdn.ampproject.org/v0/ 26 KB
9 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-addthis-0.1.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc6658c9138aff70858a788ca6487c36221d6b7aaef57122e9edd50d47dcb7b6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8910
x-xss-protection: 0
server: sffe
date: Mon, 11 Apr 2022 11:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "474c45e488eccb10"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 45ms
18ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

c51886a949b6c89c9aeac2fd433cb7c079136c42c42a2b27f2cb02743e7f2a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28348
x-xss-protection: 0
server: sffe
etag: "1184 / 559 of 1000 / last-modified: 1649673542"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 73ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11883bf6d3210b3cce678cf89dda9ea759e68f9d74338a0a3be169fa2826459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54053
x-xss-protection: 0
server: cafe
etag: 12129705233097721622
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 diario.mx.1102083.js Show response
jsc.mgid.com/d/i/ 2 KB
1 KB 242ms
209ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/d/i/diario.mx.1102083.js
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 854a4580bdae46c0106aa34c9071dd01534cfc685ec1121c9ce22b249f6b8f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:24 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: FX8FCF2RQVC01J2G
last-modified: Wed, 06 Apr 2022 12:39:49 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 2BI01BMJ7EtsBTdFpPpuriTESqtr/NP+QmHdG2x4UL6SXOR3mrVK+6E9wH8a1doCBOTFfetLdWk=
cf-bgj: minify
server: cloudflare
etag: W/"4234ca8eae96f43cd6a81328c80d3a1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6fa34227bf1d9bc5-FRA
expires: Mon, 11 Apr 2022 14:07:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 62ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2601210804495972

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fba981d54c989b196c871ea7c908f8632c84ae005c3f3ce0d97d00979e0af66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Origin: https://diario.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54015
x-xss-protection: 0
server: cafe
etag: 9567472506319467349
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 63ms
16ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:03:22 GMT
content-encoding: gzip
age: 241
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 0V4EFAZVS5KJDFAVF5PN
etag: 4e3fad24a118a07cea7ce88b2721a583
vary: Accept-Encoding
x-amz-version-id: .7apL996dsR_ZFPBtTTtY5SRaPfBf8DJ
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 9dkwGP4RkM9CpgurMDJ-cGM-SnYCO2k0SDFvN5tb_CkyV2Y3a2Mxng==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Roboto:400,500,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diario.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 292863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Apr 2023 01:46:21 GMT

GET
H2 200 gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
fonts.gstatic.com/s/materialiconsoutlined/v101/ 148 KB
148 KB 43ms
19ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsoutlined/v101/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons+Outlined&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09278f5e4175344bf9f92b8e2e7be3940da6ae4c067c21e66ea676fa8be58bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diario.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 16:55:44 GMT
x-content-type-options: nosniff
age: 583900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151244
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 18:26:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Apr 2023 16:55:44 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 15 KB
15 KB 44ms
20ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v24/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Roboto:400,500,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diario.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:30:27 GMT
x-content-type-options: nosniff
age: 401817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:13:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 19:30:27 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 15 KB
15 KB 58ms
34ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Roboto:400,500,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diario.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:30:27 GMT
x-content-type-options: nosniff
age: 401817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:19:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 19:30:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Roboto:400,500,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diario.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 507923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 14:02:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 43ms
38ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700|Roboto:400,500,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diario.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 13:17:51 GMT
x-content-type-options: nosniff
age: 251373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 08 Apr 2023 13:17:51 GMT

GET
H3 200 pubads_impl_2022040601.js Show response
securepubads.g.doubleclick.net/gpt/ 369 KB
125 KB 23ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

e39d8d1a1f8935d9609168b378a0caf1697fff05bfb0ade214447b65071f1f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 13:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128287
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 09:49:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 10 Apr 2023 13:06:13 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 300 B
171 B 41ms
15ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=diario.mx

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

117f08553daf24baa31254634efe7a9aa45c4062c44b5268c753c2acffbe8ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 11:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146
x-xss-protection: 0
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
307 B 11ms
10ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdiario.mx&pubid=738f199a-1274-47e1-ab8d-96af6a296066
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 05:45:40 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
server: Server
age: 19304
x-cache: Hit from cloudfront
access-control-allow-origin: https://diario.mx
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Yl55_znUmvKa7CJ_oDzz1C0YbGrCjY68qP8tCwDuxq70tXpO0SUV_Q==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
487 B 54ms
54ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&pid=CLej9y6LxT9wi&cb=0&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1624559607094-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F21749951777%2Fwww.diario.mx%2FLB_728x90_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1624559640722-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F21749951777%2Fwww.diario.mx%2FLB_728x90_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1624557870074-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21749951777%2Fwww.diario.mx%2FMR_300x250_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1624558632688-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21749951777%2Fwww.diario.mx%2FMR_300x250_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1624558679361-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21749951777%2Fwww.diario.mx%2FMR_300x250_3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1624559222012-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21749951777%2Fwww.diario.mx%2FMR_300x250_4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1624559260211-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21749951777%2Fwww.diario.mx%2FMR_300x250_5%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1624559298639-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21749951777%2Fwww.diario.mx%2FMR_300x250_6%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1624559333581-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21749951777%2Fwww.diario.mx%2FMR_300x250_7%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1624559365988-0%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F21749951777%2Fwww.diario.mx%2FHP_300x600_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1624559404831-0%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F21749951777%2Fwww.diario.mx%2FHP_300x600_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1624559488110-0%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F21749951777%2Fwww.diario.mx%2FHP_300x600_3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1624559523600-0%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F21749951777%2Fwww.diario.mx%2FHP_300x600_4%22%7D%5D&pubid=738f199a-1274-47e1-ab8d-96af6a296066&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:24 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 002X0PQ18BW5RVHKKAFV
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://diario.mx
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: h0b2uSfrrgLchR2u6jn5JoKR9JSBSHDJq8UVTcBeBx9blqoYYoMpkA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 32ms
17ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 30241
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
date: Mon, 11 Apr 2022 02:43:24 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: pRJPK1aRA2-eECFEggrPNuOSKAZQ1IyNub7SiP9Tmg-w3oDHXaZOKw==

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 301 KB
108 KB 35ms
35ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2601210804495972&plah=diario.mx

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2601210804495972

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b38b16469af42a9ac6c8f858f28f1d6c386a1b78da8a3c61f62e87a3b6e9f37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110328
x-xss-protection: 0
server: cafe
etag: 14641304765675448842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 11:07:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/ Frame 039F 10 KB
5 KB 31ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2601210804495972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 17:28:43 GMT
etag: 14837630671339829333
expires: Sun, 24 Apr 2022 17:28:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Logo_Diario.png
diario.mx/jrz/media/logos/ 4 KB
4 KB 12ms
11ms Image
image/png 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diario.mx/jrz/media/logos/Logo_Diario.png
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6013eea0b91e0788c8648a37d5a92f18ada72b6b4f4f78f5761e4e052688b255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:13:10 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Thu, 03 Dec 2020 19:33:17 GMT
server: AmazonS3
age: 816854
etag: "25555df5f60c38f0090fbe3db2b44c9a"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
content-length: 3745
x-amz-cf-id: QQ1qQg4gYJtBCAUVicKnJ5AgsnJiy4MC30avIveFWQPJGoTIevu_sw==

GET
H2 200 sm_20220406070529519-0-1917092.jpg
diario.mx/jrz/media/uploads/galeria/2022/04/06/ 26 KB
26 KB 456ms
455ms Image
image/jpeg 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diario.mx/jrz/media/uploads/galeria/2022/04/06/sm_20220406070529519-0-1917092.jpg
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cee0d703a6ee8f65d8ca0646450eb4a4957c647dd083fa91d48dd8fe86dff1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Thu, 07 Apr 2022 01:28:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "6d902439380774c9cab90329b763b3fa"
x-cache: Miss from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000, s-maxage=31536000, public, immutable
accept-ranges: bytes
content-type: image/jpeg
content-length: 26675
x-amz-cf-id: rmPthofhJljM15WmFN3nngT0z99L1RCb52S8__qopJ0BjpcLDWgv1g==

GET
H2 200 xs_20220406013307637-0-1916990.jpg
diario.mx/jrz/media/uploads/galeria/2022/04/06/ 6 KB
7 KB 14ms
13ms Image
image/jpeg 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diario.mx/jrz/media/uploads/galeria/2022/04/06/xs_20220406013307637-0-1916990.jpg
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 470aabadf643aa13008e15d8b1a8b47618b795c681bc48e23ed1ae9856082bbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 22:54:10 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Wed, 06 Apr 2022 19:33:09 GMT
server: AmazonS3
age: 389595
etag: "d99ee9db89ebea331bd8f4db4580969b"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000, s-maxage=31536000, public, immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 6477
x-amz-cf-id: BImPsp1llJ5IkVKYhu_R5i_kYZkWO6Pf5cClyHiwpYplKqtNuCg6TQ==

GET
H2 200 xs_20220406114049106-0-1916940.jpg
diario.mx/jrz/media/uploads/galeria/2022/04/06/ 5 KB
5 KB 447ms
446ms Image
image/jpeg 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diario.mx/jrz/media/uploads/galeria/2022/04/06/xs_20220406114049106-0-1916940.jpg
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f74c3e05748107cef06ce7449fe69855d19a8463c950167239995ffdb62a2461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Wed, 06 Apr 2022 17:40:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "2bb69903964a9f3459054ec83fe340b8"
x-cache: Miss from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000, s-maxage=31536000, public, immutable
accept-ranges: bytes
content-type: image/jpeg
content-length: 4851
x-amz-cf-id: 5cKcXhFcN6emfHO0bDiHyLlpxTkLP6KgH3L58OZDO-V8YcRCX9Nnbg==

GET
H2 200 xs_20220406101555129-0-1916899.jpg
diario.mx/jrz/media/uploads/galeria/2022/04/06/ 6 KB
7 KB 486ms
485ms Image
image/jpeg 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diario.mx/jrz/media/uploads/galeria/2022/04/06/xs_20220406101555129-0-1916899.jpg
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0672bcaeae421e7b5b2c27ac2ee127c558623e89247b1f8e49aff76df86bd627

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Wed, 06 Apr 2022 16:15:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "0183ec080e99bc03ae827467987158c5"
x-cache: Miss from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000, s-maxage=31536000, public, immutable
accept-ranges: bytes
content-type: image/jpeg
content-length: 6280
x-amz-cf-id: K876HPKbSPFdcvKsbqxYKdE2lBV2936JLg7XBTsszN9NuOAyF_R8Ow==

GET
H2 200 xs_20220405044756401-0-1916631.jpg
diario.mx/jrz/media/uploads/galeria/2022/04/05/ 6 KB
6 KB 460ms
459ms Image
image/jpeg 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diario.mx/jrz/media/uploads/galeria/2022/04/05/xs_20220405044756401-0-1916631.jpg
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d315287a2c6cbf290e1c0d157e167aa68ea4ba04ce85a7c95062ba87cd69a071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Tue, 05 Apr 2022 22:47:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "c2d41976619878760b77f3f978573494"
x-cache: Miss from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000, s-maxage=31536000, public, immutable
accept-ranges: bytes
content-type: image/jpeg
content-length: 5715
x-amz-cf-id: xezc57uIt8GiAVQ7IUIRQqR1lZPqH4D9n7XvX9M9Dd8XdzpJJbnPoQ==

GET
H2 200 xs_20220405034433875-0-1916599.jpg
diario.mx/jrz/media/uploads/galeria/2022/04/05/ 9 KB
10 KB 471ms
470ms Image
image/jpeg 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diario.mx/jrz/media/uploads/galeria/2022/04/05/xs_20220405034433875-0-1916599.jpg
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d758504500950bdf26c63adab5769eb1ce654bf1195a8b5a7c8ee2cfca8b6c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Tue, 05 Apr 2022 21:44:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "932bce0c9b698299f260fbd663fa7e6e"
x-cache: Miss from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000, s-maxage=31536000, public, immutable
accept-ranges: bytes
content-type: image/jpeg
content-length: 9473
x-amz-cf-id: rSdwKFUgoMO-fqQfClqgFHbfVaQrm_WKaAPE9ovTf_tn-EscLhb1cQ==

GET
H2 200 xs_20220405022106132-0-1916569.jpg
diario.mx/jrz/media/uploads/galeria/2022/04/05/ 8 KB
8 KB 453ms
452ms Image
image/jpeg 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diario.mx/jrz/media/uploads/galeria/2022/04/05/xs_20220405022106132-0-1916569.jpg
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cf70be5ebec019f43b92ca0e84f8ebdbc817ee5e30e44b6c13d33e7aa4b925d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Tue, 05 Apr 2022 20:21:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "af873c01c380e252fff494e0bfc43017"
x-cache: Miss from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000, s-maxage=31536000, public, immutable
accept-ranges: bytes
content-type: image/jpeg
content-length: 7755
x-amz-cf-id: S0wPQRsSB6_VEKCaYyNu5eetnUfs2Kaj6V4TFAL_C2RKCvaFclY_8Q==

GET
H2 204 300lo.json Show response
m.addthis.com/live/red_lojson/ 0
139 B 185ms
148ms Fetch 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?amp=1&bl=1&cb=0&colc=1649675244345&ct=1&dc=1&dp=diario.mx&fp=%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fr=&gen=100&ln=es&lnlc=ES&mk=&of=0&pd=0&pub=ra-60d61e191a230291&rb=0&sid=62540bec51dad074&skipb=1
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://diario.mx/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://diario.mx
pragma: no-cache
date: Mon, 11 Apr 2022 11:07:25 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
access-control-allow-credentials: true

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012203172113000/v0/ 13 KB
4 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203172113000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce69c445e159f9b6a82dd74da98316aeff28850ff1c405cc81d8d38a0c1af5ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Origin: https://diario.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 499000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4104
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 16:30:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "93d6b9c70aaa2b68"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 16:30:45 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
18ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=diario.mx

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 11:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 267 KB
52 KB 781ms
781ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815919348481803&correlator=1113377263685397&eid=31060439%2C31066023%2C31066921%2C31066962%2C31067009%2C31067027&output=ldjh&gdfp_req=1&vrg=2022040601&ptt=17&impl=fifs&iu_parts=21749951777%2Cwww.diario.mx%2CLB_728x90_1%2CLB_728x90_2%2CMR_300x250_1%2CMR_300x250_2%2CMR_300x250_3%2CMR_300x250_4%2CMR_300x250_5%2CMR_300x250_6%2CMR_300x250_7%2CHP_300x600_1%2CHP_300x600_2%2CHP_300x600_3%2CHP_300x600_4%2C1x1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12%2C%2F0%2F1%2F13%2C%2F0%2F1%2F14%2C%2F0%2F1%2F15&prev_iu_szs=728x90%7C970x250%2C728x90%2C320x50%7C336x280%7C300x250%2C320x50%7C300x250%7C336x280%2C320x50%7C300x250%7C336x280%2C320x50%7C336x280%7C300x250%2C320x50%7C300x250%7C336x280%2C320x50%7C336x280%7C300x250%2C320x50%7C336x280%7C300x250%2C300x600%2C300x600%2C300x600%2C300x600%2C1x1&fluid=0%2C0%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2C0%2C0%2C0%2C0%2C0&ifi=5&adks=3018793917%2C901793840%2C964429694%2C4151540049%2C2326191477%2C2451906936%2C848236370%2C4067258455%2C259560245%2C4009366697%2C4175762244%2C661543213%2C2447946057%2C2563776183&sfv=1-0-38&ecs=20220411&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7CSeccion%3Destados-unidos&eri=1&cust_params=Seccion%3Destados-unidos&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1649675244422&lmt=1649675244&dlt=1649675243997&idt=382&biw=1600&bih=1200&adxs=10%2C-9%2C1012%2C1012%2C1012%2C1012%2C-9%2C-9%2C-9%2C1012%2C-9%2C-9%2C-9%2C0&adys=141%2C-9%2C569%2C865%2C1160%2C2748%2C-9%2C-9%2C-9%2C2103%2C-9%2C-9%2C-9%2C4322&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x144%7C0x-1%7C363x295%7C363x295%7C363x295%7C363x295%7C0x-1%7C0x-1%7C0x-1%7C363x645%7C0x-1%7C0x-1%7C0x-1%7C1600x4322&msz=1580x90%7C0x-1%7C343x250%7C343x250%7C343x250%7C343x250%7C0x-1%7C0x-1%7C0x-1%7C343x600%7C0x-1%7C0x-1%7C0x-1%7C1600x0&fws=4%2C2%2C4%2C4%2C4%2C4%2C2%2C2%2C2%2C4%2C2%2C2%2C2%2C4&ohw=1600%2C0%2C1600%2C1600%2C1600%2C1600%2C0%2C0%2C0%2C1600%2C0%2C0%2C0%2C1600&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=false&btvi=0%7C-1%7C0%7C0%7C0%7C1%7C-1%7C-1%7C-1%7C2%7C-1%7C-1%7C-1%7C3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

99f8e7270bd05a17c82d813a4c731af3cde2b4211ab178a2995f193c46de3691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53678
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-2,-2,-2,-1,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,-1,-2,-2,-2,-1,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diario.mx
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DE9F 6 KB
4 KB 56ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:25 GMT
expires: Tue, 11 Apr 2023 11:07:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp-addthis.html Show response
s7.addthis.com/dc/ Frame 42A6 10 KB
4 KB 29ms
13ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/dc/amp-addthis.html?_amp_=2203172113000

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-addthis-0.1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

c6caa6f2fd721a58676564c583920f6ce76ac43adb2b1a0d4ffb369c3c532687

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, no-check, max-age=86313600
cache-tag: at_client_ndc
content-encoding: gzip
content-length: 3838
content-type: text/html
date: Mon, 11 Apr 2022 11:07:25 GMT
last-modified: Tue, 03 Nov 2020 14:29:17 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: at_client_ndc
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 addthis.png
cache.addthiscdn.com/icons/v3/thumbs/32x32/ 137 B
339 B 87ms
71ms Image
image/png 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cache.addthiscdn.com/icons/v3/thumbs/32x32/addthis.png

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

55c603f48740c8c59472d32472b8127ffe056a69bf467be6da6929ea4ca8d9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 12 Jan 2018 18:47:04 GMT
server: nginx/1.15.8
etag: "5a5902a8-89"
content-type: image/png
cache-control: public, max-age=86313600
date: Mon, 11 Apr 2022 11:07:25 GMT
x-host: cache.addthiscdn.com
accept-ranges: bytes
content-length: 137

GET
H2 200 frame.html
d-1723231058573517239.ampproject.net/2203172113000/ 0
0 71ms
34ms Other
text/html 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 mgid.js
3p.ampproject.net/2203172113000/vendor/ 28 KB
10 KB 46ms
9ms Other
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3p.ampproject.net/2203172113000/vendor/mgid.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bf37d2aeca211d8102a4486813beeafb539629790e712f6e861e86aa237da08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 15:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 503862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9174
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 08:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 15:09:43 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
413 B 15ms
15ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=diario.mx&callback=_gfp_s_&client=ca-pub-2601210804495972

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2601210804495972&plah=diario.mx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

393d8928cbad6719cc0eb8867ce7f7d82d542b6236016cf39d167d8e101f2965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&tn=DIV&id=sticky-ads-dmx&cls=sticky-ads-dmx&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7F54 0
19 B 100ms
86ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&adk=1812271804&adf=3025194257&lmt=1649675244&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244210&bpp=3&bdt=212&idt=242&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8018077823069&frm=20&pv=2&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=257

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:25 GMT
expires: Mon, 11 Apr 2022 11:07:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 20220406093725084-0-1917147.jpg
diario.mx/jrz/media/uploads/galeria/2022/04/06/ 43 KB
44 KB 11ms
11ms Image
image/jpeg 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diario.mx/jrz/media/uploads/galeria/2022/04/06/20220406093725084-0-1917147.jpg
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a967f647aded782c4b265598527594c08d73cc9ed87d3ab846058f32f1ffc66f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 03:42:41 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Thu, 07 Apr 2022 03:37:27 GMT
server: AmazonS3
age: 372285
etag: "d44a6de44ac06bbb67d548a578cbfdcd"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000, s-maxage=31536000, public, immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 44278
x-amz-cf-id: 8MStiM415iTzakXl23_scYMAryH9MzniUS4YMHRVt5y33fuP6FiE0A==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8ED3 105 KB
33 KB 400ms
399ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2919569299&adf=3018281077&pi=t.ma~as.7916429874&w=747&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=747x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244213&bpp=2&bdt=216&idt=329&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lgkCTebP1i&p=https%3A//diario.mx&dtd=334

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4403486644a457a9c387addae634a665199f7b43972f1a1ca85c091db59b097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:25 GMT
expires: Mon, 11 Apr 2022 11:07:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 diario.mx.1102083.es6.js Show response
jsc.mgid.com/d/i/ 238 KB
70 KB 231ms
219ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/d/i/diario.mx.1102083.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/i/diario.mx.1102083.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65a021c4cd4b8f48e945f360f94f042f254fe1ec52ea53b99375398e1e5b397f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:25 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: DQ97Q129C67D2EV8
last-modified: Wed, 06 Apr 2022 12:39:49 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: s5LgST2rGhGHNt/IGQijVIxnc901roYAvzaG0c7nx7dn/8i4xNbkSVeMoLjPYJeGkovybGTn1WQ=
cf-bgj: minify
server: cloudflare
etag: W/"8c62fdca7c20b50e333b7e110f2d6560"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6fa3422aab828ffe-FRA
expires: Mon, 11 Apr 2022 14:07:25 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AFDC 156 KB
37 KB 429ms
428ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c23a6ee6f408600ad51820ee434387f523795bcd275937b01580e5ab41125af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 38160
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:25 GMT
expires: Mon, 11 Apr 2022 11:07:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A2C 98 KB
36 KB 446ms
445ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=100&slotname=6510739316&adk=588329291&adf=3499153759&pi=t.ma~as.6510739316&w=970&lmt=1649675244&psa=0&format=970x100&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244217&bpp=1&bdt=220&idt=362&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280%2C727x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9PSbIQGXpH&p=https%3A//diario.mx&dtd=368

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a63b9da51f4b39444ec7a36da8bcbe819b52ccda6efa3784742edf5d65ebc1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36493
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:25 GMT
expires: Mon, 11 Apr 2022 11:07:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 0.c2b324c3e879644bb1df.js Show response
s7.addthis.com/dc/ Frame 42A6 81 KB
26 KB 11ms
10ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/dc/0.c2b324c3e879644bb1df.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/dc/amp-addthis.html?_amp_=2203172113000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6a747a144cd6b5b22943452c5def438deb7802b73103f12c09bcbb3f316365cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s7.addthis.com/dc/amp-addthis.html?_amp_=2203172113000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: at_client_ndc
last-modified: Tue, 03 Nov 2020 14:29:17 GMT
server: nginx/1.15.8
date: Mon, 11 Apr 2022 11:07:25 GMT
vary: Accept-Encoding
cache-tag: at_client_ndc
cache-control: public, no-check, max-age=86313600
x-host: s7.addthis.com
content-type: application/javascript
content-length: 26663

GET
H2 200 5.035550cbc2a216b22be7.js Show response
s7.addthis.com/dc/ Frame 42A6 3 KB
2 KB 26ms
26ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/dc/5.035550cbc2a216b22be7.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/dc/amp-addthis.html?_amp_=2203172113000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e1613ef30152a7fbf094e2242d5bfcbfb3b640c0f515279d93dbc2fa93c76f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s7.addthis.com/dc/amp-addthis.html?_amp_=2203172113000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: at_client_ndc
last-modified: Tue, 03 Nov 2020 14:29:17 GMT
server: nginx/1.15.8
date: Mon, 11 Apr 2022 11:07:25 GMT
vary: Accept-Encoding
cache-tag: at_client_ndc
cache-control: public, no-check, max-age=86313600
x-host: s7.addthis.com
content-type: application/javascript
content-length: 1534

GET
H2 200 addthisReceiveBoostConfig Show response
v1.addthisedge.com/live/boost/ra-60d61e191a230291/ Frame 42A6 1 KB
703 B 211ms
210ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-60d61e191a230291/addthisReceiveBoostConfig
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/dc/0.c2b324c3e879644bb1df.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 708da9c8d623d355473530811603abc8c1c641b152f4a5e976382e895b473a61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s7.addthis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:25 GMT
content-encoding: gzip
etag: -654924142--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 527

GET
H2 200 7.b805365682fa5a4fdc0a.js Show response
s7.addthis.com/dc/ Frame 42A6 113 KB
38 KB 20ms
20ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/dc/7.b805365682fa5a4fdc0a.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/dc/amp-addthis.html?_amp_=2203172113000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

4115db747c5190c3ed77fc3d651a748ba26c2e874cd1d81e8801f2171564a851

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s7.addthis.com/dc/amp-addthis.html?_amp_=2203172113000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: at_client_ndc
last-modified: Tue, 03 Nov 2020 14:29:17 GMT
server: nginx/1.15.8
date: Mon, 11 Apr 2022 11:07:25 GMT
vary: Accept-Encoding
cache-tag: at_client_ndc
cache-control: public, no-check, max-age=86313600
x-host: s7.addthis.com
content-type: application/javascript
content-length: 38868

GET
H2 200 tools.a4f24bbff0ba5d55f303.js Show response
s7.addthis.com/dc/ Frame 42A6 24 KB
7 KB 33ms
33ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/dc/tools.a4f24bbff0ba5d55f303.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/dc/amp-addthis.html?_amp_=2203172113000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2bffa36b4d5afb4600e507b727dab71f0401bec855dd731dfa3addd5de66d227

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s7.addthis.com/dc/amp-addthis.html?_amp_=2203172113000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: at_client_ndc
last-modified: Tue, 03 Nov 2020 14:29:17 GMT
server: nginx/1.15.8
date: Mon, 11 Apr 2022 11:07:25 GMT
vary: Accept-Encoding
cache-tag: at_client_ndc
cache-control: public, no-check, max-age=86313600
x-host: s7.addthis.com
content-type: application/javascript
content-length: 6510

GET
H2 200 6.97275791893eb0627cde.js Show response
s7.addthis.com/dc/ Frame 42A6 198 KB
76 KB 28ms
28ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/dc/6.97275791893eb0627cde.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/dc/amp-addthis.html?_amp_=2203172113000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

8211f94bdb2b00b49a2f18ad88310fc979a60c37bd1e463d6c3cbcad2c84010f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s7.addthis.com/dc/amp-addthis.html?_amp_=2203172113000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: at_client_ndc
last-modified: Tue, 03 Nov 2020 14:29:17 GMT
server: nginx/1.15.8
date: Mon, 11 Apr 2022 11:07:25 GMT
vary: Accept-Encoding
cache-tag: at_client_ndc
cache-control: public, no-check, max-age=86313600
x-host: s7.addthis.com
content-type: application/javascript
content-length: 77801

GET
H3 200 css
fonts.googleapis.com/ Frame 8ED3 2 KB
532 B 32ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2919569299&adf=3018281077&pi=t.ma~as.7916429874&w=747&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=747x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244213&bpp=2&bdt=216&idt=329&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lgkCTebP1i&p=https%3A//diario.mx&dtd=334

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 10:19:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 11:07:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 11:07:25 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 8ED3 2 KB
983 B 56ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 10:55:34 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 8ED3 19 KB
8 KB 53ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:06:03 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 8ED3 3 KB
1 KB 49ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 10:59:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8ED3 119 KB
36 KB 155ms
112ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 11:07:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 8ED3 15 KB
6 KB 53ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:05:06 GMT

GET
H2 200 63f6484ee989c3eda25e621c99817b87.js Show response
www.gstatic.com/mysidia/ Frame 8ED3 29 KB
12 KB 51ms
17ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63f6484ee989c3eda25e621c99817b87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11974
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 23:59:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 08:30:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8ED3 0
0 56ms
55ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJcQB7QtUYtP4DZ_D7_UPjImC4AWR6L7HaY_ji46UD_X-28GcGRABIN3byGxgleKQgqAHoAG635v5A8gBCagDAcgDywSqBNkCT9DpTzN6t-aYMzFOo8VbeKu86M-qZMPvwrYlBIy6PMF_rZPn8ucfaGLYfDMR61GWo6Mh00l2tJDOyTcmm6Qbh2-zDetmWe2XDAjdVsbs7q4DsP4SbqgJta_pwqwDjWCnwmmRLeiEJEeaHHAd04Npv9zCyM1DIfMzErtW2sGUXCHkUe_CmB8HNZfaJplX1JlC46OrIknMlLwAdVyj7PgON7KeuIyUbXJ2FL80tlv3BxM6C8_jfGjZD2D4S31ylEjDRjQ-fkHdeiDIKMFiSQ_L6gGxeDzw0TbmdTb4zvgqNz4nnHuZD074EmyUu1S46eRQBEATcMWsiZAVvBMos80JOoi8nk12oISOougldTal4-n5pCJLHORuWYag5wKECvTcB7lwDffhdSIWWCHsnA37npETQ8qDItxsIADvN8ThS8gGEiBlQIlyR5hPHdoSbHz47MWe-P_AXzizwAS5z_v93AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzYP40gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ0_4G0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI2MDEyMTA4MDQ0OTU5NzIYAA&sigh=7qxAPCWW3CE&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2919569299&adf=3018281077&pi=t.ma~as.7916429874&w=747&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=747x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244213&bpp=2&bdt=216&idt=329&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lgkCTebP1i&p=https%3A//diario.mx&dtd=334
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 11 Apr 2022 11:07:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Apr 2022 11:07:25 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 8ED3 22 KB
22 KB 72ms
9ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcThPUHt804eRMyHcwercd-zWC1iG_hV178mQa9ha-xAMwAdJ933lXC_YeqcYLw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da6443b822db25b55debc1839c66c2f0ab8ca149c8627b8eef2aacc6938412bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 20:06:28 GMT
x-content-type-options: nosniff
age: 54057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22133
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 03:17:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 10 Apr 2023 20:06:28 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8ED3 27 KB
27 KB 38ms
8ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ8-pauCrMpSRgXXuS4LnyGZX0zaOD1XNnFUXottKKdiu-HDZD02GYvcYEbZis&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84419ebaac6f2588c4e89486c54aaa281b13ae5ce4fe24efec488234810b992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 07:02:28 GMT
x-content-type-options: nosniff
age: 360297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27196
x-xss-protection: 0
last-modified: Fri, 18 Dec 2020 01:12:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 07 Apr 2023 07:02:28 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8ED3 9 KB
10 KB 37ms
8ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQeoC-ZKoSX96Ljsx26DiuIcjzIubzHXZ0bx7a-DjK3OiV73nOMwMe8HkoUGak&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc734d8068386a195d6691f56ba7d99c195c8c01ef750ebc4742d21d1c544b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 07:10:35 GMT
x-content-type-options: nosniff
age: 532610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9712
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 03:34:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 05 Apr 2023 07:10:35 GMT

GET
H3

200

13012794670149908852
tpc.googlesyndication.com/simgad/ Frame 8ED3
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCfpu_bQhCwCRiwCTIIQTT4XLD4ts4
https://tpc.googlesyndication.com/simgad/13012794670149908852

26 KB
26 KB

29ms
9ms

Image
image/jpeg

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13012794670149908852

Requested by

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5000d1608f5e881ffac0ce07543e784791f624a9384e0994d7816984f6d5210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 05:09:05 GMT
x-content-type-options: nosniff
age: 453500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26716
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 11:12:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Apr 2023 05:09:05 GMT

Redirect headers

date: Mon, 11 Apr 2022 05:17:35 GMT
x-content-type-options: nosniff
server: cafe
age: 20990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/13012794670149908852
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 11 May 2022 05:17:35 GMT

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame AFDC 9 KB
4 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 08:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 10:20:08 GMT

GET
H2 200 0d0cbcc0951bb5d335b52002cf3bcf8e.js Show response
www.gstatic.com/mysidia/ Frame AFDC 14 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d0cbcc0951bb5d335b52002cf3bcf8e.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d237d5feda9f5eac730e2365c8899cd3a9d08c14b76531381fb1d7c23fe601ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5930
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 08:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 08:31:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AFDC 2 KB
532 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 09:40:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 11:07:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 11:07:25 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame AFDC 2 KB
904 B 13ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 10:55:34 GMT

GET
H2 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame AFDC 6 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 23:59:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 10:20:08 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame AFDC 19 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:06:03 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame AFDC 3 KB
1 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 10:59:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFDC 119 KB
36 KB 124ms
123ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 11:07:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame AFDC 15 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:05:06 GMT

GET
H3 200 63f6484ee989c3eda25e621c99817b87.js Show response
www.gstatic.com/mysidia/ Frame AFDC 29 KB
12 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63f6484ee989c3eda25e621c99817b87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11974
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 23:59:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 08:30:32 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame AFDC 27 KB
27 KB 56ms
10ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTFQdFlGi-IvB4YvdV8OlWaerNKSNAtgEAIaSo9kbsbplOclQWre8Lu_9XnMw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2238a30fdb1a2e4b249ad3467ba16cb5f6a032553cb54e1b2e5bab804639f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:01:08 GMT
x-content-type-options: nosniff
age: 579977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27497
x-xss-protection: 0
last-modified: Wed, 20 Jan 2021 01:33:08 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 04 Apr 2023 18:01:08 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame AFDC 24 KB
24 KB 24ms
8ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ6DROuc9b54ZZ8Cce6PRkPwM_xzIV_CKGDaCM6wJP8Squ5Va5BFHvArkXcbQg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

864f4dae39119db98cd9b41362f2f3a5890b3faa1ba952d13227af441ae0ef8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:07:46 GMT
x-content-type-options: nosniff
age: 25179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24462
x-xss-protection: 0
last-modified: Thu, 08 Apr 2021 03:31:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 11 Apr 2023 04:07:46 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame AFDC 16 KB
16 KB 31ms
14ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQmQWrAsVsBVT3YqBVV0kbiR5TmTtjF92IErKtjPiwfJSJBjIS6Oi2XZjfZ3Q&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06322f7fee6a36bb28a4cd9a778f55582921f9a4cef82efaf4c3073432e418d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 12:00:14 GMT
x-content-type-options: nosniff
age: 342431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16519
x-xss-protection: 0
last-modified: Sun, 10 Mar 2019 00:52:35 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 07 Apr 2023 12:00:14 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame AFDC 45 KB
45 KB 35ms
18ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcT6YFLZG-T7nHuvIGmnIJnc-cyLd9ErV9T7AZZmtmmWsQs6MgGE2_De0_2R0k0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f4b157b71670a877c05d19cae7a2e7d9c4806b0e4d7bdf9aac6b47415020a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 12:14:47 GMT
x-content-type-options: nosniff
age: 600758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46120
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 01:29:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 04 Apr 2023 12:14:47 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame AFDC 21 KB
21 KB 54ms
9ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTf7fBG7lSs23UNbuyu-6_R0m4nfH00FFZMWAbu5GYEY9WBsdMY_JXjRQHLjPs&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6306cd98b59065621aead5fac4c5c0ba5565d8a4480327370ebe325c80a64a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 05:41:36 GMT
x-content-type-options: nosniff
age: 278749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21394
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 03:52:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 08 Apr 2023 05:41:36 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame AFDC 22 KB
22 KB 61ms
16ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTbwzMcI_ag5miMULW80BmfgAKUZYJ03IVIX92luG7iIdjenp6gLSIaTNVr-ZY&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441cd33b6ce031b5841705c21dce304afc2b19158c89d10fcc7b1709aa86af21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 15:21:15 GMT
x-content-type-options: nosniff
age: 503170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22880
x-xss-protection: 0
last-modified: Sun, 02 May 2021 05:38:59 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 05 Apr 2023 15:21:15 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame AFDC 24 KB
24 KB 35ms
21ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSJloZ6741tPTvELSn0QkuMBr-ZZnZvNvI_1nBFpB1kjULZBtTkcTzjq8yVUA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aef369863438aecfdb5c6fe33d2f1fe96c13fd1aa410239ba34759eff672db8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 08:02:27 GMT
x-content-type-options: nosniff
age: 356698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24587
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 02:55:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 07 Apr 2023 08:02:27 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame AFDC 32 KB
33 KB 67ms
23ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRKIk8RVQ3h88gWq0Y-eovVL7fn03wQhtz2mNbMHHPsOG7ODAZgOjMUOqg7Ww&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf9e3fdf2eb6d408bb3d27b2669c3effaae590be06718a97c9ec00dcd01dcacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 06:22:36 GMT
x-content-type-options: nosniff
age: 103489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33195
x-xss-protection: 0
last-modified: Sun, 20 Mar 2022 02:27:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 10 Apr 2023 06:22:36 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame AFDC 20 KB
20 KB 82ms
38ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRf2MevtKzBhQfLu132-yczhkodvX6sevXM_xAzXoku2SZWjSBzDlHfBPTaomw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2cdb6879eb52e2a5eb6486e1c67ddb4ee1ae921fce1aedb256dc6ef23565e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:49:30 GMT
x-content-type-options: nosniff
age: 577075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20381
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 01:01:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 04 Apr 2023 18:49:30 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame AFDC 27 KB
27 KB 58ms
17ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRcuyWPFO3EYFIq70HbYXocVM1CU48QmLQNU_1vqA84jVt6B59l69YWriOcIg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42da746c27f604c09280c26fb5ac1bb54aef198e5a54c61406b6376214f7580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:07:13 GMT
x-content-type-options: nosniff
age: 25212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27470
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 01:30:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 11 Apr 2023 04:07:13 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame AFDC 28 KB
28 KB 70ms
27ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRoPp-lZRpYKQfFu2kYW4sJWq22KCqtp6Sba0-C9FGOGmIOU5MJTIG3OuxNW10&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

939e9e2548b601111d957f68579325749eec537f414674d2fbee6143b2626413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 07:52:05 GMT
x-content-type-options: nosniff
age: 11720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 01:56:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 11 Apr 2023 07:52:05 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame AFDC 22 KB
22 KB 63ms
21ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQuAtzEAxu4SgVj2YudG0qMCLE4-GxAxEArObrNWfbOq5r5oKzHV_sRH4C-iA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a944e174cdde5a7b2f93d353d9adc5cfc6dfbc6e14b5a7ef96bd7875cc2625c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 19:14:14 GMT
x-content-type-options: nosniff
age: 489191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22760
x-xss-protection: 0
last-modified: Sun, 02 May 2021 02:28:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 05 Apr 2023 19:14:14 GMT

GET
H3

200

12581545980791877918
tpc.googlesyndication.com/simgad/ Frame AFDC
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCfps-C2wEQsAkYsAkyCDH2u76nni_Q
https://tpc.googlesyndication.com/simgad/12581545980791877918

26 KB
26 KB

13ms
10ms

Image
image/jpeg

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12581545980791877918

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5000d1608f5e881ffac0ce07543e784791f624a9384e0994d7816984f6d5210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 10:46:36 GMT
x-content-type-options: nosniff
age: 433249
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26716
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 11:12:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Apr 2023 10:46:36 GMT

Redirect headers

date: Mon, 11 Apr 2022 10:58:22 GMT
x-content-type-options: nosniff
server: cafe
age: 543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/12581545980791877918
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 11 May 2022 10:58:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AFDC 0
0 56ms
55ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJsCx7QtUYtGXD7uJ9u8P_4G7wAbkwa7GaZ6TvoCSD53_28GcGRABIN3byGxgleKQgqAHoAG635v5A8gBCagDAcgDywSqBNkCT9A_B8tMBDlZ7pf_l4BAa50QlB_lEZxXdCQVGGM7N41e1ig_DBnEXmWGxTJKrIh1Pm5J31-pCkPkGpMaN3rPHM137M7c0PwtOSx9SeICxwmhMYZf_n6fKc7apMGX9nEXd9rsnIGeVHyIF5T7pdvkHWxfXC-hAf8jEVd8oziSUE0ioI95cSLa2pJZIu8i48H08tSeoY7ZJoGWVeT00mxqQYyuiHk2C-ifXQh-NdD5lJGVBsDOO4ap5XWBkp36G9hJkLB3H2ALsAfmkwJpnLHWCWK6qhIOquu_J2Pl2WJ3T5QDX7wJWCBiE368Ctiq0VY2Yo-mMPeZXJ9MWGjKjNbF0AvIUEuI8WOCY3ySsgPonC4IxvVixbru0j89lsNyXW-f6hI2HLfLfhpjIiDL295-80lBj9OMfXNJ2vjWmpglwPHz_WuZ5zVDs2FAhZVZz7aapy6t7etRRQ6MwATRnbTv4gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzYP40gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQhr4K0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI2MDEyMTA4MDQ0OTU5NzIYAA&sigh=dnfqCLu0BRw&uach_m=[UACH]&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 11 Apr 2022 11:07:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 8A2C 9 KB
4 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=100&slotname=6510739316&adk=588329291&adf=3499153759&pi=t.ma~as.6510739316&w=970&lmt=1649675244&psa=0&format=970x100&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244217&bpp=1&bdt=220&idt=362&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280%2C727x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9PSbIQGXpH&p=https%3A//diario.mx&dtd=368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 08:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 10:20:08 GMT

GET
H3 200 d153763d065fc486a30a5318c8635961.js Show response
www.gstatic.com/mysidia/ Frame 8A2C 8 KB
4 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d153763d065fc486a30a5318c8635961.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 08:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Jul 2022 14:36:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8A2C 8 KB
892 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 10:23:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 11:07:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 11:07:25 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 8A2C 2 KB
904 B 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 10:55:34 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 8A2C 19 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:06:03 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 8A2C 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 10:59:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A2C 119 KB
37 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 11:07:25 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 8A2C 15 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:05:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8A2C 0
0 46ms
18ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRS-JtG3iKgcmjFjEq88mC127TuTuVJSf7_GSs6QYZykt5NchXjDcnfSEjCmTfAmqoM6ShSt2RSW7DMCbw99R3c-dg0VA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=100&slotname=6510739316&adk=588329291&adf=3499153759&pi=t.ma~as.6510739316&w=970&lmt=1649675244&psa=0&format=970x100&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244217&bpp=1&bdt=220&idt=362&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280%2C727x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9PSbIQGXpH&p=https%3A//diario.mx&dtd=368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 63f6484ee989c3eda25e621c99817b87.js Show response
www.gstatic.com/mysidia/ Frame 8A2C 29 KB
12 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63f6484ee989c3eda25e621c99817b87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11974
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 23:59:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 08:30:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8A2C 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cbu3p7QtUYseoENSU9u8PmcimoAiUzoyAZNaHhajYD-iqtpWLAxABIN3byGxgleKQgqAHoAHh6NfKA8gBAakCWemeMv5Msj6oAwHIA8sEqgTsAk_Qu1oNch5lXZNfVwY3kb93NNhAnSi0HR6jTwMg0IpZn0SmBAUCwZTZ6A8z_2al0Qaet65Y-JXrPkcK0KpNJkwgl8tcXE25GSZwKXTDagSxDmw8CURcbbzlb-NLzCirB5GoCOPuicCkxMa8eShBuEjZAEl1aZbP8Q_mU_lKr1RblOd0qMRxEMvMOZPUI_0Nqe2yBTPwPcpspUblq4LrPv8LyCOzcWgkZmytjYge9rtQ--RCm3xRlry3VIRS_cDIZd8W7Fl4ppwa48djYuRUFfhcPTpio8jecHHsjqzm_QH3n1J2CE2KV2I5raDA0amgUWS1XZTRnj9PnnZ_pqlLoo0HQ9iMoDKBcMt7VSkVUsfzeG2b93SyeEcywefwlMujuzoaEiie2R1zOyhQLS7lpQWw91bOfeCi4tRlAjmFjMjmrGnssTcKhL1s8QlN2ePJb8jcDHpIIbxA4m3dhm-PYk9OME2BfRuK_8rOABTABLqoiejdA5IFBAgEGAGSBQQIBRgEgAeHl6g1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQr5MP0ggJCIDhgBAQARgfgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTI2MDEyMTA4MDQ0OTU5NzIYAA&sigh=yWxV85F0G8A&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=100&slotname=6510739316&adk=588329291&adf=3499153759&pi=t.ma~as.6510739316&w=970&lmt=1649675244&psa=0&format=970x100&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244217&bpp=1&bdt=220&idt=362&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280%2C727x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9PSbIQGXpH&p=https%3A//diario.mx&dtd=368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 11 Apr 2022 11:07:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6154 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=100&slotname=6510739316&adk=588329291&adf=3499153759&pi=t.ma~as.6510739316&w=970&lmt=1649675244&psa=0&format=970x100&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244217&bpp=1&bdt=220&idt=362&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280%2C727x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9PSbIQGXpH&p=https%3A//diario.mx&dtd=368
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 11 Apr 2022 11:07:15 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 797C 1 KB
749 B 7ms
7ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 12 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFDC 0
20 B 40ms
39ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lcjMtc3F1YXJlCgoIAioGc2VydmVyCiwIBCoobXlzaWRpYV9hbmFseXRpY3MscGVyZl92aWRlb19jb250cm9sMl81cAoNECshAAAAAAAAM0AwBAoNEAMhAAAA0Mwkf0AwBAoNEAohAAAAAJqZIkAwBAoNEA0hAAAAAICZuT8wBAoNEB4qBzcyN3gyODAwBAoNEBkqBzcyN3gyODAwBAoNEA4hAAAAAAAAAAAwBAoNEAQhAAAAODPLf0AwBAoNEA8hAAAAAAAAAAAwBAoNECshAAAAAAAAQEAwBAoNEAUhAAAAaGbOf0AwBBIaQ0pIQzg1ZnZpX2NDRmJ1RV9RY2RfOEFPYUEiEmdwYS9tYXhpbWFsX3YxX29jaCgM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/0d0cbcc0951bb5d335b52002cf3bcf8e.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C158 6 KB
3 KB 26ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:25 GMT
expires: Tue, 11 Apr 2023 11:07:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame A7CB 222 KB
61 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 525413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:32 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame A7CB 16 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 525412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:33 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame A7CB 96 KB
29 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 525412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:33 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame A7CB 5 KB
2 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 525412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:33 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame A7CB 42 KB
13 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 525412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A7CB 6 KB
670 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 09:41:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 11:07:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 11:07:25 GMT

GET
H3 200 container.html Show response
b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 52FF 6 KB
3 KB 10ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:25 GMT
expires: Tue, 11 Apr 2023 11:07:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 25A8 6 KB
3 KB 11ms
11ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:25 GMT
expires: Tue, 11 Apr 2023 11:07:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B200 6 KB
3 KB 13ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:25 GMT
expires: Tue, 11 Apr 2023 11:07:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C522 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:25 GMT
expires: Tue, 11 Apr 2023 11:07:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A7CB 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 15:51:31 GMT
x-content-type-options: nosniff
server: cafe
age: 69355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 15820072736840818134
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Mon, 11 Apr 2022 15:51:31 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A7CB 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 19432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 12 Apr 2022 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A7CB 0
0 35ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8xK2-gZLjNO_K_3fUNfnsrwJtQc8ox8LIusDwhKpsS9ew4D6KfqJ_tLp2ix_buhzWHp-7yPVwc92_v6ZWqJuEiKNxww
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A7CB 0
0 51ms
50ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkX3M7QtUYuS0CorO3gP8u67ABdfu9MFpqeq61aMPg_SBrNMqEAEg3dvIbGCV2qKCsAegAfSax4cDyAEJqQJqox0bSUKyPuACAKgDAcgDCqoEowNP0NV1-i3A0uHi8c5dLyic4u4zORf6rXqOfjZl5BWT8p01L3XZE4lAN6EzB4ToHkYSTC_5QSxedIvnJrr_QP3PglbuPk5dQMsHH_BWJ4-CUb8oACWa5WONXwrWTjtfGOgdmuGbovFc-ZjSrVvN_sguvC7iYoGrN2NwJAoE7M6oIVb7E2hH9E9oVYEbbao4PtWcQ-CIphgmTWvqzJC8v0lzsiWQrRgDlW9gMRN3Oio_cYy54RDgthgDD5JWXuZYuMPsnCibkMfTtVCakuHu1UMdkmW9kSDwmEFfikdNW3D_cEMYKXuhIKusp_jJvd7fx8edoBFN0luKJaZEhhP5tiVFTzzmbtlHVrrkhvsKFoEFqqUmv9Ul8hA2P6jS17_imsR0jUvBwml_m9DQXcPCpU_05hH4vpxoYi-T6vX-2Epofe_QgGOfDTmgG-AgTxsqJlMkzTisIxNd47bmPE_RcaqreAJ3yL_kcsRP7TrKKXcxJSovQkM6eYgmHomV_9qFdw8kZohEA1oyi3_xoeOaLtIPhi2KmS7BT-BMhaLE4hTzjiz_XMAErMmuxOcD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_TkuHioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCt1grSCAkIiOGAEBABGB2ACgHICwHYEw2IFAHQFQGAFwGyFx4KHAgAEhRwdWItMjYwMTIxMDgwNDQ5NTk3Mhinp24&sigh=-PY7YOIASOg&uach_m=[UACH]&template_id=484
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 8ED3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58064f453e8498c7c1eaefdf585a74e6fc42ea1bef4fbdc580679e595ef1f825

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AFDC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e01b4f8f485500360652216f22116d8e86897870d84f559adccb581c10f9be68

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8A2C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df22327e1fbb5afb33b3b1ae5b595eaacd02d246ce82b1e407f68ea675090a29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3577454442848630231/ Frame A7CB 20 KB
20 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3577454442848630231/downsize_200k_v1?w=400&h=209

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dcbbd19b1407233619ab6b211b511524a07cc16e103ed342bfacf2997b7a133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 02:54:31 GMT
x-content-type-options: nosniff
age: 288775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20599
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 15:22:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Apr 2023 02:54:31 GMT

GET
DATA 200
OK truncated
/ Frame A7CB 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A7CB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96792674a014877b65c5bc183bde96dcd0cf418c40586ebe86493bab564d36da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame A7CB 15 KB
15 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diario.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 407467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 17:56:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame A7CB 15 KB
15 KB 31ms
17ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diario.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 407334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 17:58:32 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 8ED3 20 KB
20 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 01:52:30 GMT
x-content-type-options: nosniff
age: 292496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Apr 2023 01:52:30 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame AFDC 20 KB
20 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 01:52:30 GMT
x-content-type-options: nosniff
age: 292496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Apr 2023 01:52:30 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 8A2C 28 KB
28 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 476444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 22:46:42 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 797C 35 B
464 B 534ms
10ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK8HEtUOpUSbto9TgD0eZSs&google_cver=1&google_push=AYg5qPI4PT-Ji_xmjnTOkZzBH3ecSEEV2dFF6-focAUgNUuKTfKpRLZsg9uIrmlZXM_unlABJ-hZHpRT591Zlmt-gl3MUIebeaQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 797C 43 B
324 B 514ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPgBX6F2gpFgX7wJjav4mgU&google_push=AYg5qPLntAa7sbnjpc5n_rsP5FeEyutwv9eCDL7W5ayP-74Ih0_wXfq8r_NNTE1KyToeWgy_JWLn3qsdWXYwLLrpSkG65-N2mr0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=100&slotname=6510739316&adk=588329291&adf=3499153759&pi=t.ma~as.6510739316&w=970&lmt=1649675244&psa=0&format=970x100&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244217&bpp=1&bdt=220&idt=362&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280%2C727x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9PSbIQGXpH&p=https%3A//diario.mx&dtd=368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 797C 43 B
351 B 540ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEINoOxprCMcLVFRx7MwYV1M&google_cver=1&google_push=AYg5qPL5W9BB8FB6xJ8_lohmlVlQ9SraQ4zdkOs4UgvI9yk0le9wOt56k267AjNGbd4PVtuqVsQ4H3-CLUxEiVZH6HWeWo0Qtdo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=100&slotname=6510739316&adk=588329291&adf=3499153759&pi=t.ma~as.6510739316&w=970&lmt=1649675244&psa=0&format=970x100&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244217&bpp=1&bdt=220&idt=362&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280%2C727x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9PSbIQGXpH&p=https%3A//diario.mx&dtd=368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vf376s57lafp229m3uqbutb3s1airj4p

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 797C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HJJYSgQdSgKmPEkJ_JhwqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

35ms
20ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HJJYSgQdSgKmPEkJ_JhwqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI1XtJquoGilPzUjaIZlesGMvhutHxKfu71oD-iOc90B7xqz-ivPQLPQ9KgX0K830ClL2ZXppL_fDBP7pNY5vXxtXhWguU

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HJJYSgQdSgKmPEkJ_JhwqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI1XtJquoGilPzUjaIZlesGMvhutHxKfu71oD-iOc90B7xqz-ivPQLPQ9KgX0K830ClL2ZXppL_fDBP7pNY5vXxtXhWguU
date: Mon, 11 Apr 2022 11:07:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 797C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPEvrPyPc126tvuJB8u9k1g&google_cver=1&google_push=AYg5qPIJ0lhpiQxQI_RmN5P77-BoHCYFSjjIci78nhHqQXUZ8NSCz27cT5m3P7o6znMTftCclt9...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFVTTFRUDYtMUYtSk1LUg==&google_push=AYg5qPIJ0lhpiQxQI_RmN5P77-BoHCYFSjjIci78nhHqQXUZ8NSCz27cT5m3P7o6znMTftCclt984J2aX23sSW-Tf_PfjAvVvDg

170 B
188 B

37ms
37ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFVTTFRUDYtMUYtSk1LUg==&google_push=AYg5qPIJ0lhpiQxQI_RmN5P77-BoHCYFSjjIci78nhHqQXUZ8NSCz27cT5m3P7o6znMTftCclt984J2aX23sSW-Tf_PfjAvVvDg

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFVTTFRUDYtMUYtSk1LUg==&google_push=AYg5qPIJ0lhpiQxQI_RmN5P77-BoHCYFSjjIci78nhHqQXUZ8NSCz27cT5m3P7o6znMTftCclt984J2aX23sSW-Tf_PfjAvVvDg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 797C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VN...

0
0

GET googleredir
googlecm.hit.gemius.pl/ Frame 797C 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 797C 0
223 B 84ms
16ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JsVKrXGPfgUOFkgHOBAZOVulvtTcZOxgHrCjWflG1L4BOE4nqGcrgMVyeW0AAYNt0fRCA56A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6C0B 624 B
299 B 69ms
69ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNXx2NAPNsUDUMznNkGk2uZUFOJuPHH5yHTwP843Hv3YlpkFg8Cymw19CPxExo6zIzTsi5QP0Ihpzb8nlmn7MZ-Ixgqliib9f_sRoqsNDrOeOU8UOVWaF5QLAP2Smy1AKUC2qYUaABiiiEJ35Udvd44K-TKRVKHm5BJpKW6w6ZdKnNKUufE

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:26 GMT
expires: Mon, 11 Apr 2022 11:07:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C158 77 KB
32 KB 145ms
143ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHzWFjuAVgSyM_lhCfLqZWuBpxdOKTACRMHEx2UGNx81cr1t3QAreY908xD9w-whHrxLqY_dYfbVCLq7dtDXmCQmIpQg&cry=1&dbm_d=AKAmf-AAZv5RbItIoQI2ftOvLudHOBSk1L2OSHBEnv5HHbtGq-642HrfNXCah6xxUFyrxzEwxLBA7e3p49fu-gcsaKUac_VQhd7lj8AHQBJxYQlnLZaKDE5bFsdkuBBXRUX92drxSssBO6NMcfvWruneoA8gWMa8FtYej4-iDBSKRfBNbgpOrZ88EfaPjZApn5SpDSyMuKM4GxvDf-5hW56UBDY09MA0N2a6cSS4ULsyFEY7q4TpZme2wojkb197E3n2-s9HEAp6jjE7CZwOX9eT5Br_q6VuWEsqBeOMO7bvLjzuy2PpR7qGhATaucvuuolrYFrbrswMv6rXaGeBD4ixWNGRJ8toFmAsz1GPFdCc4IDqip36SGWofXmPhxdQfBziZBi-gZYl9iudBJgAkXCFw6xA83uK3hISBy5Le_NC-QiCrebum0TC2VHusLjzmgYy0gpj7S2MeUGlUH8144VZJsWka1fkCAj02AcAdbJJX4h49ETRTC1lVo73EiTHUl8KD-MV4FMmuVkFNqHzOtAEK7YrnnfrCSwUiXlaTX6S9MG3RFhI6p93WKCrDSNDH3cawk03kJfi_KfPEIcTNIGJjPw_xpJ6knf_B8B1SdsOBb2mH8AhM8iQDM9TVQmT9uIJHtfauVLDShZyfaeUcTFZ0aIk3M8b1sDAta3BFzJtCyWwDVmKW2taPacrMNvTOJ2IDrHS2810dmNSgJANA0pzlX3EPkxHu-r2P3a-WTD9LOuO5Md-K5_FNXrDF08SZ4XmKIxolZk5qn77Zsg390h1M_SGE7vB_JegsTB2apurcRG_9Vi53LHAwCwwFx-00d--_xw6L9DZ_HGcTRY4o6kPLzzXH8CNYVpMAj2yMe4aiXtEzZu-X9AWyCjmP_xrRi8jz4uJFpc5ldKpOPIpcApcBRL079OmW_JAAEwfqgsJEgn_sbIgQN8EFFY5p7vUjGB-qVxle84hdvhT-ttFu10_NWcXtvafsTOel1CzaSC_t-DM2lwEnl5MwYq5oIiUfQe41q3aIgfPvRtRvVyFdXKHTPUSf716b7n8OSNakDwWvM_gRpj4sHJN7dswyFiIiwTL9Ak022nPi9ym-6LGm1ZkYAlzE8uuCjXPC2ml5V0oHjzemDV_QOS1aq6FQCLSMSI4rZFbKYsIIBACgGY-2FbyKD2F0gVqncgO6tvbhzdvpkeLTAQnx9R39zPvgVeScS2iJYI5n7Nn_u-n1azobFOeq-EZ0YYSEOmawqtexmqCnY7EmuAq0eA9E1mXKplRmx1EmU-2jXu5fMpro7nXPqLtMxHp0YEP9F0HkcD_Ex9ViPskEVU190wJGTwV828h51f2F9mpwe95YuTWGrn26FVzYlSCYlNZcIZJ6iHRGBM8jUqNjAV0DWaXc_ORn8B-sWdiRwE1cYxqdekKFbISWT8_A40--9J0THZ-dr94uKdjxH_J2JpZkWhgirBeZHVfw1_UTYeFlRHbTLtF1Z3uINz-m3H1GgWJKnhma0UzW5PTcYyLU6u0R4msInzEXlFd3tGiNTsqpBNxC3UA-59CTktkGP6a0Ez3rhFvIxfo3t6eyJffjGAznKAPTHgIoeNMxj6R_gUHVc_15H1FbemUs9vzPnICOkjThJTjbN3YXjLtsRHfPmxW2ZEqqgMb1FyHDzCnVsEd25IsjLx79ze5qrdLytTDsCJfKz5wTCOA8X4q-7iZA8Ap2RePRbwxLF751XQHWpi4ROjfzDyHCaz4yWkjFgikDV2YFkRXGACq1ukTaetv85iSAS937vtQmB5JC-ocYuq1aKiIJhaQBml13C3Q8uCKwB6Ax8QZQUnUZIpemOx-GLQshXlHmSIkvZ2sagggmgyIzryBEYuDnV4OE9U3HhyibForWBqygC50yQz8PJ3M8w3BN73sLk_inO48TaY69N4qbnItrZz9Pd91F2CEeXBfsIAyRtJrCVhtx4cjDXaVQFGc_-NN3aH6GoflfwqoJIf3cAfabftd16S-bAekVfsOIYwO83FmXy-M5q31yuuRP9GIzTVRSnVAW46GvG7huWsozQvWQQS7dnQao0wFQqwXKrwc2QjanoxySeTykgC96oqfhvjS9Ta9F7NaO2F68xPvpIeU9NDVPBELRVFmjM1ZPhIzE3iPFWq1kdnziapJpkFeUevBlb02-k2trSHUwTN9euw7BYyfpKLn53XVPHF_Ozu6qeHKzzg70V-PRJU8JY1m4V0sXvHTs26UKoGalz_oA5VmRK2fD4-yPHVyQy0BNUNVJngQ7I35opIdKRy5CB7ypnWwjp075r2hyxy4VGerB4Lphmy15VjKOzpVrsM_-vMXf1R8UiwVjEPp7X4J0qzOF67ke4_bgOdnlNCQsW2Rr_O9TM8OaBQ0yYebeum7rZkahExTkDNO0H1kJosdt06Ssnoe6Dg2H99zTMgj_PqaFh8m6kEaciT5I8Q8iJ8K0zfQSO5mBHDVZWX3iqgM8BFGutN9bb3B3blJfcbKPoslEMFkb5mpaLJnEOTGKfcL6VHApkS4KHdfHK4NkSopuGn8V1BaZiei0oVUXhMiN2yMUT6aZ_84b0sToDtzjbx_RmxiTyGjDtK07rC1NCSIiXuVuPUQuE25PS3oo5woUDcXfRGfKAo-jSrOsQ_g6biasUOUaaq176IJYn6hD1NxC3yxitanMUo72V7MVUcmJ5MZzWCKBwO9hqWiQcOm1J11Qq4TTGIdN74S3QqwK7HiuiHfDxeCaZdyAkXKu_y3calR1HtMckV4AqTIj6ty7JP0TZe5z5MKcZa8acufLtORhRYKoguqoGTOdv6pGHzwpSv8Cx3a0AsLMvuWIgaA3DNZWpaoLQBuiVgbtq2YnUACYxd-SmlzDKVDUXAaQwn-suds_gHBd9zakcbiNDv8BsYRqcNhGp5anFVPlN3hRfmlE-Zfrk_CNEYuv_X8Jz2t0D1wJIFXDSJqLfvbWECe0osar1lXJ-UeJfvFfiWW8WHTD9l5yapQkSGcLsMOX1c108I8WhRWVJXBbIPShngnTXEJ1pTOPivs6B7LR4XASQWGYqiHs47rvf6RkllWZR4yguLuwD2CupOOG-yBGHAI7BL4N-z3NDMEbFqPbp3j8q-5pjDZhKz4QWayXTvlHbxbqJLBqoNRC97MvEcvC0mWaAp-cClaivCPCK5hoi1JMvvn3-Dey-Q&cid=CAASKORosDIfy1_Vb0eEDuU9LteNhjEIHKS_Q-8WZw7NOxPBFewUmX6P-nI&rfl=1%2Chttps%253A%252F%252Fdiario.mx%252F%240

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43db821d0f19dfb805c468c5ddbfe1d41b4811f3213494cc142ec53d32e80e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33199
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C158 42 B
63 B 44ms
41ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AzXXHWgICkStOa85MT5QKdWS8X_B-CwhJS7WsA6E4hnRcK7cMRLKdnFZMu0t1MDgLBs7bYCaUbu-Xog4m2YREu-udIlLQyOc8zin_n63u-TDokM9c

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame C158 3 KB
1 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2021.js

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 10:09:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C158 119 KB
36 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 11:07:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame C158 15 KB
6 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 09:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0
server: cafe
etag: 1861550861606854559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 09:51:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C158 0
0 16ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkyLCC17diCmTGA0l2pFZdMBGO12xYKK0nrnJzASRkKAV45JqxRXU2KslEpncq31BKd35SQXl1z9UAreMHYyrYBcAdrQ
Requested by: Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E4CB 640 B
318 B 76ms
70ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNV6iMIf8o1ewGdyqb-1hPl0ryd21U2YXCB10BTpp-Khb53ixUuz6GeBaq9zICeWW-xO1WxpW6Pqqw_4Vk6cq2bDGjnGvfur05ZJcdQC2H5DsgcDzBYU3bxvxktGRsn1VSfMR3Fj1pl2DHEeyjI-14PkZX7pE12tz7CjJHeW--33L8jUvcc

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:26 GMT
expires: Mon, 11 Apr 2022 11:07:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 52FF 76 KB
32 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5nZYKTeYM9M_9G3XC0YN0N13N-jHKzOm3nGwCIqESfBbY7CA_5vbgPMnbO_q02U3lyvEsP9vJMf5lxnqxBkOJlCAPhg&cry=1&dbm_d=AKAmf-DHL-b6XG9xKmG_ZP1Ak-w82EkNhnk0E0xRg9J3YUcgEMl2fLeybnH3J10kx5tGzCcHgx1HF_z-F8gPxHM4DgfeXFL8HEgoNUSDiaTIuKiSXhgug9UR3fQx7K9zb6IH5WJRrNbl3yDAb9lpicb5GwIYQJJ-jNkEr462j1aSc6EKPZWxCJ1OieuTtiOYiaCxMKOTR4e41hfaW6GaT1unYyaRBpS5RDFZ8HcCcOklI3ReYEmdBtXoZ3aCeLNlClr6TGaTfPQ1IuX5diOvcVdtpwhc8ZNdCV0Dskv-_P6QsjcuAbt5yPf14kb4bJS7zH63CjgR3zMeXsorkCQc5FRjLCjOghRUwVI_0GOiH7Fj82Cyk9mjV7n72JCZEMAe79MKlZsJLW5eQ6L6S6JRHGsgMwTg3fh_Cpm2lhylhixlW3DQDbFyhsthN5PJnl-xR1Wvi5nh8V7-3I1OEv37zPyABdKF70Fx-GCwwCyGfOYG5Q0Jzz7DQfy_2lYfEaqyJ7nR5al67Gd7ZnzKIJCpBeHyAWu53JgZGNzFUjNdzap3ZdeSjWWWu4Wgt_6_e-eFzwcATpjKtIudEcXmsSkZtDNi2hA9VoK_mVz0I8_w3tKYaJe9Z0mE5gbmMSqCdAp-8xTF6_BPlme-QzTyPB08r-HdQ2dUBJn3FMZ8Ua2mK9F2IBgsdJSlYiyyVvRveWH16tPcx1DRhA9DG_bowLrBxtINGT7eCKM1XELdMMoCZMF-ZhR-F4UBmz8D7N9olQbWsrlrL-q1RzT5JhleZXhCRY1ubYNNfj6q3Ito253Q7xmheeKyQhknZH2awR-MxY3ww6j0HHnl65dMQKmN2B5d44EUqFvi-esisV2ND67D0E-ElhCDH1HLA2RNlaWIscXLIHrfTBT2LoYRl_kfOcOQIlMBOfn0CycbMgaaKdA0vaO1IQJUQ_i7D0U5rAFpcB0Kf02PkEOwXUQ1oKS8niX-XGSgEgdm9OyOfb7yzW9UFrpi9eHmRbg3aAx6TlqgWoEFhJDn3MBINHRfJo-dEswH54pTRfxYEZ2z90Dx_iCIpipq0w9lqjcLMpWg9eLWPDD8iKoq4pEm77_ebfIqD7x-0_GHNrxCL9G9fhiKoSjYLcFYrfOa5WMBP1SMzEeESdpi33fww-4KTZ0T0ccynxBact20Yngs2zfZnZ7gvuYvH7U4AZuNMVlrRSXHQWeiWwzIJOMSjA-61AHyZ1SG5C6NfqAB6sU4__PD17Oe8O0nkMRQ2_tBYqtnZZFRBXsc-zAHnu2nmGB-AFdF_IqyGbBI4QoUbNcxtKYtiKJrYZh7JLWJSIi4coYjmD55zK2ufPjzTcqkqdfzmSSUaP5yisP_tE2TN1jyLXyp9WJC1qUhNzDOFnjThgYNj43y6zYuUa160XPTSx1K369sgJ8HrNb9sEV9mh57w4vrM5wO6bLjLhZE3Acre4casLLrEKoOzKe9iGSJHxHr_-_ZquKR-IyOK9UqjWyDC1T6Ad7XNJb4EnlX0FoFbNr_5T4Su1Uhf5PUdi1IO_iBcGQtkNXLQEuR7cilvSOXMY5ApXdbZ2f1uZkML1Pj3OyLQjLZ00TgbJalhiHnNmJUi-PFdO_aMQMlB59_tPqJxrI-GdhViKUysGKXABinmWiayq8lk0sUVxmP9DsQ9YEyCygZQz0ylFUimX1FVRcUbJUDcPYkkfVtEFERAWXewAmxHJePEztI5DJ-WN0xAcI7JZY1gviA0WFTWxvLuG54BEEU01jkxcL-Dz1vsNvKO00kvqdY68sbNaMX16MnNXgBUZ3UxGPfu0bFcQJXCmTjQVl_54SaE0omhcZ_jbLNXLaRcDlRh83qwjYF4ECAQcwncr_4XF3f3ynkJ_iqX-mV-MCLZJbkrgK6g8xUwsw68uVjF61BhVwclN6ZSJV-W-R7gqqD6efDyZ38Z1w-YYC82_XpPPZS4rUyI05umcB8iqgC2nRbHGVWUFRjtFxizwdxU67EYqo30BPqcCIzDux7DUpugWbyPbiZRl21q0QusVORSUXUwQRc8lotTNXvwMocnn2LJ3Lc02p3_uKSaIRKC5qESQ73vL3bH0cYj4FpIxfxUjqW_g5N8QYqWjOiv-8G7E-PIWJEoL-WJn6VuauvbwgHeJrMc-YV0sgzDxXYLotS2v6r6fOQ9KbClfXZ62Q_TscE-KebQYkBw3q1-FFTbfUVBA_2Ok4cVVIlysQJmyGloH57Bt2NonpyjchIeSnVuBOAGx5qRkCxwfcWZwciY8lHVf4CLttP3ywUh36NKmwo_jq3jqus2f_CiymwTjbJTSaZGEPiimGSEm1uwIPNzDQKOT7xSanqOFLjtlMIxOLR_oO-QH_i2r7QPGPG2DD8nTrTQZIgrAkez_ypE58h5-QJJYOHlnVCPKV01d-kZs2IeW0Uytm3pOARVKBRDj0NMFMWtTayUlj6MieuhhBrbDPAaMsBM0wkPOb6KbzuGRsD3waMmbXvBqjH2XlPxsYDOLKxW_loQQS-VXo69-AP5BU5qdoVAJDYq8qIomUxbd1nB9MWNncXxuVw4vRdLcA8N9GFg-udbKNlz4iQAJtRLa2hQdsCzjOY5UiaEMVJD4cplt89RdzxQ9VwdxfLDqe0JlWlc65KS9JcgtzN-YdZZ1bHmGmAzYo9CaQkzdyyANCNGlTC49NgSJpqPhtW3O-8iAWdraYVCR0anWoVouq7McwvzQ2hc3ZHQWKKZbGfQTezXF_z0ec9GX9_JhcacG4DiUDbuZa-7wf8X2t3SrDDi_tYIc21n_TUFuZyCF3HtD-u1Lc5_ikAdUTkbv-BjGxFHQPWMO9EkJoMAbZ7ROtwAPJTg9qkMWfyit2iIs2OTU_lgFq76MdF6c4-Ze-PMh3fwnQzd62QDIY45hCMfHyCq2HubGJzqx0YGVAwWfkliNYyJr7k8XXrAcSXgDQ0Fh-Hpmd81o3XayLDy-2ziPfHlimsgDUYmSsbpcfACzDB8-wjm2Txg9FGcUG-VBleOYQYRXdi73hH_FE7_5J7fPOaFDCYBk_tzyl3GIQF0aUHhFWycxd7Y4NGrEV2FxKb-Tb-SwJxjUb8bg4vRFcMjzLRMIqM4liaWoDkTOxmYxaK3FkoT24zozfviMO83RymLKTfKR7fQs8aBUzMPePxLzyqpdpb2xNcbQbpQTSyfRfuf84u4WutPrrW6_eaUrfSaGnvRuM4&cid=CAASKORoiBHLvzaj7ZGEdsaF3C3vCpzpde1Bo9cNeXyTGCjL131QTuntuVA&rfl=1%2Chttps%253A%252F%252Fdiario.mx%252F%240

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bb956972e397e72d2c6ae9a13e62e6119a4d5554fbeffd369719f6d0d38416e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33007
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 52FF 42 B
63 B 46ms
45ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANi80TX9tb0PeCQGhZfB_rHCjgsqIvycG8NnVjgsEVeaY-mm6Q_ij5rYabu3-UXDxwElErE9U6rhNnqAzR8MSYOk-4eViJG2-aeLhicAoo8YfdkX8

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 52FF 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2021.js

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 10:09:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 52FF 119 KB
36 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 11:07:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 52FF 15 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 09:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0
server: cafe
etag: 1861550861606854559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 09:51:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 52FF 0
0 27ms
27ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvQgPPch6AgXKw2tY54_IrhjVlgdg_AaTwnFPfm-EXfpGaABy1ZtR7xkiHS_8IKoC_zZABXxlx2S7tXYI6dlgKqFQyyw
Requested by: Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7B7C 640 B
318 B 69ms
65ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLzqmccBMAE&v=APEucNVOIh0Osx_N2q3MeicwlLy2eB-1pDQPE6IEjATpWsUu7U-JFR6hdkxBklgmeveYC7Nv8Dm8uA2MaSETq5_a2LFWuSB4Uo42u6-cilEDGTrNj_YGd52gcQauXGQD3nhnOIBgNj0KhhzvZtyjhiKUNzusNHWzIX4k0TmmvYc5BEHiZh0a9a4

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:26 GMT
expires: Mon, 11 Apr 2022 11:07:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 25A8 78 KB
33 KB 110ms
107ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXtkhyXX2kLpy_3upW62wuVD-B6_o_QirH7TxqewDBR4wZHELqH3CBVwMW8FBD9S6W27DnxV83W1htc4JdE9NPIQKMvoSpJBlh8_PfRhgtiZnbjxZBK7YZ4CMK1pkqxLnEzCldnoYJ7WJp89kHmqspJMobPA&dbm_d=AKAmf-ARwtSAD3QumiIISuSZ4qnADI6xJh3PN5tUqzrsX5D0jKJy-tMZOLKNB1a4gOpbXGFTw04Os5jd8_y0S2ttW_uQibAGmPoPkIRK9zGLKXyCxMjFDYtPMDj8NzQamVVF_dQsg0PXnQecXZZeI-Nc8v29U3YOSmpqPN_KaAtRaGnXHkbUo3i4u9TKLbs8S26XIXocurIgg0_hS_iHE6J2bNFYRjaHhomsYsnso2rPUcd3ggQMTbCKiYOtdr2b0x7GrMIYm7xTv70ChkwJu1m4jHqzNJHT17K2oNUpt2Y4BMaFYjPS2WBebDGM6OBid8BmuJlhcgpQBkfWO6lrGllmc-veDGc3EEL3fUM38EBrp3kx7macaEimn3laPeiRSrurpYIB3z8HpR_bueq1b6cm5-euX0u3wjR4NlEa4N9tGjdte9-Yl3XybFQpPfOHmmFAgKwTcK7teygdXjwvZI3GjZP7r_pIgNkkFQTP91yEz9TJwb4vPgyOAtnqEfNvyWcBvWvhl_pbkTVqQ6VN9fSjwySPgaAo_zXKtwPopu4IOPxRgXZGFR0uCOXLkZwviEFZelZeTTX5nvimoqXDnv-oh4BW2gFaPIdXFPtfmoEyRkdz84xNtIWeva4ZH2CEX2AxVvYvUMZ96OcAG7ZAPSUbnAUbxtZ7DZUjgrB7zxZojlf-VzqIUeFeG8A5lTBq4KKjikMtjZ6Sru5yxYnAICRk5b16-i0ymzBAJINHQ2aEX6EkYRf3y5gFze-ntOSHB8EUkiSKyCcfryMXVyc-VxJN1UmUDS0a1ihueVlbtzBnfeL4rA7vs1Kiyn8TYBJKucXQS-j7G2zOt664hUr152aRHlF1TC5kAkk39l3EVnrkG4iIPgQx14AzZiQkgcDXimvJu7o7rEZe5B9pNkF5oLA2Gfqf6ir6rSUjZCH1ev9nnW0jZTdtDWeU-ytAiSnyMzmsy29vQFHhXzc4vLk1hkPyZh7NEGcKobrVW9EyN4F8D0fpIGK2W_asL_9_h-CDkV3hie2QttGmDJqQcU0lW0TWO9yxkhB7_u_HMhmK45KScON1vKBjSoHfPFX4Y9DMXMASwNmakad5zyjyHK_DWDxJQuvXRPLns_HtWmyhygBYJgKJubhB8bNJk_MZrCPXWCQmYQcwwE9qHci8wCwgunQH9JzH2hpGypiXBuYlDvrYlY6dcUa5y68KmedkWzTQZqodMbyrcYIKqbJVZUUgtZySlw7WEsXwJQ4vr6AX3lHZ7KJjCzzANoXwS4ZAQizc6msBUH1YyB-RJmYprobVOqHErwix76s6yfPhYpQY_6_8aNCWkbIjczp5WEeYZ04Mb496WEvcQO4_1xzk8VVaRTaVZ37Quo2gWp1Zi5TW6wdAULIVAn5aOXBg16nPrSE3N089-UfSWSEQ2h-AWCIzfKYOCRplP_rD8HUjsy7tjhXRV-aiF9iAGuuuTkpVOto1mrFRDfESTLt0xq_fcof9OM6oPEYt-JZVGzW2B9jyoN-v6vnH5IzbcM7pSQTuAj18y1jQGI4X1WJ2NeRwL8JC1gVKM3yoEhb8KHjOR0J7LlXOy-dgv0jSYpUzNTP0NhoHcjIqMI_4qxWHQHwBhrSLMmfejrAMxP2ST7ChTZDltaU9gKglowd-U22Qr40jX2fYGb3YAS_7WpHwIw4oBpY7iHT1wDxITEjmGd8X77zs8VGIDaExVxozAGUxu8KroIpLlpXF9y6MqvDw0i6cTxeu_0Yyp_pLgNhd1Qpp121q70m3sfmq3cb_nklEo-SXdRd1oz53T2mzn1SWuyb8zwmmBQSB7UcfbmC8_IJcm9YDsjCjc84uJVa09IHjhJP3svfINpHT9zG2eHruBNgAbQ2Iat44dJgWyoJ5hNcsXJXvHlGEpePz3fSApNYHigkEzSDx4XIljs05JYkObK30DdZ6aGz66NKIR9XmqaGC4Hn7JjDMgOiE7AYyImojvSt9gCCYGRxFg6ZJDL3szUwLVoVX6RoEx6WzMJJv1Jj9bP7hGcbAF3WHcK1wf5t7yvH4yDHUyw6ShJZtALbL0K3L7TBEoT1OI-_qMFavso5tCXlfVnlqflx4-RTZm4649_YQmwec8zCDC-PGG63LV7kVjhpZLSt6GMVei8jqnAYkPV_BFHKlGydRIy6XEla1p5ew2uRfZRTAZ3jNMorB1nvUqKyq20QasFA7h2XrIWn9wcPHGTVcE9GJ2cuwtlXNI-Se_eWeNNoGTISAqlKey9jlWsQ-oC6GWyfnQUWdzaQc4tG6mDLO1KCUeer5VueklMQ12Nq0PF5mRHPxSoLFLqnn5Lg5hKsmN4E5T8uHhWTmMvawr_c14bcIqtktWHLSnYrmUxinI7JiMmcG2gReDV-r06uytSmic7uWdWhjDIPYNjfptmqS8pT8Xj9M8goBYlE4fb4Sp8cRvHz749DiXlS1MetTzfjlqw3tNoaPn68bvizKdg_Z35rYcSf7mEdzx8DLDhrioOi40QGm_NwEkL95vrv8kREfZnQ5mioJoFEaugLdVmDMQtTSEgiVZcil0jthe5FvS1z9J8fCH43tTQI8-6N2oBG0mtljwEgRyVMZfDyFqWYraQnpLMgKVRJz7L4KB4eU4yb74n03Tjyp3yM-Bo1g-_qcf7feAn1-FsJ1xQPb4nJLNSXARlsqi-KA7_lzYsM4azGSOtsurFZkRQ6D90B75H1BoFX8s4vl4Rpdl1ie7R_KTKuM8NALhLNiNiB0-0hPQewGLTS6UERlk5x7-tYx8idDm11uNfOwM50rE7daY-qbSY_Pk9sb77FY5y_y6D1NwXmSrjlbt3vrYA-UdOR5Ifv7W8_6pNSn948Aa1SeHP94k9EGtvtdC7LAXIvVJZiHr8fSGQrqDXxlaPoWg_5JqaK8wMS7rLLJ8v2JR8M0iciJ5NLLpjhtBG36nca8jYvqiGe7PQ-EgLPZSdEs3WItMrjMMe0gTssC___DYJENqAMYr-ErXOgwyn43DDZXcKiGT5b4QBPmNWwtQN0ixgrZEA6p3eAMEYiRCozGyQKr6C5MfoPRTO-73JVXD6MKtw_DNT8mZDrLMhZ4ymjWzLc2rxHe3-pBKB1AZO942Ks1YKrfze35pBRR97eIpHaqtGOmys4_8f9swPQsKQ-0Uv4_uwDZFGOpetvxZ-7NIJblObdpXZH2SVBcOiD69HRuLJlBSTwporlyCSixrixR9TC2Wtst1nUsHHXSsImI_vxglIe6dRQubKPYSHcicUJnmnAm83W3Q2fW3H1yqML0uerXhmLg2-AyyLxNd4D8JQMBd1mhkrJO0qqrxuRq_i725LpmTYGrVPgOhdZt&cid=CAASKORoItf8nMv-YAwHN_neSuJHDkGypsT2C42AbrTSqjjpVaTYwVufh9E&rfl=1%2Chttps%253A%252F%252Fdiario.mx%252F%240

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19f765745fed4a0e6c58e6b208fa381b899b3c850235e510a0ead9905550593e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33271
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25A8 42 B
63 B 46ms
44ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bhuk-ni858J9VsFmE0m9RauP6fwdx1d3BYZXbyYXDw5-R_tZ6CkRnZf8BGycmtJqfOMyYbl9hHRm6T16MtcxxHj2gULMjxQICcSwC0ETaj9bAsAk8

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 25A8 3 KB
1 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2021.js

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 10:09:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25A8 119 KB
36 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 11:07:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 25A8 15 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 09:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0
server: cafe
etag: 1861550861606854559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 09:51:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 25A8 0
0 24ms
21ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTt8Tf4NKzIaA-kOoP35HiptfA-tGbFBMkfryMokvqyROYCPaElfVgtNvQC0vhUFetlF3xGarU0c2WG68gYTHqiDL9h3A
Requested by: Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B760 586 B
315 B 58ms
41ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLzqmccBMAE&v=APEucNVF62OxWwubiyZVfDH18PmOQlsp00wM9rtj-267kn_MII4oLIJMxqyhySt5FXRbiuTysP1mpaZFCmvbTyBI5yzz-4poCAQIxVHEDl7soaY-TQvC4w0k5lRTkGvvqltPDzLx1xsOzFXPS5FYPjgkMTtM-ksmPrH_AFouCq83G6QyKdL79-I

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 294
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1836 78 KB
32 KB 92ms
78ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXZ5LRvcwfkANZMCX6okbw85ZzIBj-wvYimVGSJ8UwRZrkfv4ajA8HU1vM3ntuA6eKbIJZ9DkpSgAHq_azFtODExLSvK_KiVhau00wetKso-GA2xUwTsje5dfcy0xikbDnupZWXm8ey3A7PrC4Wt2HxWybng&dbm_d=AKAmf-DX3ccM9T6hyERWDdbIqpXfCyWe65VzcYi2zBRkysEdVThAZ3smAQDuGwxeCBD4zz5jtIjroEBhuFT9ELSx8hgzv48ka45dJkakDPkp8iGcDR5ME_QO680o-axIl6qt9Xe76vK9q0QZ4hq-3qVcSFbCXt6Lqy_amQhlcAYlR1EVEaiESW0TUN4vOG-wXqnwMwxdJNv8tDY7L9UXR8aA-pR3mNjhoYoGkH2ikes9DL1TxTHtOc7TFlN4fHVjlUvXRUV02Vno4hJ_tebmnjBA8_vrn4ehxiNii1Jy-dJ0e9bBhzKxyUpIkvnQxa0b17wxIsq1qACDwJECcWv9LWwiGk0nsshQrPZNhxbSUG6s49BrdzBNnUPLFVWThL0cI1RBU90HRD8fgCMJKLeaL7u7Jhr3JppBOUBDxAjmoBB280x-Mj2fx_f9k9Rov4l5p-pGBMMa781lifL7nvW3tM8wIKxg8HwwQSLcrrKfBClVtbU5d18mqYKjtle1Wc_Ms9W5V15bX6Gtt1n79eEJTwPr4IJtC9KQ4pJJmPQx3TAfYHa0OaLrfGEsaieY5Mz8_-frei-TsVEkpM3DgnrkKq8vgONRHCAOIyscU2YIPLk2X3c4xUNdcv0dqb99rIiNQegQoMlnUIK2igaSbR-_eL3yLeow6hXDYQkQcjbO4000ZTWVmtp0SCS4Nui3oROhYSk7ApFByo7ZCP1HnyerHuhEsD_V-huYYU53BCFLV6MZmEQtGpbbHuhY5V2CTg3eIkeNYj_hIG4450iOZoHToEL1ir7GdjFNPyAnpvbg9uTlCqiCArnQG3NDk5AJpExzx2x1idMgpiDxDmo3lpIrH53hjbT_0Id6CXiBUqeYkJBHlc18Pl6gi_OLdX8-Rtb_SeDaEX9DhzYxK2kLj4AsbrbhEuLLopUQk2oHVGk_aDgmyx7DjyTAM4j8VhRY_sxUFnpAzUAhY49VVRQH3VWT7HsPXc8pnBLd9_a7h4ifckyjbfdDssFG0PZch6RpzjgVXVOg4zgotZ7aHRZdeD9CJT_8EOVj8Qnh7E2d55MdG1LrrZ9BTKitd-3IUOoqvzi2wtqNfnBy2VczWgvAOZFk3k-ylKmSZYuHIipabDLcG2j9h6MakGPbVJBWPz4FrRC9gqbNQiBmbYcMSJG1t_ymOdhmadMfBA6gu0Bk_VSpxd9W8gVZ7PTPbL-nQ7BOKPSx3nOnkwhVtaczMqyFnYLE-lxqCLPCRkQHlMxILkRluoWcRl44_Kw11FMsaBp5mbTpwIXmdOAL7I-x4_ou9XEN_KMq0P9LHQLpkSQ4mSGdUDkmxxLhgwZksDncVNFVYCeXiwol5_tEWTeZdnUPOAWbwe8Dzi3wb4L-ydF_JagHpS_I7r8riM-0G2udYwWf5D9-xYa304s3nj0ey0Q5c--38V8QixhzcE3woSNxZ2RgPcLqum-4juV5QfnTWYKiQIZ7M3VMEemAvFtXMyGkdrcZlbCIkbUzmXiTBDxsd6MWKOVV2nmLZUb0xfTildwliU1rvu66n0_a6I5KY81nuVdj9O0YbG66pIODlWhtzY0wo0OJMyJfrqxgBUY6BA4ORuBeqIwMM1ntVlTcWUH55zXHEiJ1nXW6_jI9vXgRTWhuiuSsrviQNj4KuB8Z1kbHnzZ_iTxrcUJTQ3E5gxvJ-9x2GXzRDqZKijQCBZRheIY5so-ssfYl632yGyOJkgBdrXO1nyW-EX6N8qlidDI8_4cehwOgfipGo53MsFLt6pjUzF_9xBPkzraN5aAvy1s0xD2HIlulZbXmuOCDPwerdQ0UXSNL13fPiISpJJthVJpqeyJnlFKWqrk84T0Cqcbef4Agrfa__IUb5TgfqRq4zVspD0YjL-kyy-X05-ZO2vudUWeMVNzJAOrrunNueo8d-_TQU6lzFQv6_H5EPiQ7tV2fl3TlTmDYvTvbsvUmLGSRgv0aE-SNtKdNBDTmqrge31vKWvnqCBwYw-8jbj8Wldc8pWvSsbcLxQI6bdEi13JrPPmL_A5bq_iUShS0Uvpme21MnmIZU94FW4fPVLeGS3Etg-vi7sg53UdNyHrQwQJW2XRO1KnQS-WsND_qrUU9_uR-TowT35mJqfwkwYGe4iOBkJwRjk7FJmrcb8gXAc_AEgpYMNEzexnh6kl5qMCti-UMr2vGMknEJ74Exw5liRg0Jtr6Iz49PO14yAyHgl-emLJ_b1rXZYMahaIHH1YHRr689W5SeCm3WDPkp_S-Wd0EZgrR3vtln8_ssxLmyhYNaX-eJSmmBG6-yaUUbOcNlORiymsX1uTAjX7ee6Ta2cCKFQ6BFbu-uv1YrTkxsyXX07rZFOyRfYKoK2Xq6PVQ3QjEyeiiV9REhgKnhFc6HZvl_ra54RDc2hQTeth9HuCe8mQ3Bm7uMFaZRIP6_u3NPCK-fKGIVeWuvYD79KJjs0EEifMNQc7o8tq2k4lev5Rwtbe_IKRBjgo61S-PnHJk7RcK51nDD-w2bTx2yKenbBzC1MldT-rGHB4SXKNo94o1yfVe-8hj2zke8EAgsCF8wdLTj8rWU6HgSQOItekhbFVycVDAjrb9kCwaGXZ6_SkK0VbrBd6QYqGjAJIe41xCWgaAd5lT5ntUkmLB9Om8sPUJxyPyedbbV_Hj41kOWmbQmQcn-PfoO0vR3G7XGH3VvgPuk3AX7Z3LtynuloPaeo-w4qcs16uZQEHnBrQgJ6fQw1vNmUjUlDsiJ-l0io-lqhULEGxZeq5v-b-lCu6G1Unj8jjpX8w68eHIaKen2Hzqz6ZQsFl-J-_K6vbE_z1ZN4LdYoPMvZwKnTg0DvdxH4nvCI7ZH0KA1XuGtjDpj1mNGG8nP8OFkL-OrxREeSiAt6os-QHsc77VZREvMDh5696Bclb-wQGjB3eK2zbcXaOQ_7Hx4sCm3EYGONmwKC0QEB3ajNqUOhEDFJ7x7DSv9eif5PvoNT4lib-x7LIzZwyhIG-fMx9C34lmOuy92QxyFz2yy0eTrtxTOaJTUUJEfBgLYW5StlVbf2DMfHhLBBUJKtKJT3Ag-PtwJMRw4eX0k0NaLzOKwBXd2oQkJlfHrO9leXfXYt-9hPMj9pC0bVriAqivpzNvbByVebLNLUw9n62gRd05j7csrhgmWgLnXyg47pxmNtsOqhCrYNnj4yu4OUHc72is6YBd6-88Y7yvLFUsOciw_wEcaQXU_6HAlvbN777G-lb6D1NEhuACj_k-fdcqL4qF5kbZFuuQ1vHMSx6sf_JERoeGl8f7M_Zh3yvWlYFHiviDba6I9HEh4Cz0UreroIjD1JewYApOYvoCBOWzoNKIJeASpq2r&cid=CAASKORoiE6V4oXgJRihD0CujR4n_fFmYpMzniRmlXgh6RtErtd5RhtJsE4&rfl=2%2Chttps%253A%252F%252Fdiario.mx%252F%240

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddf0d7b9cae58b4b91535381d70b5b902481329bf5e19b5e2bb2b2df37ea2cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 1836 3 KB
1 KB 18ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2021.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 10:09:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1836 119 KB
36 KB 36ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 11:07:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 1836 15 KB
6 KB 18ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 09:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0
server: cafe
etag: 1861550861606854559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 09:51:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1836 0
0 30ms
21ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNiHOsBvawJOgp1hl2oH6ggujTCmBw472IrRcc31d6Rj5rhwtffwBIyedq_21oAjjCmLfIbQ5qMJfYAFJm_BfGahIJDg
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1836 42 B
63 B 48ms
40ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BwukFPZamdC2J9xUHRudZ58CMRvjXPxaoWU26QAz4MoYo2Stx4FYcoMGeaGAKUsFMMQa-yIdDkC6kFXu_Rlz08e4AToDylpetAeuiA3zZEHatgBk0

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 253C 586 B
315 B 41ms
33ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGP7rmccBMAE&v=APEucNXiaCcJAe-Vt4nVp2FaFm3Oxm5yN3BkxwLcfuKbSIB_pGUBXKmVH_84B0TWm3N7MkxBe9_s1-OwEDzZGumiNAm479jOt_M71dwijr395M-5mTgfYFMiuqnjGk1l5q8_BsKWr7XSwUR64VHNUV9bHL9_23noVdkvakvTmsuzOUF3pe5DR08

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 294
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C522 78 KB
33 KB 84ms
78ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqRjLKlXq8wgcOjE_lhQ-x4ta3iFe8Lo-k3ShuH3DhAtXswzeGQwx4EKxVMS4ezXkCccmMPEQSb2BBCCMDGBghmJVHUVN-Ka8uOQ_8STr4uYUXS73S7WRwWFHFN9Z-BRzJwzHcnP24lK1A_KLzrnaEEDWOXA&dbm_d=AKAmf-C50cVH7Gt-vo_YcCEIio3TccMKtLQISUF82dF67EsOPXoFLfgplw2wyFhPGsfVGfY6MhTiKMxq2dHYDt2lF-PM0LDMef6XGKlXpWoAba23fn0qis6aYugY64BixRfDtSWO7kFDrZnOP2y1IogaerjeWPpXJflYu84zxfGNGEF1CtOoy4jf3XI6HT3p-jfGqLLKDPqxFE1b7GB4JHrWjtcZCpQ-DfS9Ml5OrVYzGyo_xd8l8yI_9f_3J7wRwibQmN8TfTz_WObQgVbEujdCB3up7OZ6fNn_ooL5HhPpvZTFZ0vlvr86c87jSswP-_8yxAESUlvFvu2Eqb57QPS1vRj0dXkqsayBMEx1QuzkKB1_f_K_ggglA4H0fdsL_UsbV1_SqohcPgDig_pHoadVzbQrSuJIt_7AKHu3rtLQa3tZJbXpSz2KiUiZS-KLitP9-BWfLytvHVVGX-bYmermBwHroshOQeXxe9xprOMPIHl-Oz47USKVRsq80GgiYYa1FQY2F3U2CpOI-7OJUOj730e0F41pl1n5V0LhF6Oia3RQz9aJzrQmunlCQbn1IlrGPA2Qf2Zipx1CmZpcsQHfRBS_ycn5cmaqOd3sSjxt0Q4CGPCbymMtjlA1Q_2s0YlRBFCx2nbdeFzHz6f6q2bjR4rIbD0642JyJ8tu_7pHOGdFxRBGP-wzlSH5GSmpp_UWH4HlxO5IHcgmigmhnVZMC8FuUt0-cFCPfCdynykh9OS_YhVxzdsJ7gRhPbDGBqjCZtZ6OJHR5SYIE8DGUoMc7NmobdNo4uFkqRyLR4nMSIYMMmRksKMxkzeD72NvzYqXBmg-36Hho_xQs7BnZnolupjjkayNXuMeQMPExXbR0aqUapFCSdXXfG1CC2X08q4SEZ_dwo5F8W7pDC1Rxm1pGErlJOZfig_OJssjFlbQbZJXyy3KBI1XWKV_NxvIzspEo_2Z9w2ygTjXCRo6RMhAgHDkWJz0mrTxhCfj532inFXgEBQboVryJtAYxnY_8GHon4fludaZb7btt0iUyy0x0HRKA8Y4EPa1-ITIfdBQlaHJn7r4rVOp9X9u4TH-UGRTY57uWb5mBkHo1Jldf2FlKysdBT9lTPAD5KcdKPTfR4wgaWJKHd3swo7_PlXflBv-tPwCQZTlLEFq0sZlt5HJLVJUGbE8ZokB6t1KwYX71OLdLGyAP_eeNHZpgTljj3tNLXqtiLms3OVz-1PvKuxult1wTtMmb9VhSE3YRxD8yKc7S2RynNwTGjWkdXUHjVYg7OMPIIXSdXnuNLH2gW6gK1ox796H7e1NRqIooZNMrChAwNUrRlC3RmvukhvQc4EIsKQI13MxDwMDN2HEKNDbGbMlPKy_K_4wjkt8ycvNKQqEwu2N2ENxytEjmxFv0Rb0wc0wIT5fKRy71hoI34usYtxRTZpopZHhRpdLZpP-lHKWgxkeFxSYSf_lu6vi5jdjY8Dphn_sGeXlykxZg0xLcz5gEZEFFd8hp2Li4EbqyTTLhK_ru1Rmf93aC45fV1HtFfwnSiDkOIa7Q39ONr1a5bzCU6Npf8exC6s4J41EcoccZCWtSpDxEqR3jwPlxoQ_KrMDGaAwpoU7GEGaDzbFkPau-c04BqaAxkpyG0sy2fEjFn3B83QO95Gf9NjjCxbIYJKzqqMV3NIGOtIi67hPWvv48zEwRKB0V3Xx6tnXjEGKyYS7UqeKMSu2MbYCkK_Mfh3MxdVsVIC1UaZDmse9yXYbeR7eCPVwuHQoc9owGHvL9rXPdWt5NmUMhIlO9L9l9usaRotEZljxq86mEd_7rfpIyU6eige069X9LL6YhPQsl_bHceURXusAjvB9ELgxZ6Kis17t5pn5PVGyqDAvZwxL7Ad7IzYLvd841ib08L0jlcYJzSp5GulWrLxfDP-NRtFJjgpDzNDU1M6RUAGpv9mUFjkc4iTXIhKdMbI16sY20oXTbQVxTXpt-FOXMVhrlbG6Qcw3lyc8zEZWC3H7-SVYha9UHdUaUlUzbb_iucuPiXqPZhgJni5TaXmSjrj8VGZMdKLJGv3AWdJWefXWdaARuOsNBkPONbEUhhv8V_gtpdLXTdYab2rA5Kv8Em9HWDh4nWEtU0Zp9CNt5dgwN2lgoVHD1hitykRNYM8RC1YoICEq4i7Mg0CjOUrhZqqFuTjAXGdk4yIh9w12QHttrVkMq04lgM0xz54D2_5gDC7hqrKNw4elm3Xj_g0QrWT6elbN0hmdN4RsVxPECvkQq0e8YrlhaDsaI5z2JAsjG6lrEQcyh76Qj_v2A3VXrYvRkBdCZ9BhYzDeOUeRXN5T2Ma11-rMxmX1xeGHQf_V9ACTOw-cdGP2Axu2HQdxJVSn8IS18kkSX32qgUyM56K0TBIBMrfUMey30asM3lW2B3PbowLoWcQmfKBrAcsPBnObfNYaKDZaIXNE-14vUi3wyGt_ViAAC22OsTLbfoguSLPJjEcYYVE25I0BtGa4ha_l5ulJJ80d_TAvs8Akb1DcDQDWw2QFGlH4hQlfk4tRyKPyZ5D5UcOJa9VIz9AVkJ6vMI1DyomoDadYysiqfUvH_MITpscxC5mKGiQvvJ3118Y_xV6mGxTTwFL-u-iCNJnzjNM5xVtMx8FS_8AVCn7oPT96XpfMJ7j0gIgamXgDg9fbkxBNRDuLMoEI0FlRLIZx68lqfuUaOyNdkQcK-VWFmLphUI50_VIZ2xCQYL5Qes2BT0PnPXbUMRN4ritQNeVYwnemk4MPaUAC7vAjW_rH0hqU20LCsOp3lyrpT3hvJiEGHvvwsiDFUNdtQowhioQoxb8-pjkbU18bAsH2fYNkBMizXaEu1TFTv3tfU_4hFiyBL53zm44iKF0YZQJW45qlI7OO45QI-bgh-SB5oslCZiBN4QD2pjOIdi4JyDx0dCtrw8Ywk9lTI1yIGkssrLnGFt4Xzl4mY1TSToytingcudw9BRIt8qDPQWv0B8eiBl7hFuBM9-LGBV66HkoSU3zsST1XOfbuldGWPjIYCtgPMrRlQ3lCARthkgxwvLPPD4mvGzguE2uytmUil_LJXW_ww59frApuYPYvyKsiC9VJ77-1wqqi3u1YbXF2fvMxlweJ5v5-v94JzQwXM5fiK_Laerv0Zhe1vij80uCbfhunp-kEZ4jU_L8jyn3n7qsnXNblBxSVAL7eWKXInM5aSdTWR9ymMJFnMosqCYC-TUvGGilHFapjO-1iMc7BFDOVhaysNZBL6ZMAttCLotIs18DRocovwZLg-_5_rOn-HLXBfUY0A09e3r34zWwdMhkLyLCbQYNI9ldG6aGvmJIFgtK5agCS9A-l&cid=CAASKORoovxYo8V11NHAZ77AVqFvP5_XFDbbSDLM7OXmp9guqvCW4rcZUmc&rfl=1%2Chttps%253A%252F%252Fdiario.mx%252F%240

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d0f43b0f58367e8beb653852a0e7f118b8cb61b09c45d0104468cbf81b8df49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C522 42 B
63 B 45ms
39ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dqybg_4rb6ihR9pSa1dnG3FL1HrpvrWzHXpeoHtPL0H04BqwLALMrW7b98hHXBKWIRFwET3u4mNguEg_xMfaTJZ8cQUU7ba2zizSt4M-WNGLhC_i4

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame C522 3 KB
1 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2021.js

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 10:09:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C522 119 KB
36 KB 41ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 11:07:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame C522 15 KB
6 KB 16ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 09:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0
server: cafe
etag: 1861550861606854559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 09:51:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C522 0
0 24ms
19ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR80vRakzjsfMYtLff0o986VHFnefjOTA3z7eyMhwvrBypHiyGCrRnhMNIRANPBLlGq2Ry1P_JdoXRMHqbisRISE375mw
Requested by: Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6154
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

2403ms
2402ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 11 Apr 2022 11:07:28 GMT
expires: Mon, 11 Apr 2022 11:07:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 11 Apr 2022 11:07:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFDC 0
20 B 45ms
44ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lcjMtc3F1YXJlCgoIAioGc2VydmVyCiwIBCoobXlzaWRpYV9hbmFseXRpY3MscGVyZl92aWRlb19jb250cm9sMl81cAoNEBAhAAAAAIDH4kAwBAoNEBEhAAAAAEBt0UAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAAAAzMzUikAwBAoNEBQhAAAAAJBe8EAwBAoNEBUhAAAAAAAAOUAwBAoNEBYhAAAAAAAAMUAwBAoNEBghAAAAzszQkEAwBBIaQ0pIQzg1ZnZpX2NDRmJ1RV9RY2RfOEFPYUEiEmdwYS9tYXhpbWFsX3YxX29jaCgM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/0d0cbcc0951bb5d335b52002cf3bcf8e.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame ECBE 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 10:10:58 GMT

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 092A 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2601210804495972&output=html&h=280&slotname=7916429874&adk=2370307548&adf=2178955939&pi=t.ma~as.7916429874&w=727&fwrn=4&fwrnh=100&lmt=1649675244&rafmt=1&psa=0&format=727x280&url=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649675244215&bpp=2&bdt=217&idt=349&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C747x280&nras=1&correlator=8018077823069&frm=20&pv=1&ga_vid=143242382.1649675244&ga_sid=1649675244&ga_hid=1797956368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530528%2C44760475&oid=2&pvsid=2815919348481803&pem=93&tmod=2074965434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AtCFgW5UUH&p=https%3A//diario.mx&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 10:10:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6C0B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxvi6Kd1kWA7YmvFrUsv04&google_cver=1

43 B
894 B

158ms
25ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxvi6Kd1kWA7YmvFrUsv04&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNXx2NAPNsUDUMznNkGk2uZUFOJuPHH5yHTwP843Hv3YlpkFg8Cymw19CPxExo6zIzTsi5QP0Ihpzb8nlmn7MZ-Ixgqliib9f_sRoqsNDrOeOU8UOVWaF5QLAP2Smy1AKUC2qYUaABiiiEJ35Udvd44K-TKRVKHm5BJpKW6w6ZdKnNKUufE
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 11:07:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 11 Apr 2022 11:07:26 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxvi6Kd1kWA7YmvFrUsv04&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6C0B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlQL7oX5hNXqwTltLxYvuwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxvi6Kd1kWA7YmvFrUsv04&google_cver=1

43 B
894 B

21ms
20ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxvi6Kd1kWA7YmvFrUsv04&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNXx2NAPNsUDUMznNkGk2uZUFOJuPHH5yHTwP843Hv3YlpkFg8Cymw19CPxExo6zIzTsi5QP0Ihpzb8nlmn7MZ-Ixgqliib9f_sRoqsNDrOeOU8UOVWaF5QLAP2Smy1AKUC2qYUaABiiiEJ35Udvd44K-TKRVKHm5BJpKW6w6ZdKnNKUufE
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 11:07:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 11 Apr 2022 11:07:26 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxvi6Kd1kWA7YmvFrUsv04&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6C0B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKHDC1ftntA5AB8H0f_D9fQ&google_cver=1

43 B
1013 B

43ms
14ms

Image
image/gif

185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKHDC1ftntA5AB8H0f_D9fQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNXx2NAPNsUDUMznNkGk2uZUFOJuPHH5yHTwP843Hv3YlpkFg8Cymw19CPxExo6zIzTsi5QP0Ihpzb8nlmn7MZ-Ixgqliib9f_sRoqsNDrOeOU8UOVWaF5QLAP2Smy1AKUC2qYUaABiiiEJ35Udvd44K-TKRVKHm5BJpKW6w6ZdKnNKUufE

Protocol

HTTP/1.1

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 11:07:26 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ba529e18-e6aa-40c9-b864-187a46cb43cf
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKHDC1ftntA5AB8H0f_D9fQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C0B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc4NzU4ODY3MDA2MDUwOTI3

170 B
188 B

29ms
18ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc4NzU4ODY3MDA2MDUwOTI3

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 11:07:26 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5ee5a7e3-e56e-44e2-b367-ab02732a6e81
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc4NzU4ODY3MDA2MDUwOTI3
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012203172113000/v0/analytics-vendors/ 2 KB
812 B 12ms
11ms Fetch
application/json 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203172113000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://diario.mx/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 499001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 782
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 16:30:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3daa765080c6d541"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 16:30:45 GMT

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/ 23 KB
8 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e96d44180fbc28ad374613f5c43f446cb94c85a80d4edf87d513c5ca2b9b6d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8037
x-xss-protection: 0
server: sffe
date: Mon, 11 Apr 2022 11:07:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "1a8ef148248396b4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 11 Apr 2022 11:07:26 GMT

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012203172113000/v0/analytics-vendors/ 2 KB
931 B 10ms
10ms Fetch
application/json 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203172113000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://diario.mx/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 498999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 901
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 16:30:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4c841e3a52f87d6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 16:30:47 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7B7C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEtTg0MM-zkUUYEbukfze2U&google_cver=1

43 B
106 B

151ms
14ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEtTg0MM-zkUUYEbukfze2U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLzqmccBMAE&v=APEucNVOIh0Osx_N2q3MeicwlLy2eB-1pDQPE6IEjATpWsUu7U-JFR6hdkxBklgmeveYC7Nv8Dm8uA2MaSETq5_a2LFWuSB4Uo42u6-cilEDGTrNj_YGd52gcQauXGQD3nhnOIBgNj0KhhzvZtyjhiKUNzusNHWzIX4k0TmmvYc5BEHiZh0a9a4
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
via: 1.1 google
server: OXGW/18.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEtTg0MM-zkUUYEbukfze2U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7B7C 43 B
305 B 234ms
14ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLzqmccBMAE&v=APEucNVOIh0Osx_N2q3MeicwlLy2eB-1pDQPE6IEjATpWsUu7U-JFR6hdkxBklgmeveYC7Nv8Dm8uA2MaSETq5_a2LFWuSB4Uo42u6-cilEDGTrNj_YGd52gcQauXGQD3nhnOIBgNj0KhhzvZtyjhiKUNzusNHWzIX4k0TmmvYc5BEHiZh0a9a4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 7B7C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESELn329IJIS1R4ccfdnb7Yi0&google_cver=1

23 B
172 B

48ms
48ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESELn329IJIS1R4ccfdnb7Yi0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLzqmccBMAE&v=APEucNVOIh0Osx_N2q3MeicwlLy2eB-1pDQPE6IEjATpWsUu7U-JFR6hdkxBklgmeveYC7Nv8Dm8uA2MaSETq5_a2LFWuSB4Uo42u6-cilEDGTrNj_YGd52gcQauXGQD3nhnOIBgNj0KhhzvZtyjhiKUNzusNHWzIX4k0TmmvYc5BEHiZh0a9a4
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 11 Apr 2022 11:07:26 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESELn329IJIS1R4ccfdnb7Yi0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7B7C 23 B
172 B 193ms
48ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLzqmccBMAE&v=APEucNVOIh0Osx_N2q3MeicwlLy2eB-1pDQPE6IEjATpWsUu7U-JFR6hdkxBklgmeveYC7Nv8Dm8uA2MaSETq5_a2LFWuSB4Uo42u6-cilEDGTrNj_YGd52gcQauXGQD3nhnOIBgNj0KhhzvZtyjhiKUNzusNHWzIX4k0TmmvYc5BEHiZh0a9a4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 11 Apr 2022 11:07:26 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFDC 0
20 B 41ms
40ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lcjMtc3F1YXJlCgoIAioGc2VydmVyCiwIBCoobXlzaWRpYV9hbmFseXRpY3MscGVyZl92aWRlb19jb250cm9sMl81cAoNEDIhAAAAAKCZ2T8wBAoNEDMhAAAAAKCZ2T8wBAoNEDQhAAAAAKCZ2T8wBAoNEDUhAAAAAKCZ2T8wBAoNEDYhAAAAAKCZ2T8wBAoNEDchAAAAAKCZ2T8wBAoNEDghAAAAAMzMBEAwBAoNEDkhAAAA0MzkekAwBAoNEDohAAAAAAAYe0AwBAoNEDshAAAAaGbGikAwBAoNEDwhAAAAaGbGikAwBAoNED0hAAAAzMzUikAwBAoNED4hAAAANDMZkEAwBAoNED8hAAAANDMZkEAwBAoNEEAhAAAAmpndkEAwBBIaQ0pIQzg1ZnZpX2NDRmJ1RV9RY2RfOEFPYUEiEmdwYS9tYXhpbWFsX3YxX29jaCgM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/0d0cbcc0951bb5d335b52002cf3bcf8e.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E4CB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEtTg0MM-zkUUYEbukfze2U&google_cver=1

43 B
114 B

151ms
14ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEtTg0MM-zkUUYEbukfze2U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNV6iMIf8o1ewGdyqb-1hPl0ryd21U2YXCB10BTpp-Khb53ixUuz6GeBaq9zICeWW-xO1WxpW6Pqqw_4Vk6cq2bDGjnGvfur05ZJcdQC2H5DsgcDzBYU3bxvxktGRsn1VSfMR3Fj1pl2DHEeyjI-14PkZX7pE12tz7CjJHeW--33L8jUvcc
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
via: 1.1 google
server: OXGW/18.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEtTg0MM-zkUUYEbukfze2U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame E4CB 43 B
120 B 233ms
15ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNV6iMIf8o1ewGdyqb-1hPl0ryd21U2YXCB10BTpp-Khb53ixUuz6GeBaq9zICeWW-xO1WxpW6Pqqw_4Vk6cq2bDGjnGvfur05ZJcdQC2H5DsgcDzBYU3bxvxktGRsn1VSfMR3Fj1pl2DHEeyjI-14PkZX7pE12tz7CjJHeW--33L8jUvcc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame E4CB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESELn329IJIS1R4ccfdnb7Yi0&google_cver=1

23 B
172 B

50ms
50ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESELn329IJIS1R4ccfdnb7Yi0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNV6iMIf8o1ewGdyqb-1hPl0ryd21U2YXCB10BTpp-Khb53ixUuz6GeBaq9zICeWW-xO1WxpW6Pqqw_4Vk6cq2bDGjnGvfur05ZJcdQC2H5DsgcDzBYU3bxvxktGRsn1VSfMR3Fj1pl2DHEeyjI-14PkZX7pE12tz7CjJHeW--33L8jUvcc
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 11 Apr 2022 11:07:26 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESELn329IJIS1R4ccfdnb7Yi0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame E4CB 23 B
172 B 191ms
47ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNV6iMIf8o1ewGdyqb-1hPl0ryd21U2YXCB10BTpp-Khb53ixUuz6GeBaq9zICeWW-xO1WxpW6Pqqw_4Vk6cq2bDGjnGvfur05ZJcdQC2H5DsgcDzBYU3bxvxktGRsn1VSfMR3Fj1pl2DHEeyjI-14PkZX7pE12tz7CjJHeW--33L8jUvcc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 11 Apr 2022 11:07:26 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 253C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFpHz8euD-G-XfYQIOHS2q4&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFpHz8euD-G-XfYQIOHS2q4&google_cver=1&__user_check__=1&sync_id=923782e3-b987-11ec-83b4-1974e5cf0406

43 B
549 B

67ms
66ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFpHz8euD-G-XfYQIOHS2q4&google_cver=1&__user_check__=1&sync_id=923782e3-b987-11ec-83b4-1974e5cf0406
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGP7rmccBMAE&v=APEucNXiaCcJAe-Vt4nVp2FaFm3Oxm5yN3BkxwLcfuKbSIB_pGUBXKmVH_84B0TWm3N7MkxBe9_s1-OwEDzZGumiNAm479jOt_M71dwijr395M-5mTgfYFMiuqnjGk1l5q8_BsKWr7XSwUR64VHNUV9bHL9_23noVdkvakvTmsuzOUF3pe5DR08
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 11:07:26 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 137
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 11 Apr 2022 11:07:26 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEFpHz8euD-G-XfYQIOHS2q4&google_cver=1&__user_check__=1&sync_id=923782e3-b987-11ec-83b4-1974e5cf0406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 120
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 253C
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTIzOTMzNDctYjk4Ny0xMWVjLTkyZjgtMWJmOWFkOTIwMzA2

170 B
188 B

18ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTIzOTMzNDctYjk4Ny0xMWVjLTkyZjgtMWJmOWFkOTIwMzA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGP7rmccBMAE&v=APEucNXiaCcJAe-Vt4nVp2FaFm3Oxm5yN3BkxwLcfuKbSIB_pGUBXKmVH_84B0TWm3N7MkxBe9_s1-OwEDzZGumiNAm479jOt_M71dwijr395M-5mTgfYFMiuqnjGk1l5q8_BsKWr7XSwUR64VHNUV9bHL9_23noVdkvakvTmsuzOUF3pe5DR08

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 11 Apr 2022 11:07:26 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTIzOTMzNDctYjk4Ny0xMWVjLTkyZjgtMWJmOWFkOTIwMzA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 85
Connection: keep-alive
Content-Length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55946/ Frame 253C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1&apid=UP9235de59-b987-11ec-91ec-027031e56216
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1&apid=UP9235de59-b987-11ec-91ec-027031e56216&verify=true

0
122 B

21ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1&apid=UP9235de59-b987-11ec-91ec-027031e56216&verify=true

Requested by

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1&apid=UP9235de59-b987-11ec-91ec-027031e56216&verify=true
date: Mon, 11 Apr 2022 11:07:26 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 253C
Redirect Chain

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP9235de59-b987-11ec-91ec-027031e56216
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP9235de59-b987-11ec-91ec-027031e56216&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5MjM1ZGU1OS1iOTg3LTExZWMtOTFlYy0wMjcwMzFlNTYyMTY%3D

170 B
188 B

20ms
20ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5MjM1ZGU1OS1iOTg3LTExZWMtOTFlYy0wMjcwMzFlNTYyMTY%3D

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5MjM1ZGU1OS1iOTg3LTExZWMtOTFlYy0wMjcwMzFlNTYyMTY%3D
date: Mon, 11 Apr 2022 11:07:26 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 52FF 106 KB
38 KB 220ms
8ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Origin: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 09:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Apr 2022 09:31:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/ Frame 52FF 8 KB
3 KB 8ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5nZYKTeYM9M_9G3XC0YN0N13N-jHKzOm3nGwCIqESfBbY7CA_5vbgPMnbO_q02U3lyvEsP9vJMf5lxnqxBkOJlCAPhg&cry=1&dbm_d=AKAmf-DHL-b6XG9xKmG_ZP1Ak-w82EkNhnk0E0xRg9J3YUcgEMl2fLeybnH3J10kx5tGzCcHgx1HF_z-F8gPxHM4DgfeXFL8HEgoNUSDiaTIuKiSXhgug9UR3fQx7K9zb6IH5WJRrNbl3yDAb9lpicb5GwIYQJJ-jNkEr462j1aSc6EKPZWxCJ1OieuTtiOYiaCxMKOTR4e41hfaW6GaT1unYyaRBpS5RDFZ8HcCcOklI3ReYEmdBtXoZ3aCeLNlClr6TGaTfPQ1IuX5diOvcVdtpwhc8ZNdCV0Dskv-_P6QsjcuAbt5yPf14kb4bJS7zH63CjgR3zMeXsorkCQc5FRjLCjOghRUwVI_0GOiH7Fj82Cyk9mjV7n72JCZEMAe79MKlZsJLW5eQ6L6S6JRHGsgMwTg3fh_Cpm2lhylhixlW3DQDbFyhsthN5PJnl-xR1Wvi5nh8V7-3I1OEv37zPyABdKF70Fx-GCwwCyGfOYG5Q0Jzz7DQfy_2lYfEaqyJ7nR5al67Gd7ZnzKIJCpBeHyAWu53JgZGNzFUjNdzap3ZdeSjWWWu4Wgt_6_e-eFzwcATpjKtIudEcXmsSkZtDNi2hA9VoK_mVz0I8_w3tKYaJe9Z0mE5gbmMSqCdAp-8xTF6_BPlme-QzTyPB08r-HdQ2dUBJn3FMZ8Ua2mK9F2IBgsdJSlYiyyVvRveWH16tPcx1DRhA9DG_bowLrBxtINGT7eCKM1XELdMMoCZMF-ZhR-F4UBmz8D7N9olQbWsrlrL-q1RzT5JhleZXhCRY1ubYNNfj6q3Ito253Q7xmheeKyQhknZH2awR-MxY3ww6j0HHnl65dMQKmN2B5d44EUqFvi-esisV2ND67D0E-ElhCDH1HLA2RNlaWIscXLIHrfTBT2LoYRl_kfOcOQIlMBOfn0CycbMgaaKdA0vaO1IQJUQ_i7D0U5rAFpcB0Kf02PkEOwXUQ1oKS8niX-XGSgEgdm9OyOfb7yzW9UFrpi9eHmRbg3aAx6TlqgWoEFhJDn3MBINHRfJo-dEswH54pTRfxYEZ2z90Dx_iCIpipq0w9lqjcLMpWg9eLWPDD8iKoq4pEm77_ebfIqD7x-0_GHNrxCL9G9fhiKoSjYLcFYrfOa5WMBP1SMzEeESdpi33fww-4KTZ0T0ccynxBact20Yngs2zfZnZ7gvuYvH7U4AZuNMVlrRSXHQWeiWwzIJOMSjA-61AHyZ1SG5C6NfqAB6sU4__PD17Oe8O0nkMRQ2_tBYqtnZZFRBXsc-zAHnu2nmGB-AFdF_IqyGbBI4QoUbNcxtKYtiKJrYZh7JLWJSIi4coYjmD55zK2ufPjzTcqkqdfzmSSUaP5yisP_tE2TN1jyLXyp9WJC1qUhNzDOFnjThgYNj43y6zYuUa160XPTSx1K369sgJ8HrNb9sEV9mh57w4vrM5wO6bLjLhZE3Acre4casLLrEKoOzKe9iGSJHxHr_-_ZquKR-IyOK9UqjWyDC1T6Ad7XNJb4EnlX0FoFbNr_5T4Su1Uhf5PUdi1IO_iBcGQtkNXLQEuR7cilvSOXMY5ApXdbZ2f1uZkML1Pj3OyLQjLZ00TgbJalhiHnNmJUi-PFdO_aMQMlB59_tPqJxrI-GdhViKUysGKXABinmWiayq8lk0sUVxmP9DsQ9YEyCygZQz0ylFUimX1FVRcUbJUDcPYkkfVtEFERAWXewAmxHJePEztI5DJ-WN0xAcI7JZY1gviA0WFTWxvLuG54BEEU01jkxcL-Dz1vsNvKO00kvqdY68sbNaMX16MnNXgBUZ3UxGPfu0bFcQJXCmTjQVl_54SaE0omhcZ_jbLNXLaRcDlRh83qwjYF4ECAQcwncr_4XF3f3ynkJ_iqX-mV-MCLZJbkrgK6g8xUwsw68uVjF61BhVwclN6ZSJV-W-R7gqqD6efDyZ38Z1w-YYC82_XpPPZS4rUyI05umcB8iqgC2nRbHGVWUFRjtFxizwdxU67EYqo30BPqcCIzDux7DUpugWbyPbiZRl21q0QusVORSUXUwQRc8lotTNXvwMocnn2LJ3Lc02p3_uKSaIRKC5qESQ73vL3bH0cYj4FpIxfxUjqW_g5N8QYqWjOiv-8G7E-PIWJEoL-WJn6VuauvbwgHeJrMc-YV0sgzDxXYLotS2v6r6fOQ9KbClfXZ62Q_TscE-KebQYkBw3q1-FFTbfUVBA_2Ok4cVVIlysQJmyGloH57Bt2NonpyjchIeSnVuBOAGx5qRkCxwfcWZwciY8lHVf4CLttP3ywUh36NKmwo_jq3jqus2f_CiymwTjbJTSaZGEPiimGSEm1uwIPNzDQKOT7xSanqOFLjtlMIxOLR_oO-QH_i2r7QPGPG2DD8nTrTQZIgrAkez_ypE58h5-QJJYOHlnVCPKV01d-kZs2IeW0Uytm3pOARVKBRDj0NMFMWtTayUlj6MieuhhBrbDPAaMsBM0wkPOb6KbzuGRsD3waMmbXvBqjH2XlPxsYDOLKxW_loQQS-VXo69-AP5BU5qdoVAJDYq8qIomUxbd1nB9MWNncXxuVw4vRdLcA8N9GFg-udbKNlz4iQAJtRLa2hQdsCzjOY5UiaEMVJD4cplt89RdzxQ9VwdxfLDqe0JlWlc65KS9JcgtzN-YdZZ1bHmGmAzYo9CaQkzdyyANCNGlTC49NgSJpqPhtW3O-8iAWdraYVCR0anWoVouq7McwvzQ2hc3ZHQWKKZbGfQTezXF_z0ec9GX9_JhcacG4DiUDbuZa-7wf8X2t3SrDDi_tYIc21n_TUFuZyCF3HtD-u1Lc5_ikAdUTkbv-BjGxFHQPWMO9EkJoMAbZ7ROtwAPJTg9qkMWfyit2iIs2OTU_lgFq76MdF6c4-Ze-PMh3fwnQzd62QDIY45hCMfHyCq2HubGJzqx0YGVAwWfkliNYyJr7k8XXrAcSXgDQ0Fh-Hpmd81o3XayLDy-2ziPfHlimsgDUYmSsbpcfACzDB8-wjm2Txg9FGcUG-VBleOYQYRXdi73hH_FE7_5J7fPOaFDCYBk_tzyl3GIQF0aUHhFWycxd7Y4NGrEV2FxKb-Tb-SwJxjUb8bg4vRFcMjzLRMIqM4liaWoDkTOxmYxaK3FkoT24zozfviMO83RymLKTfKR7fQs8aBUzMPePxLzyqpdpb2xNcbQbpQTSyfRfuf84u4WutPrrW6_eaUrfSaGnvRuM4&cid=CAASKORoiBHLvzaj7ZGEdsaF3C3vCpzpde1Bo9cNeXyTGCjL131QTuntuVA&rfl=1%2Chttps%253A%252F%252Fdiario.mx%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:04:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 52FF 25 KB
10 KB 9ms
8ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9790
x-xss-protection: 0
server: cafe
etag: 8169034061967891973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:06:39 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 1836 106 KB
37 KB 228ms
23ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Origin: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 09:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Apr 2022 09:31:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/ Frame 1836 8 KB
3 KB 11ms
10ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXZ5LRvcwfkANZMCX6okbw85ZzIBj-wvYimVGSJ8UwRZrkfv4ajA8HU1vM3ntuA6eKbIJZ9DkpSgAHq_azFtODExLSvK_KiVhau00wetKso-GA2xUwTsje5dfcy0xikbDnupZWXm8ey3A7PrC4Wt2HxWybng&dbm_d=AKAmf-DX3ccM9T6hyERWDdbIqpXfCyWe65VzcYi2zBRkysEdVThAZ3smAQDuGwxeCBD4zz5jtIjroEBhuFT9ELSx8hgzv48ka45dJkakDPkp8iGcDR5ME_QO680o-axIl6qt9Xe76vK9q0QZ4hq-3qVcSFbCXt6Lqy_amQhlcAYlR1EVEaiESW0TUN4vOG-wXqnwMwxdJNv8tDY7L9UXR8aA-pR3mNjhoYoGkH2ikes9DL1TxTHtOc7TFlN4fHVjlUvXRUV02Vno4hJ_tebmnjBA8_vrn4ehxiNii1Jy-dJ0e9bBhzKxyUpIkvnQxa0b17wxIsq1qACDwJECcWv9LWwiGk0nsshQrPZNhxbSUG6s49BrdzBNnUPLFVWThL0cI1RBU90HRD8fgCMJKLeaL7u7Jhr3JppBOUBDxAjmoBB280x-Mj2fx_f9k9Rov4l5p-pGBMMa781lifL7nvW3tM8wIKxg8HwwQSLcrrKfBClVtbU5d18mqYKjtle1Wc_Ms9W5V15bX6Gtt1n79eEJTwPr4IJtC9KQ4pJJmPQx3TAfYHa0OaLrfGEsaieY5Mz8_-frei-TsVEkpM3DgnrkKq8vgONRHCAOIyscU2YIPLk2X3c4xUNdcv0dqb99rIiNQegQoMlnUIK2igaSbR-_eL3yLeow6hXDYQkQcjbO4000ZTWVmtp0SCS4Nui3oROhYSk7ApFByo7ZCP1HnyerHuhEsD_V-huYYU53BCFLV6MZmEQtGpbbHuhY5V2CTg3eIkeNYj_hIG4450iOZoHToEL1ir7GdjFNPyAnpvbg9uTlCqiCArnQG3NDk5AJpExzx2x1idMgpiDxDmo3lpIrH53hjbT_0Id6CXiBUqeYkJBHlc18Pl6gi_OLdX8-Rtb_SeDaEX9DhzYxK2kLj4AsbrbhEuLLopUQk2oHVGk_aDgmyx7DjyTAM4j8VhRY_sxUFnpAzUAhY49VVRQH3VWT7HsPXc8pnBLd9_a7h4ifckyjbfdDssFG0PZch6RpzjgVXVOg4zgotZ7aHRZdeD9CJT_8EOVj8Qnh7E2d55MdG1LrrZ9BTKitd-3IUOoqvzi2wtqNfnBy2VczWgvAOZFk3k-ylKmSZYuHIipabDLcG2j9h6MakGPbVJBWPz4FrRC9gqbNQiBmbYcMSJG1t_ymOdhmadMfBA6gu0Bk_VSpxd9W8gVZ7PTPbL-nQ7BOKPSx3nOnkwhVtaczMqyFnYLE-lxqCLPCRkQHlMxILkRluoWcRl44_Kw11FMsaBp5mbTpwIXmdOAL7I-x4_ou9XEN_KMq0P9LHQLpkSQ4mSGdUDkmxxLhgwZksDncVNFVYCeXiwol5_tEWTeZdnUPOAWbwe8Dzi3wb4L-ydF_JagHpS_I7r8riM-0G2udYwWf5D9-xYa304s3nj0ey0Q5c--38V8QixhzcE3woSNxZ2RgPcLqum-4juV5QfnTWYKiQIZ7M3VMEemAvFtXMyGkdrcZlbCIkbUzmXiTBDxsd6MWKOVV2nmLZUb0xfTildwliU1rvu66n0_a6I5KY81nuVdj9O0YbG66pIODlWhtzY0wo0OJMyJfrqxgBUY6BA4ORuBeqIwMM1ntVlTcWUH55zXHEiJ1nXW6_jI9vXgRTWhuiuSsrviQNj4KuB8Z1kbHnzZ_iTxrcUJTQ3E5gxvJ-9x2GXzRDqZKijQCBZRheIY5so-ssfYl632yGyOJkgBdrXO1nyW-EX6N8qlidDI8_4cehwOgfipGo53MsFLt6pjUzF_9xBPkzraN5aAvy1s0xD2HIlulZbXmuOCDPwerdQ0UXSNL13fPiISpJJthVJpqeyJnlFKWqrk84T0Cqcbef4Agrfa__IUb5TgfqRq4zVspD0YjL-kyy-X05-ZO2vudUWeMVNzJAOrrunNueo8d-_TQU6lzFQv6_H5EPiQ7tV2fl3TlTmDYvTvbsvUmLGSRgv0aE-SNtKdNBDTmqrge31vKWvnqCBwYw-8jbj8Wldc8pWvSsbcLxQI6bdEi13JrPPmL_A5bq_iUShS0Uvpme21MnmIZU94FW4fPVLeGS3Etg-vi7sg53UdNyHrQwQJW2XRO1KnQS-WsND_qrUU9_uR-TowT35mJqfwkwYGe4iOBkJwRjk7FJmrcb8gXAc_AEgpYMNEzexnh6kl5qMCti-UMr2vGMknEJ74Exw5liRg0Jtr6Iz49PO14yAyHgl-emLJ_b1rXZYMahaIHH1YHRr689W5SeCm3WDPkp_S-Wd0EZgrR3vtln8_ssxLmyhYNaX-eJSmmBG6-yaUUbOcNlORiymsX1uTAjX7ee6Ta2cCKFQ6BFbu-uv1YrTkxsyXX07rZFOyRfYKoK2Xq6PVQ3QjEyeiiV9REhgKnhFc6HZvl_ra54RDc2hQTeth9HuCe8mQ3Bm7uMFaZRIP6_u3NPCK-fKGIVeWuvYD79KJjs0EEifMNQc7o8tq2k4lev5Rwtbe_IKRBjgo61S-PnHJk7RcK51nDD-w2bTx2yKenbBzC1MldT-rGHB4SXKNo94o1yfVe-8hj2zke8EAgsCF8wdLTj8rWU6HgSQOItekhbFVycVDAjrb9kCwaGXZ6_SkK0VbrBd6QYqGjAJIe41xCWgaAd5lT5ntUkmLB9Om8sPUJxyPyedbbV_Hj41kOWmbQmQcn-PfoO0vR3G7XGH3VvgPuk3AX7Z3LtynuloPaeo-w4qcs16uZQEHnBrQgJ6fQw1vNmUjUlDsiJ-l0io-lqhULEGxZeq5v-b-lCu6G1Unj8jjpX8w68eHIaKen2Hzqz6ZQsFl-J-_K6vbE_z1ZN4LdYoPMvZwKnTg0DvdxH4nvCI7ZH0KA1XuGtjDpj1mNGG8nP8OFkL-OrxREeSiAt6os-QHsc77VZREvMDh5696Bclb-wQGjB3eK2zbcXaOQ_7Hx4sCm3EYGONmwKC0QEB3ajNqUOhEDFJ7x7DSv9eif5PvoNT4lib-x7LIzZwyhIG-fMx9C34lmOuy92QxyFz2yy0eTrtxTOaJTUUJEfBgLYW5StlVbf2DMfHhLBBUJKtKJT3Ag-PtwJMRw4eX0k0NaLzOKwBXd2oQkJlfHrO9leXfXYt-9hPMj9pC0bVriAqivpzNvbByVebLNLUw9n62gRd05j7csrhgmWgLnXyg47pxmNtsOqhCrYNnj4yu4OUHc72is6YBd6-88Y7yvLFUsOciw_wEcaQXU_6HAlvbN777G-lb6D1NEhuACj_k-fdcqL4qF5kbZFuuQ1vHMSx6sf_JERoeGl8f7M_Zh3yvWlYFHiviDba6I9HEh4Cz0UreroIjD1JewYApOYvoCBOWzoNKIJeASpq2r&cid=CAASKORoiE6V4oXgJRihD0CujR4n_fFmYpMzniRmlXgh6RtErtd5RhtJsE4&rfl=2%2Chttps%253A%252F%252Fdiario.mx%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:04:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 1836 25 KB
10 KB 11ms
11ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9790
x-xss-protection: 0
server: cafe
etag: 8169034061967891973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:06:39 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame C158 106 KB
37 KB 221ms
28ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Origin: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 09:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Apr 2022 09:31:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/ Frame C158 8 KB
3 KB 11ms
10ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHzWFjuAVgSyM_lhCfLqZWuBpxdOKTACRMHEx2UGNx81cr1t3QAreY908xD9w-whHrxLqY_dYfbVCLq7dtDXmCQmIpQg&cry=1&dbm_d=AKAmf-AAZv5RbItIoQI2ftOvLudHOBSk1L2OSHBEnv5HHbtGq-642HrfNXCah6xxUFyrxzEwxLBA7e3p49fu-gcsaKUac_VQhd7lj8AHQBJxYQlnLZaKDE5bFsdkuBBXRUX92drxSssBO6NMcfvWruneoA8gWMa8FtYej4-iDBSKRfBNbgpOrZ88EfaPjZApn5SpDSyMuKM4GxvDf-5hW56UBDY09MA0N2a6cSS4ULsyFEY7q4TpZme2wojkb197E3n2-s9HEAp6jjE7CZwOX9eT5Br_q6VuWEsqBeOMO7bvLjzuy2PpR7qGhATaucvuuolrYFrbrswMv6rXaGeBD4ixWNGRJ8toFmAsz1GPFdCc4IDqip36SGWofXmPhxdQfBziZBi-gZYl9iudBJgAkXCFw6xA83uK3hISBy5Le_NC-QiCrebum0TC2VHusLjzmgYy0gpj7S2MeUGlUH8144VZJsWka1fkCAj02AcAdbJJX4h49ETRTC1lVo73EiTHUl8KD-MV4FMmuVkFNqHzOtAEK7YrnnfrCSwUiXlaTX6S9MG3RFhI6p93WKCrDSNDH3cawk03kJfi_KfPEIcTNIGJjPw_xpJ6knf_B8B1SdsOBb2mH8AhM8iQDM9TVQmT9uIJHtfauVLDShZyfaeUcTFZ0aIk3M8b1sDAta3BFzJtCyWwDVmKW2taPacrMNvTOJ2IDrHS2810dmNSgJANA0pzlX3EPkxHu-r2P3a-WTD9LOuO5Md-K5_FNXrDF08SZ4XmKIxolZk5qn77Zsg390h1M_SGE7vB_JegsTB2apurcRG_9Vi53LHAwCwwFx-00d--_xw6L9DZ_HGcTRY4o6kPLzzXH8CNYVpMAj2yMe4aiXtEzZu-X9AWyCjmP_xrRi8jz4uJFpc5ldKpOPIpcApcBRL079OmW_JAAEwfqgsJEgn_sbIgQN8EFFY5p7vUjGB-qVxle84hdvhT-ttFu10_NWcXtvafsTOel1CzaSC_t-DM2lwEnl5MwYq5oIiUfQe41q3aIgfPvRtRvVyFdXKHTPUSf716b7n8OSNakDwWvM_gRpj4sHJN7dswyFiIiwTL9Ak022nPi9ym-6LGm1ZkYAlzE8uuCjXPC2ml5V0oHjzemDV_QOS1aq6FQCLSMSI4rZFbKYsIIBACgGY-2FbyKD2F0gVqncgO6tvbhzdvpkeLTAQnx9R39zPvgVeScS2iJYI5n7Nn_u-n1azobFOeq-EZ0YYSEOmawqtexmqCnY7EmuAq0eA9E1mXKplRmx1EmU-2jXu5fMpro7nXPqLtMxHp0YEP9F0HkcD_Ex9ViPskEVU190wJGTwV828h51f2F9mpwe95YuTWGrn26FVzYlSCYlNZcIZJ6iHRGBM8jUqNjAV0DWaXc_ORn8B-sWdiRwE1cYxqdekKFbISWT8_A40--9J0THZ-dr94uKdjxH_J2JpZkWhgirBeZHVfw1_UTYeFlRHbTLtF1Z3uINz-m3H1GgWJKnhma0UzW5PTcYyLU6u0R4msInzEXlFd3tGiNTsqpBNxC3UA-59CTktkGP6a0Ez3rhFvIxfo3t6eyJffjGAznKAPTHgIoeNMxj6R_gUHVc_15H1FbemUs9vzPnICOkjThJTjbN3YXjLtsRHfPmxW2ZEqqgMb1FyHDzCnVsEd25IsjLx79ze5qrdLytTDsCJfKz5wTCOA8X4q-7iZA8Ap2RePRbwxLF751XQHWpi4ROjfzDyHCaz4yWkjFgikDV2YFkRXGACq1ukTaetv85iSAS937vtQmB5JC-ocYuq1aKiIJhaQBml13C3Q8uCKwB6Ax8QZQUnUZIpemOx-GLQshXlHmSIkvZ2sagggmgyIzryBEYuDnV4OE9U3HhyibForWBqygC50yQz8PJ3M8w3BN73sLk_inO48TaY69N4qbnItrZz9Pd91F2CEeXBfsIAyRtJrCVhtx4cjDXaVQFGc_-NN3aH6GoflfwqoJIf3cAfabftd16S-bAekVfsOIYwO83FmXy-M5q31yuuRP9GIzTVRSnVAW46GvG7huWsozQvWQQS7dnQao0wFQqwXKrwc2QjanoxySeTykgC96oqfhvjS9Ta9F7NaO2F68xPvpIeU9NDVPBELRVFmjM1ZPhIzE3iPFWq1kdnziapJpkFeUevBlb02-k2trSHUwTN9euw7BYyfpKLn53XVPHF_Ozu6qeHKzzg70V-PRJU8JY1m4V0sXvHTs26UKoGalz_oA5VmRK2fD4-yPHVyQy0BNUNVJngQ7I35opIdKRy5CB7ypnWwjp075r2hyxy4VGerB4Lphmy15VjKOzpVrsM_-vMXf1R8UiwVjEPp7X4J0qzOF67ke4_bgOdnlNCQsW2Rr_O9TM8OaBQ0yYebeum7rZkahExTkDNO0H1kJosdt06Ssnoe6Dg2H99zTMgj_PqaFh8m6kEaciT5I8Q8iJ8K0zfQSO5mBHDVZWX3iqgM8BFGutN9bb3B3blJfcbKPoslEMFkb5mpaLJnEOTGKfcL6VHApkS4KHdfHK4NkSopuGn8V1BaZiei0oVUXhMiN2yMUT6aZ_84b0sToDtzjbx_RmxiTyGjDtK07rC1NCSIiXuVuPUQuE25PS3oo5woUDcXfRGfKAo-jSrOsQ_g6biasUOUaaq176IJYn6hD1NxC3yxitanMUo72V7MVUcmJ5MZzWCKBwO9hqWiQcOm1J11Qq4TTGIdN74S3QqwK7HiuiHfDxeCaZdyAkXKu_y3calR1HtMckV4AqTIj6ty7JP0TZe5z5MKcZa8acufLtORhRYKoguqoGTOdv6pGHzwpSv8Cx3a0AsLMvuWIgaA3DNZWpaoLQBuiVgbtq2YnUACYxd-SmlzDKVDUXAaQwn-suds_gHBd9zakcbiNDv8BsYRqcNhGp5anFVPlN3hRfmlE-Zfrk_CNEYuv_X8Jz2t0D1wJIFXDSJqLfvbWECe0osar1lXJ-UeJfvFfiWW8WHTD9l5yapQkSGcLsMOX1c108I8WhRWVJXBbIPShngnTXEJ1pTOPivs6B7LR4XASQWGYqiHs47rvf6RkllWZR4yguLuwD2CupOOG-yBGHAI7BL4N-z3NDMEbFqPbp3j8q-5pjDZhKz4QWayXTvlHbxbqJLBqoNRC97MvEcvC0mWaAp-cClaivCPCK5hoi1JMvvn3-Dey-Q&cid=CAASKORosDIfy1_Vb0eEDuU9LteNhjEIHKS_Q-8WZw7NOxPBFewUmX6P-nI&rfl=1%2Chttps%253A%252F%252Fdiario.mx%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:04:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame C158 25 KB
10 KB 10ms
8ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9790
x-xss-protection: 0
server: cafe
etag: 8169034061967891973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:06:39 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 25A8 106 KB
37 KB 215ms
30ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Origin: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 09:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Apr 2022 09:31:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/ Frame 25A8 8 KB
3 KB 10ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXtkhyXX2kLpy_3upW62wuVD-B6_o_QirH7TxqewDBR4wZHELqH3CBVwMW8FBD9S6W27DnxV83W1htc4JdE9NPIQKMvoSpJBlh8_PfRhgtiZnbjxZBK7YZ4CMK1pkqxLnEzCldnoYJ7WJp89kHmqspJMobPA&dbm_d=AKAmf-ARwtSAD3QumiIISuSZ4qnADI6xJh3PN5tUqzrsX5D0jKJy-tMZOLKNB1a4gOpbXGFTw04Os5jd8_y0S2ttW_uQibAGmPoPkIRK9zGLKXyCxMjFDYtPMDj8NzQamVVF_dQsg0PXnQecXZZeI-Nc8v29U3YOSmpqPN_KaAtRaGnXHkbUo3i4u9TKLbs8S26XIXocurIgg0_hS_iHE6J2bNFYRjaHhomsYsnso2rPUcd3ggQMTbCKiYOtdr2b0x7GrMIYm7xTv70ChkwJu1m4jHqzNJHT17K2oNUpt2Y4BMaFYjPS2WBebDGM6OBid8BmuJlhcgpQBkfWO6lrGllmc-veDGc3EEL3fUM38EBrp3kx7macaEimn3laPeiRSrurpYIB3z8HpR_bueq1b6cm5-euX0u3wjR4NlEa4N9tGjdte9-Yl3XybFQpPfOHmmFAgKwTcK7teygdXjwvZI3GjZP7r_pIgNkkFQTP91yEz9TJwb4vPgyOAtnqEfNvyWcBvWvhl_pbkTVqQ6VN9fSjwySPgaAo_zXKtwPopu4IOPxRgXZGFR0uCOXLkZwviEFZelZeTTX5nvimoqXDnv-oh4BW2gFaPIdXFPtfmoEyRkdz84xNtIWeva4ZH2CEX2AxVvYvUMZ96OcAG7ZAPSUbnAUbxtZ7DZUjgrB7zxZojlf-VzqIUeFeG8A5lTBq4KKjikMtjZ6Sru5yxYnAICRk5b16-i0ymzBAJINHQ2aEX6EkYRf3y5gFze-ntOSHB8EUkiSKyCcfryMXVyc-VxJN1UmUDS0a1ihueVlbtzBnfeL4rA7vs1Kiyn8TYBJKucXQS-j7G2zOt664hUr152aRHlF1TC5kAkk39l3EVnrkG4iIPgQx14AzZiQkgcDXimvJu7o7rEZe5B9pNkF5oLA2Gfqf6ir6rSUjZCH1ev9nnW0jZTdtDWeU-ytAiSnyMzmsy29vQFHhXzc4vLk1hkPyZh7NEGcKobrVW9EyN4F8D0fpIGK2W_asL_9_h-CDkV3hie2QttGmDJqQcU0lW0TWO9yxkhB7_u_HMhmK45KScON1vKBjSoHfPFX4Y9DMXMASwNmakad5zyjyHK_DWDxJQuvXRPLns_HtWmyhygBYJgKJubhB8bNJk_MZrCPXWCQmYQcwwE9qHci8wCwgunQH9JzH2hpGypiXBuYlDvrYlY6dcUa5y68KmedkWzTQZqodMbyrcYIKqbJVZUUgtZySlw7WEsXwJQ4vr6AX3lHZ7KJjCzzANoXwS4ZAQizc6msBUH1YyB-RJmYprobVOqHErwix76s6yfPhYpQY_6_8aNCWkbIjczp5WEeYZ04Mb496WEvcQO4_1xzk8VVaRTaVZ37Quo2gWp1Zi5TW6wdAULIVAn5aOXBg16nPrSE3N089-UfSWSEQ2h-AWCIzfKYOCRplP_rD8HUjsy7tjhXRV-aiF9iAGuuuTkpVOto1mrFRDfESTLt0xq_fcof9OM6oPEYt-JZVGzW2B9jyoN-v6vnH5IzbcM7pSQTuAj18y1jQGI4X1WJ2NeRwL8JC1gVKM3yoEhb8KHjOR0J7LlXOy-dgv0jSYpUzNTP0NhoHcjIqMI_4qxWHQHwBhrSLMmfejrAMxP2ST7ChTZDltaU9gKglowd-U22Qr40jX2fYGb3YAS_7WpHwIw4oBpY7iHT1wDxITEjmGd8X77zs8VGIDaExVxozAGUxu8KroIpLlpXF9y6MqvDw0i6cTxeu_0Yyp_pLgNhd1Qpp121q70m3sfmq3cb_nklEo-SXdRd1oz53T2mzn1SWuyb8zwmmBQSB7UcfbmC8_IJcm9YDsjCjc84uJVa09IHjhJP3svfINpHT9zG2eHruBNgAbQ2Iat44dJgWyoJ5hNcsXJXvHlGEpePz3fSApNYHigkEzSDx4XIljs05JYkObK30DdZ6aGz66NKIR9XmqaGC4Hn7JjDMgOiE7AYyImojvSt9gCCYGRxFg6ZJDL3szUwLVoVX6RoEx6WzMJJv1Jj9bP7hGcbAF3WHcK1wf5t7yvH4yDHUyw6ShJZtALbL0K3L7TBEoT1OI-_qMFavso5tCXlfVnlqflx4-RTZm4649_YQmwec8zCDC-PGG63LV7kVjhpZLSt6GMVei8jqnAYkPV_BFHKlGydRIy6XEla1p5ew2uRfZRTAZ3jNMorB1nvUqKyq20QasFA7h2XrIWn9wcPHGTVcE9GJ2cuwtlXNI-Se_eWeNNoGTISAqlKey9jlWsQ-oC6GWyfnQUWdzaQc4tG6mDLO1KCUeer5VueklMQ12Nq0PF5mRHPxSoLFLqnn5Lg5hKsmN4E5T8uHhWTmMvawr_c14bcIqtktWHLSnYrmUxinI7JiMmcG2gReDV-r06uytSmic7uWdWhjDIPYNjfptmqS8pT8Xj9M8goBYlE4fb4Sp8cRvHz749DiXlS1MetTzfjlqw3tNoaPn68bvizKdg_Z35rYcSf7mEdzx8DLDhrioOi40QGm_NwEkL95vrv8kREfZnQ5mioJoFEaugLdVmDMQtTSEgiVZcil0jthe5FvS1z9J8fCH43tTQI8-6N2oBG0mtljwEgRyVMZfDyFqWYraQnpLMgKVRJz7L4KB4eU4yb74n03Tjyp3yM-Bo1g-_qcf7feAn1-FsJ1xQPb4nJLNSXARlsqi-KA7_lzYsM4azGSOtsurFZkRQ6D90B75H1BoFX8s4vl4Rpdl1ie7R_KTKuM8NALhLNiNiB0-0hPQewGLTS6UERlk5x7-tYx8idDm11uNfOwM50rE7daY-qbSY_Pk9sb77FY5y_y6D1NwXmSrjlbt3vrYA-UdOR5Ifv7W8_6pNSn948Aa1SeHP94k9EGtvtdC7LAXIvVJZiHr8fSGQrqDXxlaPoWg_5JqaK8wMS7rLLJ8v2JR8M0iciJ5NLLpjhtBG36nca8jYvqiGe7PQ-EgLPZSdEs3WItMrjMMe0gTssC___DYJENqAMYr-ErXOgwyn43DDZXcKiGT5b4QBPmNWwtQN0ixgrZEA6p3eAMEYiRCozGyQKr6C5MfoPRTO-73JVXD6MKtw_DNT8mZDrLMhZ4ymjWzLc2rxHe3-pBKB1AZO942Ks1YKrfze35pBRR97eIpHaqtGOmys4_8f9swPQsKQ-0Uv4_uwDZFGOpetvxZ-7NIJblObdpXZH2SVBcOiD69HRuLJlBSTwporlyCSixrixR9TC2Wtst1nUsHHXSsImI_vxglIe6dRQubKPYSHcicUJnmnAm83W3Q2fW3H1yqML0uerXhmLg2-AyyLxNd4D8JQMBd1mhkrJO0qqrxuRq_i725LpmTYGrVPgOhdZt&cid=CAASKORoItf8nMv-YAwHN_neSuJHDkGypsT2C42AbrTSqjjpVaTYwVufh9E&rfl=1%2Chttps%253A%252F%252Fdiario.mx%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:04:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 25A8 25 KB
10 KB 10ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9790
x-xss-protection: 0
server: cafe
etag: 8169034061967891973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:06:39 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame B760
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFpHz8euD-G-XfYQIOHS2q4&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFpHz8euD-G-XfYQIOHS2q4&google_cver=1&__user_check__=1&sync_id=9239339f-b987-11ec-92f8-1bf9ad920306

43 B
548 B

20ms
19ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFpHz8euD-G-XfYQIOHS2q4&google_cver=1&__user_check__=1&sync_id=9239339f-b987-11ec-92f8-1bf9ad920306
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLzqmccBMAE&v=APEucNVF62OxWwubiyZVfDH18PmOQlsp00wM9rtj-267kn_MII4oLIJMxqyhySt5FXRbiuTysP1mpaZFCmvbTyBI5yzz-4poCAQIxVHEDl7soaY-TQvC4w0k5lRTkGvvqltPDzLx1xsOzFXPS5FYPjgkMTtM-ksmPrH_AFouCq83G6QyKdL79-I
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 11:07:26 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 87
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 11 Apr 2022 11:07:26 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEFpHz8euD-G-XfYQIOHS2q4&google_cver=1&__user_check__=1&sync_id=9239339f-b987-11ec-92f8-1bf9ad920306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 138
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B760
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTIzOTMzNDctYjk4Ny0xMWVjLTkyZjgtMWJmOWFkOTIwMzA2

170 B
188 B

27ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTIzOTMzNDctYjk4Ny0xMWVjLTkyZjgtMWJmOWFkOTIwMzA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLzqmccBMAE&v=APEucNVF62OxWwubiyZVfDH18PmOQlsp00wM9rtj-267kn_MII4oLIJMxqyhySt5FXRbiuTysP1mpaZFCmvbTyBI5yzz-4poCAQIxVHEDl7soaY-TQvC4w0k5lRTkGvvqltPDzLx1xsOzFXPS5FYPjgkMTtM-ksmPrH_AFouCq83G6QyKdL79-I

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 11 Apr 2022 11:07:26 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTIzOTMzNDctYjk4Ny0xMWVjLTkyZjgtMWJmOWFkOTIwMzA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 78
Connection: keep-alive
Content-Length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55946/ Frame B760
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1&apid=UP9235de59-b987-11ec-91ec-027031e56216
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1&apid=UP9235de59-b987-11ec-91ec-027031e56216&verify=true

0
18 B

24ms
11ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1&apid=UP9235de59-b987-11ec-91ec-027031e56216&verify=true

Requested by

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEDlB-yfE95g0gPS5r5iXq64&_origin=1&google_cver=1&apid=UP9235de59-b987-11ec-91ec-027031e56216&verify=true
date: Mon, 11 Apr 2022 11:07:26 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B760
Redirect Chain

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP9235de59-b987-11ec-91ec-027031e56216
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP9235de59-b987-11ec-91ec-027031e56216&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5MjM1ZGU1OS1iOTg3LTExZWMtOTFlYy0wMjcwMzFlNTYyMTY%3D

170 B
188 B

21ms
21ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5MjM1ZGU1OS1iOTg3LTExZWMtOTFlYy0wMjcwMzFlNTYyMTY%3D

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5MjM1ZGU1OS1iOTg3LTExZWMtOTFlYy0wMjcwMzFlNTYyMTY%3D
date: Mon, 11 Apr 2022 11:07:26 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame C522 106 KB
37 KB 205ms
32ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Origin: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 09:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Apr 2022 09:31:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/ Frame C522 8 KB
3 KB 12ms
12ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqRjLKlXq8wgcOjE_lhQ-x4ta3iFe8Lo-k3ShuH3DhAtXswzeGQwx4EKxVMS4ezXkCccmMPEQSb2BBCCMDGBghmJVHUVN-Ka8uOQ_8STr4uYUXS73S7WRwWFHFN9Z-BRzJwzHcnP24lK1A_KLzrnaEEDWOXA&dbm_d=AKAmf-C50cVH7Gt-vo_YcCEIio3TccMKtLQISUF82dF67EsOPXoFLfgplw2wyFhPGsfVGfY6MhTiKMxq2dHYDt2lF-PM0LDMef6XGKlXpWoAba23fn0qis6aYugY64BixRfDtSWO7kFDrZnOP2y1IogaerjeWPpXJflYu84zxfGNGEF1CtOoy4jf3XI6HT3p-jfGqLLKDPqxFE1b7GB4JHrWjtcZCpQ-DfS9Ml5OrVYzGyo_xd8l8yI_9f_3J7wRwibQmN8TfTz_WObQgVbEujdCB3up7OZ6fNn_ooL5HhPpvZTFZ0vlvr86c87jSswP-_8yxAESUlvFvu2Eqb57QPS1vRj0dXkqsayBMEx1QuzkKB1_f_K_ggglA4H0fdsL_UsbV1_SqohcPgDig_pHoadVzbQrSuJIt_7AKHu3rtLQa3tZJbXpSz2KiUiZS-KLitP9-BWfLytvHVVGX-bYmermBwHroshOQeXxe9xprOMPIHl-Oz47USKVRsq80GgiYYa1FQY2F3U2CpOI-7OJUOj730e0F41pl1n5V0LhF6Oia3RQz9aJzrQmunlCQbn1IlrGPA2Qf2Zipx1CmZpcsQHfRBS_ycn5cmaqOd3sSjxt0Q4CGPCbymMtjlA1Q_2s0YlRBFCx2nbdeFzHz6f6q2bjR4rIbD0642JyJ8tu_7pHOGdFxRBGP-wzlSH5GSmpp_UWH4HlxO5IHcgmigmhnVZMC8FuUt0-cFCPfCdynykh9OS_YhVxzdsJ7gRhPbDGBqjCZtZ6OJHR5SYIE8DGUoMc7NmobdNo4uFkqRyLR4nMSIYMMmRksKMxkzeD72NvzYqXBmg-36Hho_xQs7BnZnolupjjkayNXuMeQMPExXbR0aqUapFCSdXXfG1CC2X08q4SEZ_dwo5F8W7pDC1Rxm1pGErlJOZfig_OJssjFlbQbZJXyy3KBI1XWKV_NxvIzspEo_2Z9w2ygTjXCRo6RMhAgHDkWJz0mrTxhCfj532inFXgEBQboVryJtAYxnY_8GHon4fludaZb7btt0iUyy0x0HRKA8Y4EPa1-ITIfdBQlaHJn7r4rVOp9X9u4TH-UGRTY57uWb5mBkHo1Jldf2FlKysdBT9lTPAD5KcdKPTfR4wgaWJKHd3swo7_PlXflBv-tPwCQZTlLEFq0sZlt5HJLVJUGbE8ZokB6t1KwYX71OLdLGyAP_eeNHZpgTljj3tNLXqtiLms3OVz-1PvKuxult1wTtMmb9VhSE3YRxD8yKc7S2RynNwTGjWkdXUHjVYg7OMPIIXSdXnuNLH2gW6gK1ox796H7e1NRqIooZNMrChAwNUrRlC3RmvukhvQc4EIsKQI13MxDwMDN2HEKNDbGbMlPKy_K_4wjkt8ycvNKQqEwu2N2ENxytEjmxFv0Rb0wc0wIT5fKRy71hoI34usYtxRTZpopZHhRpdLZpP-lHKWgxkeFxSYSf_lu6vi5jdjY8Dphn_sGeXlykxZg0xLcz5gEZEFFd8hp2Li4EbqyTTLhK_ru1Rmf93aC45fV1HtFfwnSiDkOIa7Q39ONr1a5bzCU6Npf8exC6s4J41EcoccZCWtSpDxEqR3jwPlxoQ_KrMDGaAwpoU7GEGaDzbFkPau-c04BqaAxkpyG0sy2fEjFn3B83QO95Gf9NjjCxbIYJKzqqMV3NIGOtIi67hPWvv48zEwRKB0V3Xx6tnXjEGKyYS7UqeKMSu2MbYCkK_Mfh3MxdVsVIC1UaZDmse9yXYbeR7eCPVwuHQoc9owGHvL9rXPdWt5NmUMhIlO9L9l9usaRotEZljxq86mEd_7rfpIyU6eige069X9LL6YhPQsl_bHceURXusAjvB9ELgxZ6Kis17t5pn5PVGyqDAvZwxL7Ad7IzYLvd841ib08L0jlcYJzSp5GulWrLxfDP-NRtFJjgpDzNDU1M6RUAGpv9mUFjkc4iTXIhKdMbI16sY20oXTbQVxTXpt-FOXMVhrlbG6Qcw3lyc8zEZWC3H7-SVYha9UHdUaUlUzbb_iucuPiXqPZhgJni5TaXmSjrj8VGZMdKLJGv3AWdJWefXWdaARuOsNBkPONbEUhhv8V_gtpdLXTdYab2rA5Kv8Em9HWDh4nWEtU0Zp9CNt5dgwN2lgoVHD1hitykRNYM8RC1YoICEq4i7Mg0CjOUrhZqqFuTjAXGdk4yIh9w12QHttrVkMq04lgM0xz54D2_5gDC7hqrKNw4elm3Xj_g0QrWT6elbN0hmdN4RsVxPECvkQq0e8YrlhaDsaI5z2JAsjG6lrEQcyh76Qj_v2A3VXrYvRkBdCZ9BhYzDeOUeRXN5T2Ma11-rMxmX1xeGHQf_V9ACTOw-cdGP2Axu2HQdxJVSn8IS18kkSX32qgUyM56K0TBIBMrfUMey30asM3lW2B3PbowLoWcQmfKBrAcsPBnObfNYaKDZaIXNE-14vUi3wyGt_ViAAC22OsTLbfoguSLPJjEcYYVE25I0BtGa4ha_l5ulJJ80d_TAvs8Akb1DcDQDWw2QFGlH4hQlfk4tRyKPyZ5D5UcOJa9VIz9AVkJ6vMI1DyomoDadYysiqfUvH_MITpscxC5mKGiQvvJ3118Y_xV6mGxTTwFL-u-iCNJnzjNM5xVtMx8FS_8AVCn7oPT96XpfMJ7j0gIgamXgDg9fbkxBNRDuLMoEI0FlRLIZx68lqfuUaOyNdkQcK-VWFmLphUI50_VIZ2xCQYL5Qes2BT0PnPXbUMRN4ritQNeVYwnemk4MPaUAC7vAjW_rH0hqU20LCsOp3lyrpT3hvJiEGHvvwsiDFUNdtQowhioQoxb8-pjkbU18bAsH2fYNkBMizXaEu1TFTv3tfU_4hFiyBL53zm44iKF0YZQJW45qlI7OO45QI-bgh-SB5oslCZiBN4QD2pjOIdi4JyDx0dCtrw8Ywk9lTI1yIGkssrLnGFt4Xzl4mY1TSToytingcudw9BRIt8qDPQWv0B8eiBl7hFuBM9-LGBV66HkoSU3zsST1XOfbuldGWPjIYCtgPMrRlQ3lCARthkgxwvLPPD4mvGzguE2uytmUil_LJXW_ww59frApuYPYvyKsiC9VJ77-1wqqi3u1YbXF2fvMxlweJ5v5-v94JzQwXM5fiK_Laerv0Zhe1vij80uCbfhunp-kEZ4jU_L8jyn3n7qsnXNblBxSVAL7eWKXInM5aSdTWR9ymMJFnMosqCYC-TUvGGilHFapjO-1iMc7BFDOVhaysNZBL6ZMAttCLotIs18DRocovwZLg-_5_rOn-HLXBfUY0A09e3r34zWwdMhkLyLCbQYNI9ldG6aGvmJIFgtK5agCS9A-l&cid=CAASKORoovxYo8V11NHAZ77AVqFvP5_XFDbbSDLM7OXmp9guqvCW4rcZUmc&rfl=1%2Chttps%253A%252F%252Fdiario.mx%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:04:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame C522 25 KB
10 KB 20ms
15ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9790
x-xss-protection: 0
server: cafe
etag: 8169034061967891973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 11:06:39 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5534637385780799923/ Frame 6F41 111 KB
22 KB 26ms
9ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5534637385780799923/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd9b7f3a802bcb2d7bfd0059b4ac28b2711255e9ef0699b2f063bbc110671bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 327375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22682
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 16:11:11 GMT
expires: Fri, 07 Apr 2023 16:11:11 GMT
last-modified: Thu, 17 Mar 2022 16:07:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 52FF 0
64 B 107ms
67ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjuPUiVvNmYfO6nAV4633rfT2MCuvrarIEa4cGPoUQuCkNla3RyjO2qtosKKrxYhiBQ5CJ4Gzt6-Kf3DUksDCbZHxeztAE4WbYGXwILh2n-8kM3dPCftczV7zYN4Pvx_a3ryPltUmggJOnCxlE6hGQ34rLugsvb5DJ0Sy25PS8aBAtMGHAqW8qjlOdik14dxc7cWEtRuOArpZpwyGmPEp9HrK1ETrtHJaXKUFlCLahpSAa5FdnAaISjxeIayH2_SYDssS7ZAxOxRkc7AyHoKp58gB-hCYSTUR3lgRo7tBGND6uKXdDEqzTLqOBbBOCDSBYHUJJAMshEvE3MRzq1QUp7VBET5KGVn7-wK2OnglOSZl3Jp6vTzCAb8qGHka4X2nW_Kk8qqUbDown6QOEHlrXTt0lUcbxHKsaceFo5TefAhF669s3dOMNWhFKWYc6s8-47n3g69vxXKjX2yJeP_8b1bt5TuDYmoY8SFaAX6nS1fVB35SBEXUa8CsjKNtWD47hI6x8UTu5lrnlTXERaBpEoVrdnmoaKNduM2B9CF17Ce1W72w1PiZ2sMHTYUrZybksqOTfC9hOTNgJrEJAg0HbZvIuWv_VEP6fT3WYWX1t3NsNgv-6Z5KFTc0U_Uu7eCH01L5e5EoSl_1_aBBhz-3Q0OoMoJA8skiGZZNAw7aYxu4H_3irAKzC_J7LyeHakXuTbEyZAOWcOUKrLtM0p1Q-zeNWmz8OZR5PLzQQP8ifGHFX3lcoMimn4VL9IoZtJbrqbPHtcpjetlRjs_yEOmCvQ68GG0Zydf34z-1B8hU1J6rO6Z_EM3eCPc1Poy8fR2pDwNtqsoDjEt9LLGomps7Y8RpFN1ldrmB5YAAS68Fdj85uFkxq5lbCdBJ94uWE6fCeBnrvAc11ZFKzpYrWkywyYwuJi5kSiXhK37ATSN_ISfToO1dY06UsMl4Iwg5XfUfnuT-Gx2tbRA3dAG8PXpGfc1_nSMdNgCuPctis7K_av9cCIctQSX5DW3KXqAfKhhgwqQIFWpbiKkUmB41PARc43tolMlDUW4dTyRy7owDIWLXJdkyQhdqQIsJH8f70v347XJz4w4XXF8iD0mEBz1QJ6Cw8ZKQTMFptkMH-g56eYgvG1a23wyo6JmAjqlzFs1NNFJfQD2v4lZRKfUchWvyYBSvBGTx4&sai=AMfl-YS6jdJuXcqPZld8IXzHCBUpVO1wJtlYPSl9MvDLaknDYEWWruphamSWLUxFGN3yMpKxX8HLJomyEY4FsDkVJNP4SYQjAHzYCSFuvaQtEv2W6gEBTrcPR-uF1DBdzyfFp_VXkyXT8fygntY8srkmztKHGOrWQ3iJmh5F-W0ZNSbocDLZGJXTGpvYmtsUk4Tx93OVQ-FU6_wmMLekZPzEFK1QbbjKsiOxEA&sig=Cg0ArKJSzHrS9G7v0MEaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=365&cbvp=1&cstd=360&cisv=r20220406.91955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 11 Apr 2022 11:07:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 8 KB
3 KB 16ms
8ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c955b03f3c0bab4ac70836d576a425ca53f96ffd1d3485c2b873ae26c1366f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 528033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2851
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 08:26:53 GMT
expires: Wed, 05 Apr 2023 08:26:53 GMT
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1836 0
64 B 99ms
68ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-egcumfWwpvk2qKfw82RlG2ZiJHx3ZUaQACLJWEXjytVSCaHxpgw3452V8mqO2q01gSuoeW0MNSr-BxvQtvURRxZ2K2iX4MhOfTxuh8Yv7DKzDScgpgdUHlOpfse5R1OzmFzCs7YumIS6rwmdJnnqkaMQkRIgpOaNY3pcHr925awWdgPVO2fzjQNQFbkp5CSPJ-vliY1sf7X666bjOGGlQgCZfp87N77RvHN8bB7NaL0G3fNwsCOCbJ1V4CPlKQ5juCAEfFlonFTPv6aknqCexHg463hP4WoTiJK_UDec7Fb7xT29FCzj2HLY6-kK7pOkMr8uEvS2YBVUNrJUBSKvAiY4kWkduRUBxVnx-_SOwVcieyjmpowQo4CPQ1b7QNFbVf0uBZSbw_qQclZcuevTCDCUtT1U_7718o8e2uu4xsmcYELIy5fUZxpcJ816kV_O3wXIAkfUSr0F1q8ofnD3Z5K1QSEV72bhOwe-EbHJXQSKCemiHQcqpjc-GfCcA_WJgPTzHbDvONdlCxRIiFeUQbrxa-eEe3Rq7qu7PQgmqjEZc1hyD2rluobOCd5nXotWqmBISplMjE3zIeT9iQbXe0Ya7OeJSG31LqYtFuDveQK6AmfYo13QU9AE20xbX9cntZ3_bA_YWsBFEu8WZ9BrxwLzuR1YAjLERsMh7Vaz2oege3M3nqjHBT4djnt8M4aXKs5KGUzPXrNRs0oOuGTIcxFL3mTyFIYVqky2Pl-xy79BeGHpvhjmbL0_qBA4ChhHeXAiIr2FjskB9QjbVF0QCDB2JyvcAMguqaY5II5KXlM8NC17u6A2aE8DJJyWaeX5FsT2rQNgTtBtoTrT7GYUZd6p2xi3nJBgWO7rwgREbRMxNZ4PBqWASYc9rSYKH28tf21HpX7uQsz-RtjUJvJUxp_wzPTaZyyQ2ZznJyd-vrMxTpQye2q-V88kyGV696rPJrDaH5R9aYE7vPuNOcwjMN5paxJyBL-iLnhOJslXdyPNkdZ8WC260oAjVBiYx2p3-pTJ1lqu6ifvudODx2SvFpyQQGpzcol2lS0J_X3H6043rXZJolyymkSrD-gIFYfFU248EFmu_Qa359GqAgvlxVLtnID2UQte9tZkkL-OyTcTBcUrY-vFhmP2PiPhfm0EotgdYqopItkD0PvGPSG_K18NOQAFZfx9VPDczPqfOydQ9pJI2IiRL95wp4j12jJBSiOyrtR81G-fVSa2xKP7lZ1VdP3sJypplAb-&sai=AMfl-YRUmdygO9l-6mz9oIwU9w9hnvqrvvALcZEqkpMqhvzqKg9vY_ZlO553R6PALE6rUSNsny1oBm7NFb9LNjZf01XqEPBEWr8VXnN0mg4jWz8_VwtEhPIdD8Z4j___uobuzpGPJVdTTyX5b3vVKpX9pIDKnFftQ_EP-8-k051x2tzOhxnkfF8XdipOxhUHkSv4mTRb2-Adu0iMT4aGB5zKGHjHs-SYp5s_uQ&sig=Cg0ArKJSzFi3vFgMEwHXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=364&cbvp=1&cstd=362&cisv=r20220406.31702&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 11 Apr 2022 11:07:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 8 KB
3 KB 18ms
14ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a3a195d0586fb0606a32858c771405b82daef0bf54f9900239004358051893

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 528046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2849
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 08:26:40 GMT
expires: Wed, 05 Apr 2023 08:26:40 GMT
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C522 0
64 B 94ms
70ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuomfGiL5gB76edWMW4W6WxVUsknfAHJK-i7bmGhuE1JI2KWUzjP9Sa3ywVnK48V0-Wvbmh7-mgZwZqxKpK_L37SrvRaFn4fHHIU8-EOUbOfRCg1ZTR-Ude3EYsD6Ex7NLtohugdDDtn3ObieZE4mjXLkFZPZvU8xK0trwjoDOjy5cUsp4mWOoB6kDVCRf8NsnKw2gfY_eM-BpXiAQZ1jtjzhzVBFjR8NY1WC2bS9FIo92Mxu4Z4u0JoZGuju82rtiqzU24G36185nLfy2TDj-tNBgNf8VZrvkdWezbG6KGgFFRHPtgc86cZ1kLQ1P8kw5Nhlnz_ErG4vvWxaL9uiLsyCg_3ouOTvTK-sahFToMMNdZ1u1uJE4z79V92XxlYHVz59oUNWgHH0RlnoWbwBg1LFoYKokN1QvqqY68p0gueadlnTzSVMmBqBEHOyuRTdN_w8V8Qpd5Rr7nCx9ehVuCOhaUEI_u42EJhDYEThukvDo3gcWYbdp-H76AYC-HUZMiS_Z6tz45j1v7rWCtdsJLNG2s_7msECTSdk_Hej6eL11x3Io3SviYhnVa5EauOtu43ip_3u41NElBVanoNLedr348MUHeyB9omPHWZfiV6iv0S6_Wlx5CfSYJaayi3_b_NMeXEB9XgI4pQWH3tY4Lq_JVDWpp3gZP0TZdc2hc2WuIkCqHjeHUh0hi1-SfMn6YpFx-IT50W7ux1HG_xWDGNxek9rQqJDOk5ZVsjsKiXiDovQLOtpOMeqUU147QEVEzFlAKutzcBtCt8CscMqCMvkcu_alOaMqlo2VPYROtC250HAJuPuWmbOeeCQq-3ST8ELxX7Jn8yn706F5sibbmyOgZ6pzdfgHv3bZ186P9cCuUahOrA3Wzu30xgi0pC9sfb8slTIEZSnfWAk8BDluonfBs-OIB6DphXHKZNMq5VAwd1UcgsSzbvSjj_tnm9dWnaaOLXpUrEESQ2xOvDOgD1oWwRjdtaEEFCQ9KvIL3_SJF0LSCBltRNUgSdrcZq2-0msXpIwzCItPiSOFFlc6XmetkljQI7oIswG2ovTkRbcZUniRgDofhOAPN4mCy0_2tGLZWnTLfJ3WTGUcgHuglyAvfa_i-DtPZg4p-6Ye0_gn5tYVRu-STT7MUYB_o7cqn-QQvz-W9r0hAMItsXA43rNeBlrzVdQ69o78dEuTQ8FP6oWgNkSIzjaOb9MTLENC292LibBkN4wX6FemGF18cWXYAqhUC8JIz02XE&sai=AMfl-YSFn5O5_gXp5tzNVxUOKel7tUPikd6ca5EgneMf6inIyV6fwnFrv82_z5RRsvsv9JBjnzVVd4dy10_zi03iWWE-9QTOg5WaOZmfmo7Jhv-GBv8xy6Dc_30wNkjc57FdtH912d7kXP0J9ErY_9Y_tf2oZMyJJg0faFQEmn9IYBjLYc6ezMWgA-hHcrE-X6nDZL8CQoLkk5J55Qy8HSO3f0r0GhRCmiVauw&sig=Cg0ArKJSzDuUyqxr4l2yEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=342&cbvp=1&cstd=340&cisv=r20220406.32818&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 11 Apr 2022 11:07:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12929797443785239284/ Frame 9DDE 95 KB
21 KB 35ms
34ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12929797443785239284/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5fb758f4ab1bb9159d6cc06de6bb91f8a40896e7ce76c81cb53da148360114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 327340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21347
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 16:11:46 GMT
expires: Fri, 07 Apr 2023 16:11:46 GMT
last-modified: Thu, 17 Mar 2022 16:08:16 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C158 0
622 B 82ms
64ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1o4eBLJs-p4JqdPmpDWERRFqk3k4qo6crRva7WmQ4wClSX5aGLrliUVmp0AjpGYe_l_S9HwQgM50ShFv2ZmV3BwcG4q7qRFNmu0LaypdbUgHifT7nh_zq7q8ShapcUFOD845YGWHyiShRqhMlYfY0nXYPRALsFY5uFGH-i2g-IzzPS-VnvKU4hBbUP10si-k2g1NHn_TEkuD9H_5oa-HcKoaZ3iMH6GHTz3-qW7NrbCcjjcK45DAEq07Q8QHwpKaA7iqJdr0ihD0hu3L2oJf436b-Oc-Gsefz7MhBnBToan8DvErwZpiFQVcIsccEpx73CmSw5SAahADNjPp0N8VGqu5HEjoX7izYgy0alpDxoXVgb2IP5zkonw59or9G3UKS8GiFxqxdp_J2q3nHzCOHeSmEZHW12HJutPbiJSUPiyfc9O_L4EgNpHzoXlq9lZO34_6fYymuPDDm6oZ89hlprjm6OGOclV-ezKuAgzdoUuxZM9ckL4ZAvZthMY8Z_LyNAGDV__eqdLivCYclq8-oQS9P6101BErnlaB7iEs_EAgG9LPjp0P5ncv2gvspeD_eet3hnichez3DHUNN6KCSjSXjPYS6fALpPy_-PMGiMpo3SEL9V5iene7ZepePdFV6C_DRLztGE2temYotEJYdAfp9ekM2h40T7ISxDku3-_DfebmHC7YyhjEikN_6Uc9bpQA-C0LhZbIu4rLCY_xOhuCsh7P4erfT_KszSq5a0dvCwXYUFTC7VqXmjFbp6mwa7T8WGR7rbjcfBAbk2IKwM-W8HZ7lPgmPndOLKnbj2l7BBWRlQQ0g0P-TTiPALVV3irkbYAvuMAdxhippEtKNrxwG-q4MKlvoa08UWWpGKZch1RGjOdoadFTjaaClmX5kR9uGCuQH41Iv_Ss68e2vE56ZSZ6w_nTr54AJliX-7s_jW6xK43xitKiA9f90pcEEqMimADViILxqD1g98qhFiDwz8Hss2aoVB4P20tkyX2dBeAVmjqsxQ-WftwF7GLUJ-iR54_Pmf6tBvKxde35LsQKbU38DoqwyTfzIr3COFqX-GQ8EZVYAWqEQLpcYqNEPCsxKXF-eRGtc4hExLHuRjRB1INoZTdlD-E8Ttz6eL_OiH3kJaIj8-7E1jxLFG1d5LYpa6gwapUx_8V9w&sai=AMfl-YS6MMSfJ2URpp3xu6n2ohgcaS0LjHJu2K-_JirrgEuKUb1wr9Q3z3IW19BXmU7H3qt9Gpw5CKgKFq6lDN7jQdwLzRsOFgTxPy7yAr6ZV6z44l_fgidoz1yNmR9-egbbKwHNP3L8BX9koBdPQcarRB8kYwS59bttkEPLkevrvg1t9NbIMSC9Nurkwr2QfYL1DVglr5_aovytWj5u2Vd9UwjGXhCRzQYVEA&sig=Cg0ArKJSzIwvdG98t8a5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=368&cbvp=1&cstd=366&cisv=r20220406.81544&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 11 Apr 2022 11:07:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 8 KB
3 KB 20ms
18ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c955b03f3c0bab4ac70836d576a425ca53f96ffd1d3485c2b873ae26c1366f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 528033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2851
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 08:26:53 GMT
expires: Wed, 05 Apr 2023 08:26:53 GMT
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 25A8 0
64 B 78ms
71ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUt1BmrNzAc3MVDc_elymESbr_OWdEqDomaPUm6x1wt2NDu4295e7DvhAnF7s05SBSDdIdgCSGbcuKn-bHJ_C041POOaghEVH2JEJSyBgstX41seJ8ipW3EJG4Ri0bVx2x2WiD41KqSTrMacX8mZmiM9BP6PlQhCVDJiEYZCx_tt4H_qL1HIpXmm547ROMkF1sDtrLWmotUESGF3l6N5sW9L6x54kYt0WIO_Qsw313hfrbCTzT6_Ks2tpl5rsblAdTjwYgWEyWTLIPCM3iI3i-n1rKUy8qnHDPG2A9pyk95TdhqQ0hwqLDR0_cbxNxwrIWNrwgIPu4kauNuFtDsG_dc2WTuNEb7uaED6rQijSa7B1Wp36eFdrJr0IhrOshWnAI35erG30rpOdH06IbXzGzSkebIV-RMnS81H_fySB9gUUGdKJ0wsJ9nFeeuH5xJwOqqn7rXvyBqKvwGXFv7kUKoRwGQ3Dl6NoMTVxqjXB8kHh6xBphTR2WUT2XoN5Fk0SKjsuAIK01bQ8IJU6-_H7qjB6OOJBzYFJ8WgrdpFmpClHc7DlQHllePnYOgPBQuvlw0feohKLunRzaMllAag0nGgnYI74LwGkk0ku6jba4KWnZb6uYgfgwOU3NDnok18UfaxC33ywN5SFLh-VkRL19UvopVC8KcyGCgp6L3t8Mswh7r9SjpncCDq2wY40fr8pizvPBt3RZwVXMfwC76Ct2Ua3sBLqSWkQ1QpKUE23yUxadcR_D6mlh034G2Dkj12NMYm1LLeqrnXPN4492lc8R5lpVyEGMbnGhO5kLD5uy4OGxU-rcvfB1Plm3_0Czvg9nT2M5zd_yIE7c8jaMqmaHH8ppzqXdW44CrMkXa-pHkTWKenT_qfQb1Q4t6TLEuNscnEPrjM1gUtPQQbRIeDk3FJgSy7Dy3MkZcinptAlfiiyn0kxy73td3dlgdT5drXN7vCvIYfdz6u2dxr6rSl_i0cCfpDHuYe3KRl003yBZDSbZvR07FzIvVwZCbHJ9Ns5agsyaTSRuDvkXUKOxA211Ylz28Y_YkHtyAg1PPKSRNAY6kLdAECsJwIuD4lPIk22m1fwQV-uVgrIXgn2cey0ZWCaGbY9gkxho0r73JdQpUXK8SSppCiVyErRzzYv8jOvO6lHez6o5sT-tOs2PZxDTB7yhes7x6eNlaL2fv6_PyAjLOWjTnbHSwcLUfxV_Nd7r-RtmSR9oggKPghXjsrp861N0bilnJEGJFlGKcEk&sai=AMfl-YR9lHp4Xpp5Op1J-Eqi3mzlsay2B_91wXoYdqpwtuULwOciynULmzfB9QMgbqVFmxLz9mMmzoyoybRrNwMlsRGHDGzx29eeF72NYMY9-mlCyjykKLMC2YMwDOVVD6AUMpULhmVjcAAjeto8SDx0q0IGk93S0IGSm9oRJJdkj5Fv7El6_5hE_gf_pa4fruJGEVo2JiNVxfHXTOVbccW5CgC484NwNy3xVQ&sig=Cg0ArKJSzGNXn0juMAtKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=367&cbvp=1&cstd=364&cisv=r20220406.14232&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 11 Apr 2022 11:07:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 / Show response
c.mgid.com/pv/ 0
67 B 130ms
110ms Script
text/plain 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1649675246174352664693&uniqId=02464&lct=1649203200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&lu=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&sessionId=62540bee-07389&pageView=1&pvid=180184e9a5e85b8ce11&site=299251&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/i/diario.mx.1102083.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6fa34234eae79bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1836 41 KB
15 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 10:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 10:33:12 GMT

GET
DATA 200
OK truncated
/ Frame 1836 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51c48769fc2b4cebbaf557abe166290376caf8bea4b8f6fc0c841892389cc9c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 605 B
807 B 40ms
15ms Fetch
application/json 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fdiario.mx

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46739e364f00c1aabc82a8ea6c23b5474737a241e7d0efcb3fe469ba1e0ce412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://diario.mx/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Mon, 11 Apr 2022 11:07:26 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://diario.mx
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://diario.mx
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 52FF 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 10:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 10:33:12 GMT

GET
DATA 200
OK truncated
/ Frame 52FF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 177cb30921183438467c757ecd6b41bebaea5fcb6c9f5e9c98002f7500e3bff6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C158 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 10:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 10:33:12 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C522 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 10:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 10:33:12 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 25A8 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 10:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 10:33:12 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame CBD9 236 KB
63 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Apr 2022 11:07:27 GMT

GET
H3 200 TEF_o2Business_22-03_DigitalPhone_300x250.js Show response
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 29 KB
5 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/TEF_o2Business_22-03_DigitalPhone_300x250.js?1648630454057

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a836b6682459d0345db14efc03d72e6f7619ae016339eb09f8757798dcb939b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5359
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6F41 6 KB
665 B 20ms
20ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500,regular,700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5534637385780799923/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf624cca88c1828e4dc1a61151d2ce6e826191ba2223f4cf4cdacc1d8a52981b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 10:30:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 11:07:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 11:07:27 GMT

GET
H3 200 DcmEnabler_01_248.js Show response
s0.2mdn.net/879366/ Frame 6F41 31 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5534637385780799923/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a37afa4795c0cede82ad0f73f60eafee5e13f6fb3d42a739354d9280966fe434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5534637385780799923/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 16:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11026
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Apr 2022 16:39:43 GMT

GET
DATA 200
OK truncated
/ Frame C158 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2fbfce552bc3fabfceeeeb5a7adf1d8c86db9962aefbd02000137e686966cb6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 25A8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f024f691539ef3f33b28ae9cf90cad2e034d859481c6389aed82927354d72826

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C522 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2a5d87fff0a0790e9e2bd44cc2dbca003ca23c0c1faeac920765acd7a368c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=EU%20removi%C3%B3%20secretamente%20el%20malware%20de%20todo%20el%20mundo%3B%20previene%20ciberataques%20rusos&sr=1600x1200&_u...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.19410042584816578&_v=a1&z=0.29230527764464775
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.19410042584816578&_v=a1&z=0.29230527764464775
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.19410042584816578&_v=a1&z=0.29230527764464775&slf_rd=1&random=1112285282

42 B
107 B

65ms
30ms

Ping
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.19410042584816578&_v=a1&z=0.29230527764464775&slf_rd=1&random=1112285282

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.19410042584816578&_v=a1&z=0.29230527764464775&slf_rd=1&random=1112285282
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8269 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 257451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 11:36:36 GMT
expires: Sat, 08 Apr 2023 11:36:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 43ms
33ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:27 GMT
content-encoding: br
cf-cache-status: HIT
age: 5257
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG34RV4K6FMDV6G1
x-amz-id-2: tEFXSmgkprG5Jw7iBcEcrDj5Gfr2Arr7AwwbY8NJ5BDjB4bRL9nehzAWxlrhvKW6ZW8KK7LheRI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6fa34236dfbf9bc5-FRA
expires: Tue, 12 Apr 2022 11:07:27 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
904 B 35ms
26ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:27 GMT
content-encoding: br
cf-cache-status: HIT
age: 6294
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG3F0R94819AK0XK
x-amz-id-2: 7EhZ7v77SUBqZG4SmP3QHGaUmQNEvQoqbc8skzEQkltu7S81gkYpZZr/vAozukpnbKgCzFi8C08=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6fa34236dfc19bc5-FRA
expires: Tue, 12 Apr 2022 11:07:27 GMT

GET
H3 200 frame.html Show response
d-1723231058573517239.ampproject.net/2203172113000/ Frame 339A 507 B
241 B 24ms
7ms Document
text/html 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d-1723231058573517239.ampproject.net/2203172113000/frame.html

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90d3ac3a689ea988058384916376e450be3143a816024f6b21ee2d9327a1632a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: br
content-length: 215
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:25 GMT
expires: Tue, 11 Apr 2023 11:07:25 GMT
last-modified: Fri, 18 Mar 2022 08:28:00 GMT
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3AD6 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 257451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 11:36:36 GMT
expires: Sat, 08 Apr 2023 11:36:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=EU%20removi%C3%B3%20secretamente%20el%20malware%20de%20todo%20el%20mundo%3B%20previene%20ciberataques%20rusos&sr=1600x1200&ci...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.8365393491755595&_v=a1&z=0.02950020755637217
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.8365393491755595&_v=a1&z=0.02950020755637217
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.8365393491755595&_v=a1&z=0.02950020755637217&slf_rd=1&random=1895985024

42 B
501 B

64ms
30ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.8365393491755595&_v=a1&z=0.02950020755637217&slf_rd=1&random=1895985024

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-36144332-1&cid=amp-Hc01O31a2Tevkc7y-IWIOg&jid=0.8365393491755595&_v=a1&z=0.02950020755637217&slf_rd=1&random=1895985024
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8C89 236 KB
63 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Apr 2022 11:07:27 GMT

GET
H3 200 TEF_o2Business_22-03_DigitalPhone_300x600.js Show response
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 40 KB
6 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/TEF_o2Business_22-03_DigitalPhone_300x600.js?1648201805424

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f299736cf2e1c4d4ab15e2d510e2cf0e6865d7139cf1cf19b9cf6fe558a8af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6497
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9DDE 8 KB
749 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500,regular,700,700italic

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12929797443785239284/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1ff18d939ccaf677e296feff6c714862be875c2be0087bfa27afeaad6a66ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 09:19:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 11:07:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 11:07:27 GMT

GET
H3 200 DcmEnabler_01_248.js Show response
s0.2mdn.net/879366/ Frame 9DDE 31 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12929797443785239284/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a37afa4795c0cede82ad0f73f60eafee5e13f6fb3d42a739354d9280966fe434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12929797443785239284/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 16:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11026
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Apr 2022 16:39:43 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7653 236 KB
63 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Apr 2022 11:07:27 GMT

GET
H3 200 TEF_o2Business_22-03_DigitalPhone_300x250.js Show response
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 29 KB
5 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/TEF_o2Business_22-03_DigitalPhone_300x250.js?1648630454057

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a836b6682459d0345db14efc03d72e6f7619ae016339eb09f8757798dcb939b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5359
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1102083/ 1 KB
930 B 49ms
37ms Script
application/x-javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1102083/1?pv=5&cbuster=1649675246730895484164&uniqId=02464&lct=1649203200&niet=4g&nisd=false&jsv=es6&w=726&h=228&maxw_1=726&maxh_1=205&cols=1&ref=&cxurl=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&lu=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&sessionId=62540bee-07389&pageView=1&pvid=180184e9a5e85b8ce11&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/i/diario.mx.1102083.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec6ac07fe47891ec4a8e6c6181c9114265ee67632237f8512c9f94b5f68416a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 6fa342384a9a9bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8875 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 257451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 11:36:36 GMT
expires: Sat, 08 Apr 2023 11:36:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mgid.js Show response
3p.ampproject.net/2203172113000/vendor/ Frame 339A 28 KB
9 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3p.ampproject.net/2203172113000/vendor/mgid.js

Requested by

Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bf37d2aeca211d8102a4486813beeafb539629790e712f6e861e86aa237da08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 15:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 503864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9174
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 08:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 15:09:43 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 56B7 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 257451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 11:36:36 GMT
expires: Sat, 08 Apr 2023 11:36:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E44A 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 257451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 11:36:36 GMT
expires: Sat, 08 Apr 2023 11:36:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 9DDE 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,regular,700,700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 407468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 17:56:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 9DDE 16 KB
16 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,regular,700,700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 507926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 14:02:01 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6F41 15 KB
15 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,regular,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 407468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 17:56:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6F41 16 KB
16 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,regular,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 507926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 14:02:01 GMT

GET
H3 200 badge.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 647 B
674 B 19ms
17ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/badge.png?1648630454048

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd0a4b69c75836d702bbb1b23a1073a4b2700696636fd316bfa6951275ba3cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 647
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 bg_img.jpg
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 24 KB
24 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/bg_img.jpg?1648630454048

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfa897fcf98209c6a47be5d29223fcf433d8bdca1d27d269bdcdea2152d84e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24394
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 26 KB
26 KB 16ms
15ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/bubblespritesheettiny.png?1648630454048

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 660 B
687 B 16ms
14ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/cta.png?1648630454048

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6391d8f50155e52f4c19d7c2d3002282146bfbe9f186ca62067215568ec51d4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 660
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 2 KB
2 KB 19ms
17ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/logo.png?1648630454048

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bae4a5df5ad2928d29b1664add68f4cc8070c283864945b9243cd09867270d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1554
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 typo_01_1.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 843 B
870 B 13ms
11ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_01_1.png?1648630454048

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63c6ce29acfc3dea165a10129a80604495ac91dd503c39902031083a905b3ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 843
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 typo_01_2.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 902 B
929 B 18ms
17ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_01_2.png?1648630454048

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82a9948086efe27efb38cdbeb7508bd2ad08319d69a2fae33bab65705bfe291b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 902
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 typo_01_3.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 795 B
822 B 19ms
18ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_01_3.png?1648630454048

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47ef927561a77bc135b5f621c7fee9c3985004689c23d74fc3fcb421b9384b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 795
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 typo_02_1.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 838 B
865 B 20ms
18ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_02_1.png?1648630454048

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2d4917e73617b7542f1c206cf5cf5b8f395c387584ff8c071eb75c4fe4f5746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 838
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 typo_02_2.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 636 B
663 B 19ms
18ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_02_2.png?1648630454048

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe66806b8d550d1aaff91d79b3bff67a841f4a0fb5ff84acad77c4f3315c4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 636
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1836 0
26 B 63ms
45ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-egcumfWwpvk2qKfw82RlG2ZiJHx3ZUaQACLJWEXjytVSCaHxpgw3452V8mqO2q01gSuoeW0MNSr-BxvQtvURRxZ2K2iX4MhOfTxuh8Yv7DKzDScgpgdUHlOpfse5R1OzmFzCs7YumIS6rwmdJnnqkaMQkRIgpOaNY3pcHr925awWdgPVO2fzjQNQFbkp5CSPJ-vliY1sf7X666bjOGGlQgCZfp87N77RvHN8bB7NaL0G3fNwsCOCbJ1V4CPlKQ5juCAEfFlonFTPv6aknqCexHg463hP4WoTiJK_UDec7Fb7xT29FCzj2HLY6-kK7pOkMr8uEvS2YBVUNrJUBSKvAiY4kWkduRUBxVnx-_SOwVcieyjmpowQo4CPQ1b7QNFbVf0uBZSbw_qQclZcuevTCDCUtT1U_7718o8e2uu4xsmcYELIy5fUZxpcJ816kV_O3wXIAkfUSr0F1q8ofnD3Z5K1QSEV72bhOwe-EbHJXQSKCemiHQcqpjc-GfCcA_WJgPTzHbDvONdlCxRIiFeUQbrxa-eEe3Rq7qu7PQgmqjEZc1hyD2rluobOCd5nXotWqmBISplMjE3zIeT9iQbXe0Ya7OeJSG31LqYtFuDveQK6AmfYo13QU9AE20xbX9cntZ3_bA_YWsBFEu8WZ9BrxwLzuR1YAjLERsMh7Vaz2oege3M3nqjHBT4djnt8M4aXKs5KGUzPXrNRs0oOuGTIcxFL3mTyFIYVqky2Pl-xy79BeGHpvhjmbL0_qBA4ChhHeXAiIr2FjskB9QjbVF0QCDB2JyvcAMguqaY5II5KXlM8NC17u6A2aE8DJJyWaeX5FsT2rQNgTtBtoTrT7GYUZd6p2xi3nJBgWO7rwgREbRMxNZ4PBqWASYc9rSYKH28tf21HpX7uQsz-RtjUJvJUxp_wzPTaZyyQ2ZznJyd-vrMxTpQye2q-V88kyGV696rPJrDaH5R9aYE7vPuNOcwjMN5paxJyBL-iLnhOJslXdyPNkdZ8WC260oAjVBiYx2p3-pTJ1lqu6ifvudODx2SvFpyQQGpzcol2lS0J_X3H6043rXZJolyymkSrD-gIFYfFU248EFmu_Qa359GqAgvlxVLtnID2UQte9tZkkL-OyTcTBcUrY-vFhmP2PiPhfm0EotgdYqopItkD0PvGPSG_K18NOQAFZfx9VPDczPqfOydQ9pJI2IiRL95wp4j12jJBSiOyrtR81G-fVSa2xKP7lZ1VdP3sJypplAb-&sai=AMfl-YRUmdygO9l-6mz9oIwU9w9hnvqrvvALcZEqkpMqhvzqKg9vY_ZlO553R6PALE6rUSNsny1oBm7NFb9LNjZf01XqEPBEWr8VXnN0mg4jWz8_VwtEhPIdD8Z4j___uobuzpGPJVdTTyX5b3vVKpX9pIDKnFftQ_EP-8-k051x2tzOhxnkfF8XdipOxhUHkSv4mTRb2-Adu0iMT4aGB5zKGHjHs-SYp5s_uQ&sig=Cg0ArKJSzFi3vFgMEwHXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1044&vt=11&dtpt=680&dett=3&cstd=362&cisv=r20220406.31702&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 11:07:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 8269 35 KB
13 KB 10ms
10ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 10:10:58 GMT

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 3AD6 35 KB
13 KB 11ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 10:10:58 GMT

GET
H3 200 bg_img.jpg
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 28 KB
28 KB 13ms
9ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/bg_img.jpg?1648201805415

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04ebc8f1d39bdaf71f4662df1b3f29791e293a92f74df98eebe188e7e1b07087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:40 GMT
x-content-type-options: nosniff
age: 528047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28722
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:40 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 26 KB
26 KB 13ms
10ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/bubblespritesheettiny.png?1648201805415

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:40 GMT
x-content-type-options: nosniff
age: 528047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:40 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 805 B
832 B 17ms
14ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/cta.png?1648201805415

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c33d99414c3d21b6bea681f84a066b95de52b71786069f07bdd30d1df6b3099f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:40 GMT
x-content-type-options: nosniff
age: 528047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 805
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:40 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 2 KB
2 KB 15ms
13ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/logo.png?1648201805415

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9811044d879df0d674981112c603bf044ab18e9165bfb9bca0f05d83d5381c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:40 GMT
x-content-type-options: nosniff
age: 528047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1809
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:40 GMT

GET
H3 200 siegel.png
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 579 B
606 B 15ms
12ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/siegel.png?1648201805415

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acef02cfff59ca6cef5f05a6a7cf7d67693e036fd89a14861cdf9e7c5986c658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:40 GMT
x-content-type-options: nosniff
age: 528047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 579
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:40 GMT

GET
H3 200 typo_01_1.png
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 1 KB
1 KB 17ms
14ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/typo_01_1.png?1648201805415

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

301c8c6a0cb900e60b3b3e884cfee57fe50026ceb814453a0e8233f3a1dd2315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:40 GMT
x-content-type-options: nosniff
age: 528047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1047
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:40 GMT

GET
H3 200 typo_01_2.png
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 1 KB
1 KB 23ms
21ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/typo_01_2.png?1648201805415

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4299d7e38a63c14e32f87ecea6fa1b3c9318b926af8d6d19827847c9f58aeec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:40 GMT
x-content-type-options: nosniff
age: 528047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1171
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:40 GMT

GET
H3 200 typo_01_3.png
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 1020 B
1 KB 23ms
20ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/typo_01_3.png?1648201805415

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebd3662a8fa08f92d9d3ab37752b5b82d80f2959d74e2a3ebce843e1f5933429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:40 GMT
x-content-type-options: nosniff
age: 528047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1020
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:40 GMT

GET
H3 200 typo_02_1.png
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 1 KB
1 KB 22ms
20ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/typo_02_1.png?1648201805415

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e29f95b45a8bb7680ee6ef14089475c75b1734caabce0d544362a866af3d72e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:40 GMT
x-content-type-options: nosniff
age: 528047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:40 GMT

GET
H3 200 typo_02_2.png
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 772 B
799 B 22ms
20ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/typo_02_2.png?1648201805415

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c00fbff94805a1189d8cb6b83067fd0da2113efca24f94bd7892eb26ba41a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:40 GMT
x-content-type-options: nosniff
age: 528047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 772
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:40 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C522 0
26 B 46ms
44ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuomfGiL5gB76edWMW4W6WxVUsknfAHJK-i7bmGhuE1JI2KWUzjP9Sa3ywVnK48V0-Wvbmh7-mgZwZqxKpK_L37SrvRaFn4fHHIU8-EOUbOfRCg1ZTR-Ude3EYsD6Ex7NLtohugdDDtn3ObieZE4mjXLkFZPZvU8xK0trwjoDOjy5cUsp4mWOoB6kDVCRf8NsnKw2gfY_eM-BpXiAQZ1jtjzhzVBFjR8NY1WC2bS9FIo92Mxu4Z4u0JoZGuju82rtiqzU24G36185nLfy2TDj-tNBgNf8VZrvkdWezbG6KGgFFRHPtgc86cZ1kLQ1P8kw5Nhlnz_ErG4vvWxaL9uiLsyCg_3ouOTvTK-sahFToMMNdZ1u1uJE4z79V92XxlYHVz59oUNWgHH0RlnoWbwBg1LFoYKokN1QvqqY68p0gueadlnTzSVMmBqBEHOyuRTdN_w8V8Qpd5Rr7nCx9ehVuCOhaUEI_u42EJhDYEThukvDo3gcWYbdp-H76AYC-HUZMiS_Z6tz45j1v7rWCtdsJLNG2s_7msECTSdk_Hej6eL11x3Io3SviYhnVa5EauOtu43ip_3u41NElBVanoNLedr348MUHeyB9omPHWZfiV6iv0S6_Wlx5CfSYJaayi3_b_NMeXEB9XgI4pQWH3tY4Lq_JVDWpp3gZP0TZdc2hc2WuIkCqHjeHUh0hi1-SfMn6YpFx-IT50W7ux1HG_xWDGNxek9rQqJDOk5ZVsjsKiXiDovQLOtpOMeqUU147QEVEzFlAKutzcBtCt8CscMqCMvkcu_alOaMqlo2VPYROtC250HAJuPuWmbOeeCQq-3ST8ELxX7Jn8yn706F5sibbmyOgZ6pzdfgHv3bZ186P9cCuUahOrA3Wzu30xgi0pC9sfb8slTIEZSnfWAk8BDluonfBs-OIB6DphXHKZNMq5VAwd1UcgsSzbvSjj_tnm9dWnaaOLXpUrEESQ2xOvDOgD1oWwRjdtaEEFCQ9KvIL3_SJF0LSCBltRNUgSdrcZq2-0msXpIwzCItPiSOFFlc6XmetkljQI7oIswG2ovTkRbcZUniRgDofhOAPN4mCy0_2tGLZWnTLfJ3WTGUcgHuglyAvfa_i-DtPZg4p-6Ye0_gn5tYVRu-STT7MUYB_o7cqn-QQvz-W9r0hAMItsXA43rNeBlrzVdQ69o78dEuTQ8FP6oWgNkSIzjaOb9MTLENC292LibBkN4wX6FemGF18cWXYAqhUC8JIz02XE&sai=AMfl-YSFn5O5_gXp5tzNVxUOKel7tUPikd6ca5EgneMf6inIyV6fwnFrv82_z5RRsvsv9JBjnzVVd4dy10_zi03iWWE-9QTOg5WaOZmfmo7Jhv-GBv8xy6Dc_30wNkjc57FdtH912d7kXP0J9ErY_9Y_tf2oZMyJJg0faFQEmn9IYBjLYc6ezMWgA-hHcrE-X6nDZL8CQoLkk5J55Qy8HSO3f0r0GhRCmiVauw&sig=Cg0ArKJSzDuUyqxr4l2yEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1043&vt=11&dtpt=701&dett=3&cstd=340&cisv=r20220406.32818&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 11:07:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 badge.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 647 B
674 B 11ms
10ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/badge.png?1648630454048

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd0a4b69c75836d702bbb1b23a1073a4b2700696636fd316bfa6951275ba3cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 647
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 bg_img.jpg
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 24 KB
24 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/bg_img.jpg?1648630454048

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfa897fcf98209c6a47be5d29223fcf433d8bdca1d27d269bdcdea2152d84e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24394
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 26 KB
26 KB 14ms
13ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/bubblespritesheettiny.png?1648630454048

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 660 B
687 B 15ms
13ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/cta.png?1648630454048

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6391d8f50155e52f4c19d7c2d3002282146bfbe9f186ca62067215568ec51d4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 660
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 2 KB
2 KB 15ms
13ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/logo.png?1648630454048

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bae4a5df5ad2928d29b1664add68f4cc8070c283864945b9243cd09867270d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1554
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 typo_01_1.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 843 B
870 B 15ms
13ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_01_1.png?1648630454048

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63c6ce29acfc3dea165a10129a80604495ac91dd503c39902031083a905b3ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 843
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 typo_01_2.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 902 B
929 B 16ms
14ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_01_2.png?1648630454048

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82a9948086efe27efb38cdbeb7508bd2ad08319d69a2fae33bab65705bfe291b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 902
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 typo_01_3.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 795 B
822 B 17ms
16ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_01_3.png?1648630454048

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47ef927561a77bc135b5f621c7fee9c3985004689c23d74fc3fcb421b9384b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 795
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 typo_02_1.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 838 B
865 B 18ms
16ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_02_1.png?1648630454048

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2d4917e73617b7542f1c206cf5cf5b8f395c387584ff8c071eb75c4fe4f5746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 838
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 typo_02_2.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 636 B
663 B 18ms
17ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_02_2.png?1648630454048

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe66806b8d550d1aaff91d79b3bff67a841f4a0fb5ff84acad77c4f3315c4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 636
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 25A8 0
26 B 44ms
43ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUt1BmrNzAc3MVDc_elymESbr_OWdEqDomaPUm6x1wt2NDu4295e7DvhAnF7s05SBSDdIdgCSGbcuKn-bHJ_C041POOaghEVH2JEJSyBgstX41seJ8ipW3EJG4Ri0bVx2x2WiD41KqSTrMacX8mZmiM9BP6PlQhCVDJiEYZCx_tt4H_qL1HIpXmm547ROMkF1sDtrLWmotUESGF3l6N5sW9L6x54kYt0WIO_Qsw313hfrbCTzT6_Ks2tpl5rsblAdTjwYgWEyWTLIPCM3iI3i-n1rKUy8qnHDPG2A9pyk95TdhqQ0hwqLDR0_cbxNxwrIWNrwgIPu4kauNuFtDsG_dc2WTuNEb7uaED6rQijSa7B1Wp36eFdrJr0IhrOshWnAI35erG30rpOdH06IbXzGzSkebIV-RMnS81H_fySB9gUUGdKJ0wsJ9nFeeuH5xJwOqqn7rXvyBqKvwGXFv7kUKoRwGQ3Dl6NoMTVxqjXB8kHh6xBphTR2WUT2XoN5Fk0SKjsuAIK01bQ8IJU6-_H7qjB6OOJBzYFJ8WgrdpFmpClHc7DlQHllePnYOgPBQuvlw0feohKLunRzaMllAag0nGgnYI74LwGkk0ku6jba4KWnZb6uYgfgwOU3NDnok18UfaxC33ywN5SFLh-VkRL19UvopVC8KcyGCgp6L3t8Mswh7r9SjpncCDq2wY40fr8pizvPBt3RZwVXMfwC76Ct2Ua3sBLqSWkQ1QpKUE23yUxadcR_D6mlh034G2Dkj12NMYm1LLeqrnXPN4492lc8R5lpVyEGMbnGhO5kLD5uy4OGxU-rcvfB1Plm3_0Czvg9nT2M5zd_yIE7c8jaMqmaHH8ppzqXdW44CrMkXa-pHkTWKenT_qfQb1Q4t6TLEuNscnEPrjM1gUtPQQbRIeDk3FJgSy7Dy3MkZcinptAlfiiyn0kxy73td3dlgdT5drXN7vCvIYfdz6u2dxr6rSl_i0cCfpDHuYe3KRl003yBZDSbZvR07FzIvVwZCbHJ9Ns5agsyaTSRuDvkXUKOxA211Ylz28Y_YkHtyAg1PPKSRNAY6kLdAECsJwIuD4lPIk22m1fwQV-uVgrIXgn2cey0ZWCaGbY9gkxho0r73JdQpUXK8SSppCiVyErRzzYv8jOvO6lHez6o5sT-tOs2PZxDTB7yhes7x6eNlaL2fv6_PyAjLOWjTnbHSwcLUfxV_Nd7r-RtmSR9oggKPghXjsrp861N0bilnJEGJFlGKcEk&sai=AMfl-YR9lHp4Xpp5Op1J-Eqi3mzlsay2B_91wXoYdqpwtuULwOciynULmzfB9QMgbqVFmxLz9mMmzoyoybRrNwMlsRGHDGzx29eeF72NYMY9-mlCyjykKLMC2YMwDOVVD6AUMpULhmVjcAAjeto8SDx0q0IGk93S0IGSm9oRJJdkj5Fv7El6_5hE_gf_pa4fruJGEVo2JiNVxfHXTOVbccW5CgC484NwNy3xVQ&sig=Cg0ArKJSzGNXn0juMAtKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1059&vt=11&dtpt=692&dett=3&cstd=364&cisv=r20220406.14232&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 11:07:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C158 0
26 B 48ms
44ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1o4eBLJs-p4JqdPmpDWERRFqk3k4qo6crRva7WmQ4wClSX5aGLrliUVmp0AjpGYe_l_S9HwQgM50ShFv2ZmV3BwcG4q7qRFNmu0LaypdbUgHifT7nh_zq7q8ShapcUFOD845YGWHyiShRqhMlYfY0nXYPRALsFY5uFGH-i2g-IzzPS-VnvKU4hBbUP10si-k2g1NHn_TEkuD9H_5oa-HcKoaZ3iMH6GHTz3-qW7NrbCcjjcK45DAEq07Q8QHwpKaA7iqJdr0ihD0hu3L2oJf436b-Oc-Gsefz7MhBnBToan8DvErwZpiFQVcIsccEpx73CmSw5SAahADNjPp0N8VGqu5HEjoX7izYgy0alpDxoXVgb2IP5zkonw59or9G3UKS8GiFxqxdp_J2q3nHzCOHeSmEZHW12HJutPbiJSUPiyfc9O_L4EgNpHzoXlq9lZO34_6fYymuPDDm6oZ89hlprjm6OGOclV-ezKuAgzdoUuxZM9ckL4ZAvZthMY8Z_LyNAGDV__eqdLivCYclq8-oQS9P6101BErnlaB7iEs_EAgG9LPjp0P5ncv2gvspeD_eet3hnichez3DHUNN6KCSjSXjPYS6fALpPy_-PMGiMpo3SEL9V5iene7ZepePdFV6C_DRLztGE2temYotEJYdAfp9ekM2h40T7ISxDku3-_DfebmHC7YyhjEikN_6Uc9bpQA-C0LhZbIu4rLCY_xOhuCsh7P4erfT_KszSq5a0dvCwXYUFTC7VqXmjFbp6mwa7T8WGR7rbjcfBAbk2IKwM-W8HZ7lPgmPndOLKnbj2l7BBWRlQQ0g0P-TTiPALVV3irkbYAvuMAdxhippEtKNrxwG-q4MKlvoa08UWWpGKZch1RGjOdoadFTjaaClmX5kR9uGCuQH41Iv_Ss68e2vE56ZSZ6w_nTr54AJliX-7s_jW6xK43xitKiA9f90pcEEqMimADViILxqD1g98qhFiDwz8Hss2aoVB4P20tkyX2dBeAVmjqsxQ-WftwF7GLUJ-iR54_Pmf6tBvKxde35LsQKbU38DoqwyTfzIr3COFqX-GQ8EZVYAWqEQLpcYqNEPCsxKXF-eRGtc4hExLHuRjRB1INoZTdlD-E8Ttz6eL_OiH3kJaIj8-7E1jxLFG1d5LYpa6gwapUx_8V9w&sai=AMfl-YS6MMSfJ2URpp3xu6n2ohgcaS0LjHJu2K-_JirrgEuKUb1wr9Q3z3IW19BXmU7H3qt9Gpw5CKgKFq6lDN7jQdwLzRsOFgTxPy7yAr6ZV6z44l_fgidoz1yNmR9-egbbKwHNP3L8BX9koBdPQcarRB8kYwS59bttkEPLkevrvg1t9NbIMSC9Nurkwr2QfYL1DVglr5_aovytWj5u2Vd9UwjGXhCRzQYVEA&sig=Cg0ArKJSzIwvdG98t8a5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1081&vt=11&dtpt=713&dett=3&cstd=366&cisv=r20220406.81544&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 11:07:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 52FF 0
26 B 46ms
45ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjuPUiVvNmYfO6nAV4633rfT2MCuvrarIEa4cGPoUQuCkNla3RyjO2qtosKKrxYhiBQ5CJ4Gzt6-Kf3DUksDCbZHxeztAE4WbYGXwILh2n-8kM3dPCftczV7zYN4Pvx_a3ryPltUmggJOnCxlE6hGQ34rLugsvb5DJ0Sy25PS8aBAtMGHAqW8qjlOdik14dxc7cWEtRuOArpZpwyGmPEp9HrK1ETrtHJaXKUFlCLahpSAa5FdnAaISjxeIayH2_SYDssS7ZAxOxRkc7AyHoKp58gB-hCYSTUR3lgRo7tBGND6uKXdDEqzTLqOBbBOCDSBYHUJJAMshEvE3MRzq1QUp7VBET5KGVn7-wK2OnglOSZl3Jp6vTzCAb8qGHka4X2nW_Kk8qqUbDown6QOEHlrXTt0lUcbxHKsaceFo5TefAhF669s3dOMNWhFKWYc6s8-47n3g69vxXKjX2yJeP_8b1bt5TuDYmoY8SFaAX6nS1fVB35SBEXUa8CsjKNtWD47hI6x8UTu5lrnlTXERaBpEoVrdnmoaKNduM2B9CF17Ce1W72w1PiZ2sMHTYUrZybksqOTfC9hOTNgJrEJAg0HbZvIuWv_VEP6fT3WYWX1t3NsNgv-6Z5KFTc0U_Uu7eCH01L5e5EoSl_1_aBBhz-3Q0OoMoJA8skiGZZNAw7aYxu4H_3irAKzC_J7LyeHakXuTbEyZAOWcOUKrLtM0p1Q-zeNWmz8OZR5PLzQQP8ifGHFX3lcoMimn4VL9IoZtJbrqbPHtcpjetlRjs_yEOmCvQ68GG0Zydf34z-1B8hU1J6rO6Z_EM3eCPc1Poy8fR2pDwNtqsoDjEt9LLGomps7Y8RpFN1ldrmB5YAAS68Fdj85uFkxq5lbCdBJ94uWE6fCeBnrvAc11ZFKzpYrWkywyYwuJi5kSiXhK37ATSN_ISfToO1dY06UsMl4Iwg5XfUfnuT-Gx2tbRA3dAG8PXpGfc1_nSMdNgCuPctis7K_av9cCIctQSX5DW3KXqAfKhhgwqQIFWpbiKkUmB41PARc43tolMlDUW4dTyRy7owDIWLXJdkyQhdqQIsJH8f70v347XJz4w4XXF8iD0mEBz1QJ6Cw8ZKQTMFptkMH-g56eYgvG1a23wyo6JmAjqlzFs1NNFJfQD2v4lZRKfUchWvyYBSvBGTx4&sai=AMfl-YS6jdJuXcqPZld8IXzHCBUpVO1wJtlYPSl9MvDLaknDYEWWruphamSWLUxFGN3yMpKxX8HLJomyEY4FsDkVJNP4SYQjAHzYCSFuvaQtEv2W6gEBTrcPR-uF1DBdzyfFp_VXkyXT8fygntY8srkmztKHGOrWQ3iJmh5F-W0ZNSbocDLZGJXTGpvYmtsUk4Tx93OVQ-FU6_wmMLekZPzEFK1QbbjKsiOxEA&sig=Cg0ArKJSzHrS9G7v0MEaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1123&vt=11&dtpt=758&dett=3&cstd=360&cisv=r20220406.91955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 11:07:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 typo_02_3.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 617 B
646 B 8ms
7ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_02_3.png?1648630454048

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceab57c0ac7560e29c40a091c5d02b9ad45226c1f712487949d4a4814597e8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 typo_03.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame CBD9 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_03.png?1648630454048

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8db6eb08f17b61cffa681b3b9452bc4b0160777440d3dd64571d92f9d5f43605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 diario.mx.1102084.js Show response
jsc.mgid.com/d/i/ Frame 339A 2 KB
1 KB 232ms
231ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/d/i/diario.mx.1102084.js?t=458243
Requested by: Host: 3p.ampproject.net
URL: https://3p.ampproject.net/2203172113000/vendor/mgid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fae64fda35ad2520c9976abfa73a0fc8b0c749baf5967d22b349f7f7b30ab3ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:27 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 95Z0RH8Y6QFM6BMV
last-modified: Thu, 31 Mar 2022 13:57:45 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: iGXCfAem/6Ph5v1rFVQ9sC7lcsT86rlAA9o6SrLn29CUbc7/ydSzjf3iNkCFVIxG8rWvgFl1Ytk=
cf-bgj: minify
server: cloudflare
etag: W/"ac8a49b771bdc32487ee1b43a9a7b9fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6fa342395a7d8ffe-FRA
expires: Mon, 11 Apr 2022 14:07:27 GMT

GET
H3 200 typo_02_3.png
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 681 B
711 B 8ms
8ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/typo_02_3.png?1648201805415

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e966ee449ae6c37429fe9714266168334128dcf1ec600825f06b4480cedda6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:40 GMT
x-content-type-options: nosniff
age: 528047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 681
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:40 GMT

GET
H3 200 typo_03.png
s0.2mdn.net/sadbundle/2261034370479767793/ Frame 8C89 4 KB
4 KB 8ms
8ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2261034370479767793/typo_03.png?1648201805415

Requested by

Host: b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
URL: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2e68d0b8741a66de4b226d957149c74d429ea72546805c59ba0df929556749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2261034370479767793/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:40 GMT
x-content-type-options: nosniff
age: 528047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3730
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:40 GMT

GET
H3 200 typo_02_3.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 617 B
646 B 7ms
7ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_02_3.png?1648630454048

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceab57c0ac7560e29c40a091c5d02b9ad45226c1f712487949d4a4814597e8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 typo_03.png
s0.2mdn.net/sadbundle/1673573227426754979/ Frame 7653 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1673573227426754979/typo_03.png?1648630454048

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8db6eb08f17b61cffa681b3b9452bc4b0160777440d3dd64571d92f9d5f43605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673573227426754979/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:26:53 GMT
x-content-type-options: nosniff
age: 528034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:26:53 GMT

GET
H3 200 Logiciel-Europeen-DE.png
s0.2mdn.net/sadbundle/5534637385780799923/ Frame 6F41 6 KB
6 KB 8ms
7ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5534637385780799923/Logiciel-Europeen-DE.png

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce4a19fa7f127e370e3f1d57310f9b75d4f499a5e39053ec968e9653e63886b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5534637385780799923/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 12:14:35 GMT
x-content-type-options: nosniff
age: 82372
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5642
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 16:07:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Apr 2023 12:14:35 GMT

GET
H3 200 Bitdefender-Logo-BW-web_b4fb7724-9c4d-47a3-be31-8feb53301b28_copy-01.svg
s0.2mdn.net/sadbundle/5534637385780799923/ Frame 6F41 4 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5534637385780799923/Bitdefender-Logo-BW-web_b4fb7724-9c4d-47a3-be31-8feb53301b28_copy-01.svg

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e951b97967974edc90373c03310475fdccaa7dc588c26a1cef531468ee65ba8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5534637385780799923/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1872
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 16:07:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Apr 2023 16:11:37 GMT

GET
H3 200 TS-Online-EN.png
s0.2mdn.net/sadbundle/5534637385780799923/ Frame 6F41 433 KB
434 KB 10ms
9ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5534637385780799923/TS-Online-EN.png

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8ca880e7b6e1c9e8c3ac1bcc2af218e61487f129476a63aedbd70fb8bfd707e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5534637385780799923/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:11:11 GMT
x-content-type-options: nosniff
age: 327376
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 443849
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 16:07:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Apr 2023 16:11:11 GMT

GET
H3 200 bd_Ukraine_300x250_filter.jpg
s0.2mdn.net/sadbundle/5534637385780799923/ Frame 6F41 11 KB
11 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5534637385780799923/bd_Ukraine_300x250_filter.jpg

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34fd64cb76eb4741e38f7017808414a2a3ba17c29bc6ecc236bbcad53a854ddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5534637385780799923/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:11:11 GMT
x-content-type-options: nosniff
age: 327376
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11502
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 16:07:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Apr 2023 16:11:11 GMT

GET
H3 200 Bitdefender-Logo-BW-web_b4fb7724-9c4d-47a3-be31-8feb53301b28_copy-01.svg
s0.2mdn.net/sadbundle/12929797443785239284/ Frame 9DDE 4 KB
2 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12929797443785239284/Bitdefender-Logo-BW-web_b4fb7724-9c4d-47a3-be31-8feb53301b28_copy-01.svg

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e951b97967974edc90373c03310475fdccaa7dc588c26a1cef531468ee65ba8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12929797443785239284/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1872
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 16:08:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Apr 2023 16:11:37 GMT

GET
H3 200 bd_Ukraine_728x90_filter.jpg
s0.2mdn.net/sadbundle/12929797443785239284/ Frame 9DDE 6 KB
6 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12929797443785239284/bd_Ukraine_728x90_filter.jpg

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e9d3064182da849b8637d791ffb85c2488385fb195421ac738b62dd25292da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12929797443785239284/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:11:37 GMT
x-content-type-options: nosniff
age: 327350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6305
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 16:08:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Apr 2023 16:11:37 GMT

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 8875 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 10:10:58 GMT

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 56B7 35 KB
13 KB 8ms
8ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 10:10:58 GMT

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame E44A 35 KB
13 KB 8ms
8ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 10:10:58 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A7CB 42 B
66 B 48ms
47ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvh9CEfcP7UEd4lzmKD7GALVybvDCvE2SwgGc4tfYJE0_mwC7YOcjhdnMTaZBigmVFkYj47kWKBprwWgJNquDx-dWNxvO6e1CgEpi7vkjfU82joMZIjcxNCfZyIIVhmEeb54yOCmYHU-SJd&sai=AMfl-YSvxDkoEHXkCaJ4xEZD1Uv-A6O0oJVqDYpELqGXru4y7JANSoPU0fNe2NNZlg8Rx6D9xrDqsd2ySRe4-7MNtV9jBkpUs8ERiWFB8ygnoLNsbjRcF8bWnrD6qZJYciC_&sig=Cg0ArKJSzEYcOU2nwijGEAE&id=ampim&o=1012,589&d=363,280&ss=1600,1200&bs=1600,1200&mcvt=1034&mtos=0,0,1034,1034,1034&tos=0,0,1034,0,0&tfs=764&tls=1798&g=100&h=100&tt=1798&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=964429694

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzM0N2M1YTg5YTljZTNmY...
s-img.mgid.com/g/11739850/492x277/-/ 13 KB
13 KB 45ms
18ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739850/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzM0N2M1YTg5YTljZTNmYWU0YTA1YzZiNThiMGI0NzkuanBlZw.webp?v=1649675247-FvDWl4vx7_4k5a6lgxGX7B3_5GVqJ-FUG3k2FzXVR90
Requested by: Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a1e30f1bc06b771318233a41c45114a00485c8ae2f744ff2cad69863d04281b

Request headers

Referer: https://diario.mx/
Origin: https://diario.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:27 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid: 41065cfb-46df-4197-9d7e-b6640898a238
age: 613180
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423b9b836951-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12876
server: cloudflare

GET
H3 200 diario.mx.1102084.es6.js Show response
jsc.mgid.com/d/i/ Frame 339A 236 KB
70 KB 203ms
202ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/d/i/diario.mx.1102084.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/i/diario.mx.1102084.js?t=458243
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c62cc90f5d9cb54c3b5ca998f23e05442177e167f93a8f9c747a522ccf8e6f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Q4N4XNHKGV94DCFP
last-modified: Wed, 06 Apr 2022 12:37:06 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: k2+/RTzUNiHW1ZRzagWr7covWBD2U6I90eAo4w/dzSKB0RV/Jgy6BxWy2Ym3SQ9+mbHzF8pF+Q8=
cf-bgj: minify
server: cloudflare
etag: W/"325b897a375fd8ec3c265f7cd5af5cec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6fa3423badb48ffe-FRA
expires: Mon, 11 Apr 2022 14:07:28 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 52FF 42 B
64 B 43ms
43ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaiTPs3IFrJQ8pK1AXICqJDmHg2gZULWgi3bevBQlJFgK0EOw3OJJ-Pz6Saeu-Y_59Z3etNuV5OSHdkNv_UfNCLLaTVIQ_sTZUr1S-pfPAhBIvK7OePg&sai=AMfl-YTNSKIBuY9uARp3NTXchlYghOXz0p0UrQQq3wXWnP75cdJDhEWPghPHuADhPxedn7gvoUncT2ivMTdqLduF3LudSsO-ykb1ViK3vBfJ8HkNvZXU4FTzMyg_uMAOqCZx&sig=Cg0ArKJSzA4ldke8dubWEAE&cid=CAASKORoiBHLvzaj7ZGEdsaF3C3vCpzpde1Bo9cNeXyTGCjL131QTuntuVA&id=lidar2&mcvt=1029&p=935,1033,1185,1333&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4151540049&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649675245316&rpt=1010&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C158 42 B
64 B 45ms
44ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoRvpYjLlOlfqqeNNfkkm_wu9XrUPaExPRHayH_KNCpmJMioziX9tWkbP31rQfEI62sUifAlmuhmygXBo6wyxS2LoYeeCB3mBz2PhNePpDPwP9AA0wtQ&sai=AMfl-YQ2b9K-OAyczFLFIKVqg73olseToHtV-bz9X_NtYH_H5G3ZRQf0rNX6vXHL9OGHje_lYA4jeYWP_Xt2IfD9TcMKhfkIhWdZPmRxk9c3Ov1Rw-jrTdm_scj7HBSv5TTL&sig=Cg0ArKJSzIz_cIgMAWOWEAE&cid=CAASKORosDIfy1_Vb0eEDuU9LteNhjEIHKS_Q-8WZw7NOxPBFewUmX6P-nI&id=lidar2&mcvt=1027&p=141,436,231,1164&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3018793917&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649675245302&rpt=1075&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 0
125 B 130ms
120ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1649675247487868541031
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/i/diario.mx.1102083.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6fa3423d0d279bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8269 0
22 B 45ms
44ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHMUu7gtUYt7cD8mQ3gO60ruIAQAAAAA4AeAEAg&bg=!vb6lvvrNAAZAkm7qYJI7ACkAdvg8WoaOjpZtEPsV0Bb1ZkrOjm_54j8lKI4U--qjzcca7epFe-NXLQIAAAHkUgAAAANoAQeZAzNcDcZpSzI3Z5aY5yoVwK2Vw7U6Tn71mMRVvTdUGYSqjOH7evDL5keYNWOdpcinei-ZMBTNCeAA8z3t07ZIzreUCy94bY8cpF9kGiT0goOZ8hQvHhEvojrCEQOlv3H9EtuN00rjulJKvJundrhVV0xOQ2TbQzq9wDgIZ4h3cDmhskMOrQNLOBWrUVLYM1HffI-tr569AD_JPrzPK-3DNR5Eja_KJ4FspctNezfHCsr4KjYhxTlib8JOW85acUjXL7tXmkTP8iMwP92pnD981RYyrffEB3OUQN6ln3inZrwlq9gCLcvaFoSL416XrOmVkwggzY-hrbsz0Z5l6VnNOYAyEUceqevSz_sagcOqtjhuFC8MMb2uBLMhoH7SpRG_x1c0d7dbMSFVXVtplMLDd0xwp9Spky0huZP6qLyg9VcCZlvonEuzwBHgAdr47zcZn34y22QXgLgpbYvoUYimt6im3d4M1B8ImrI1QEy6lHEGm489RgtrHlkdcsKEOdU1wXqex601Mhn_gwVBIE9o4Un53kfDjJhxeznzqN0RYli59l8Pr4Qu3cOpbk0ixfEQOl0_04Qq05do871Ci24zu_QzLgf1037WDWBAsQWfhseln3WvkU4ohh19-0Okqih7gie2AlPX7IggEhYpt827F03Gds2XPH56knQC_9bm6L0ts1UScyUcBpVA_39HrtDz3sUeIXCnBJlgVTpRYZ2OGONvlfBtVun-nij2_VeDD3xj_0qTgCZ3oxzq_Ck_zGND_zeKE0Uy0rHS5Vkjf6cR1qLNBoQTkwcmxLJ94gaR3qZUVpRHEVYQWAkmp3KbdTkr7N6c6OuqwL8R5lK8P4XfGebe7TiS-kw58gfftPSf6pMM4k3F0-HsH0bN5kvoGjB1AAf0FMwYi2eIYDnn6CopWVXVoATTrQNpzmx4pEaCU9jA3F6L9rnqYiVT8B-0m6y6pN0s-ehM5Uj0X9mFwIQcXcfG2dLV1QKTEGhGKaIUhrFbkIjmf15Lu0JdN1LIudoliZBt05ryfB2b1NLnpcOUTRCg7HCGfQe3ZZwOPXhRLWQnoCbTonWTD_9iHrXmevPnncpuFIs

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AD6 0
22 B 44ms
42ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bb_h_7gtUYvrYDtTX3gOD27CACgAAAAA4AeAEAg&bg=!6Oul66_NAAZAkm7qYJI7ACkAdvg8WrY2i5Z-GDQTWCmaC1z0UiRm8LVBEfIuYQAdXHsTMq5iZ6q-zAIAAAHzUgAAAAhoAQcKABJXA8vaPIy9W48oP5ave7ANGYSZAua0kFdrgcIfCkq3in0eNyBk_jhBKkCFE9NenOKymtxHRGvjl0aQ00dtjxUHVHPwH0Z9r3rjaP5BbCNwC6klPo5_k3K9k5N8zVAt8zjPyDFjl9SSPMqIaFL7Kd2ep4g8Z7tb_1B_oyQnSEHczNihSJMJmuzcTTH3TmZyiHS0bSoOeyGtqUFaIkg8_lrlW6YNoyezq5AoJiALFUSVSgKtkYtl66Xh6D-ghGVSjXsfKA5uOSk1zz-CLKrzPBt8sBmdKEKQEVMgpINbjxJMa1lcoFD6hvqbAi7h6J-RzpRQARAoLhTNo21c8tSXs3XaviJ3y_NTJoHAXJSGTNyeU9yX8Xx98TrbL5Mgkpy6ofaeejmDes-4WrCMH4mWMgebOwgwrEWEt-vPOGDkn-0t3ssbZaWSYejTfV9o-HJAL8swXDVx8gc49tF4JeuqCtwEiNztv0Ip6-8hqAeANdhrhfuIcTlChkmnpV2M7FW9FdG8GoJy9H3AyJheiajxBLpOmq_K4GEM8jLE2WFCwxtYIL0-x6V1MgFu7O-qY7qfQHEQW606tz1UVlsgl7Ea5rmxxuHAgR5qPoPMzKzBD2XUs9S7hRje88vQN7szNaOzMuwNQgvczqzYIEhhdSRvQ9831kwIin9g2eKyZ7hStvpvn9Yw16po77y8r5WaZhEH9e18ThvMZGoqfJSQccBX0WisFXlsPTYPTKyEHFNiDQnn4dEgcapPbvJdGXAOgHJQY3YUnQAI6laV73B3p2SfAQ1eyGyXSFrbbWzc582uIBU3Jobytpr-4ktYJRoRAat-_5Tf5sMNJ1JGndczpHrDGcYPZtIKEC3qFvJGSaZMa60JPZIKBNK8x6822WQRWZiRhi_Ekzk1Q1lVQ3vCBZnYxjBL9Vj1VlmEfj5RhP0OofL2-iRV7dUQSd7dBkLhANjwWnIoLkC3Hv5HylUp55xFqEhUH9-HOhwXsWkSMtAaw_RRMyAA4m2u9VfvS0ht

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame EABE 0
38 B 111ms
110ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1649675247575602672056
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/i/diario.mx.1102083.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6fa3423d7e5a9bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 / Show response
c.mgid.com/pv/ Frame 339A 0
186 B 111ms
110ms Script
text/plain 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1649675247626155787500&uniqId=0c4ca&consentData=&gdprApplies=0&lct=1649203200&niet=4g&nisd=false&jsv=es6&iframe=3&ref=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&cxurl=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&lu=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&sessionId=62540bf0-0f79f&pageView=1&pvid=180184ea00ca2815268&site=299251&implVersion=12&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/i/diario.mx.1102084.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6fa3423dd94f8ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 339A 2 KB
1 KB 16ms
15ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/i/diario.mx.1102084.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 2616
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG34RV4K6FMDV6G1
x-amz-id-2: tEFXSmgkprG5Jw7iBcEcrDj5Gfr2Arr7AwwbY8NJ5BDjB4bRL9nehzAWxlrhvKW6ZW8KK7LheRI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6fa3423dd95f8ffe-FRA
expires: Tue, 12 Apr 2022 11:07:28 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ Frame 339A 836 B
1 KB 16ms
16ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/i/diario.mx.1102084.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 4215
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG3F0R94819AK0XK
x-amz-id-2: 7EhZ7v77SUBqZG4SmP3QHGaUmQNEvQoqbc8skzEQkltu7S81gkYpZZr/vAozukpnbKgCzFi8C08=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6fa3423dd9618ffe-FRA
expires: Tue, 12 Apr 2022 11:07:28 GMT

GET
H3 200 1 Show response
servicer.mgid.com/1102084/ Frame 339A 13 KB
4 KB 36ms
36ms Script
application/x-javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1102084/1?pv=5&cbuster=164967524768377074665&uniqId=0c4ca&consentData=&gdprApplies=0&lct=1649203200&niet=4g&nisd=false&jsv=es6&w=767&h=4233&cols=1&iframe=3&ref=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&cxurl=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&lu=https%3A%2F%2Fdiario.mx%2Festados-unidos%2Feu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html&sessionId=62540bf0-0f79f&pageView=1&pvid=180184ea00ca2815268&implVersion=12&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/i/diario.mx.1102084.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2579ac00c30f497aa8894c3dc56180fd40ce5dfc741bfb27a53c94e16bb8486

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 6fa3423e29f68ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8875 0
22 B 43ms
43ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B60QY7gtUYvTwDuqOjuwPpb-NkAkAAAAAOAHgBAI&bg=!Hh2lHVnNAAZAkm7qYJI7ACkAdvg8WuLCvs0pCOAGUv8YzQE9cy2kIhopCokaq5pmKpNE7LG6xhvWJgIAAAGuUgAAAAFoAQcKAGiAmuqJG6uTfZk41Zm9YRSA7rKFRAb0VDzbqJfB-01oszdmwiO4Elh9kedaoVd2PDl_yU3dIN0g2hW4PklcDEi7xHeF7JWo_MVWwSVE5tf6qJeiv55x4Z6tliBpWbgRR5zyQnXkkJBaS5kC8sUg8f50PGPp7eXjlQFnMoTvFQkKcObyzqjsJK_0_1tB-BQJelkROrYgmDI4Ldopxf0lhmlIzftYKo41U97PIOqIuUzZF-hkQ-3AkIELhwlNgNfiJ0mtOei1tP4fNLCekBFK62iBWmhW6i3fkA4RY0KG4ylDYcVUPhkQQm3kL4qu6rZ6nDFCHDKXsPBS3HkjfjY6tlmZXQwUY9kJJi_23w_-5pDdKEumv3pSQ-zT4I9w-XGsazFBa4PQxEnMmw3WlHMEZKthNMCsDQVQjk10B4lkF5APBuMyK_nkVQqS99zB9lj7bYaZItWcqmOyXRogSHoTA2wvGNAvsOdEI1cWSCaplQCN8f3xNsXJ9uhq1SZ3nzod5y1VNamL8D-pkMXGp4jES_wgSLoyu0vdAU2u-CBQx4mr1C87hH27uxtwYUvKodRJ8FehfADTtbl_RkHA0bAxdgsFhkvnrja5zsp-L5Yr-1IiWIvb6xYePKvsdSo9gT0SgjcnVbr77Ao84Hdj9_9okv4rhRmiFLoGwKbb_DRjtVbVLjuW954epH6J6g9TpPmbmk8hFLRb_V-SpMz6Ip-7v1grrAAn17_aGaSCfOk7--4__nNFJrxBDnKKRO1sMGW5Q7gyPrchmLuWdbprrX9dckuhN-2wXuA0v9QQIv-_xfZUWVHNz57Pn1mZAok6shH8piVG9Irc-xjnXjq3V3Bi6FmQdTVzeS_amd1j-nLMWskxtJ0xsActOnqjinpA8kPyz7EZIzLH_vcp1u32aROojLD9mBtYCzs9JRk6wlI3Vqs_RmFMFWaLoxiofu6EF_HNQPRcF8pp9jtZ6h0h5B0GbL6o7KTX2h3CRoeeozKcQoaBwCCdoMZJJI1_uj8mJnZcxAP1ZTi92tAR_5o2awZHT7zlWbpUvhK9ermKO9a8S7WFdznEzEnS64VuEzezzmIP1luJEd6642UW_i6XoM4j_JPE9DX6IZTVxgKb6svo9sntUS1xIMFViyeiTOImg_E

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 56B7 0
22 B 44ms
44ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkzoC7gtUYouiD5rt3wOhopCIBQAAAAA4AeAEAg&bg=!wcKlwobNAAZAkm7qYJI7ACkAdvg8WoAL5on8o2gzoXgIctIFOPD8_JZjc4rS9TFfWiHVQafxaNQJQwIAAAGbUgAAAAJoAQeZAuWgufjVm1W2fGCLPTRWLowJ2Uw4U_JWuLq4nA7hao0PBfu23q5wJfUY0NmJsAokHLUZRtMAck6rFUCKls5XhUm1Z9ybQTRFDR1jGGbZ_cDBC1DSQ9TS5K7OtUT_STZYD_Ect3u7nfZOJo35rH-DR-jOWirJI0QD_MvY042UvNq8EVlKxs_X6Ruxc2ocqigL8wsSlhQG8EzJUF-BaJFqlojXODMaLQIRNstRpsXd-4RGoDa1tMpZVR-6nOsdvIJKMldt4hGuB3kyQgVG-doDXgwz4if7tnIrbDDG2rFoAaOLLV_notxHob6HmP3y6UUhXobkpRxS-4BlLYqDgb_7lPZztNt0b6WfXfLsKu1_NUBPAPSxM35xN0crPini7AEZYv8GoHmXv9xNGGPRecM72X4w4QWtSVAommEFc4e8uuzDPlQa9Ktp2SAhwOTdy5Xrb2jTO8CjsvEsI47o6Eem8etOTmgK0v0AVaM0XhRGkT1tq2-zsgElq7yuP7Iablzpa9yvdDPln87N9n2N9DS-JBqCEhKiiLiBshEqByFuSMS_Fe5NCZTKhz8sNCXgJkISHXvFiO5dtvstFJTtx5vQhhnHJVdEUYkC_R4A5dB0aZ6SElIdqHyqv2YZmKTcgixnQrRDQbBw8ZiSSLwvBSE58Lqaz3A_rLreSUhfJCd4VSSky9YPHD1vpW4oUOy32p9WBARCEpw2Fm0LbZ4ZDOeirbjmGNe1Ii_cTs9YIuVMCr7o1u4lOrDl8A7XQnZqrcqr1zfCd_c-wPBJ7C3vSJhogoyu0DhnbOSpChDjRcXmFDv-e1VGrGI3vNM-Yu9Ay1r_h6jAQFE07_qoFhKl1ptjTzv0SkDEC6lvC2JNU-WUYHmvlh2E2LHlh9W2Q-7IeEQY0Qg9QsYAxa4U49eMs_vPa8qKAgVCzzqxDxrOLmmqc8nnZEVV-wvdsb3oTndWySxBk1_MTcG1I77ZNCSpnYe6BiVQ78_TIeU

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E44A 0
22 B 44ms
43ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B56wd7gtUYqv4D4bPgAeelpfYBQAAAAA4AeAEAg&bg=!r6ylrOjNAAZAkm7qYJI7ACkAdvg8WuUYAQoIebkusoOymlq2PHXawFVUL7lnz_ex1oMg7wWMvxWM0wIAAAGTUgAAAARoAQcKADpxQ-0rARBBMRDvFnnWsSEA_TtephzpneXk9gmKLB5XoaSfolZm7OWCtC1Y1p5YnZkkwUeXAMzylIosmQL30c33gUeWPwpNtKxttKT1MEpInpJldjSYb3TOs4enTFfgLIwfEHNJ1vdZVtBOkQUTPmj9UfRM43mWMbf5hgvosIeLzrEB8gdhSMKHrThrJ3Oo9ICjmvKnZpbezXMSbidJz-5_IHLo43LWM24UAm4Wn3DwdvZ2egx1CrmtJDcd0mtndFH2SWeloJaK2syhXcE5ExxgUau0OWYipXpThENNuPLAEF8F54EfNQHHPR4umasx8jRlTco0r4n8qnwVRf0Ya31Oyk7ss1wOL-FGV60wd65ctaQf8mYR9wbUaD0YvYf2GwROAl_Wuss0gfcnDw83Hml6S983AY4mW3WhjAh1RDopaHfuzxB1ANnMHos3_x2rX5Fuh4rBixPhQzYwEHYmnirrhk9Cpvsl6dDMrw3gwHJyrR_zr-BpJe9EwtIt0dm0j4sce7mb1CHD9vbR0isa0tQnf-yQ04m15mLG-gezceqB-m-A5O50qM5BLQEYy95ZCL8sMXl_5n4qC5dzSq1dEbidtGIArBaWi4OLWOZmTIpdSkT0PvU9FA2V4RdstUxn0mjoVk5yaRE-35gFExOa0bTRDXtc984JQ42lOabjkwJrlmYJ7RL6hb2uWvufVNPwTVvVryWqq6ju7IJWup5s2ZfgF43iwXwzpRSOtM5U9p7jwrpl90gijGxiiI4eEzYYDOZMTdi5cOnoaR1jLY3odrfg0Hz5PthD5GsWYLdcq-LJO2KKwb8mhFCAEa442_hlUqNGQQ_zmDo8oMGo9UcpAPWaNLFMbObBCuj2WYU2VeGLIUy8yTHaXFUIKZxXU1uZoikagAqYfYLbgQpJwX1RBnLKueeeiwdmfh95tgOw0C3CXmdk-asrLBFgCv5VrE_k8EU3wXcCiNKSDGfWsQYdxBX62OtxQA_fJ7CrGYBRgRSFHHXqkHBkeooqkhsuL9lhNkd5gWAepmPjktb3iGDWHPM-cadmeusZ7kxN730NOtaZjILlLTAxHcC6ofK-mgK2kPT4M24J

Requested by

Host: diario.mx
URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzA2MmU1MTIyMTkzYmQ3O...
s-img.mgid.com/g/11739867/680x385/-/ Frame 339A 17 KB
18 KB 310ms
297ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739867/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzA2MmU1MTIyMTkzYmQ3ODhkZGI1NDRmMjc4Zjk3MWQucG5n.webp?v=1649675248-u_IQ_zNyCgNMiuSfHcX8AWfWUwJSE5p0Ytyn1Sv3LzA
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f048f38bbaface445ee3df770ce3b7f98f11c6bf4adfcdb19cb4329e23bc765

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 16:06:26 GMT
x-mg-request-uuid: 02364374-5ae2-47d4-80b1-e899a06b3656
age: 319642
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4ad79110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17486
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEwMTkyNC9kMmY1YzZkN...
s-img.mgid.com/g/12581133/680x385/-/ Frame 339A 745 KB
746 KB 60ms
48ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12581133/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEwMTkyNC9kMmY1YzZkNTQ0MTJmODM2ZDNiZWFmY2RmOGRmZjBhNi5naWY.gif?v=1649675248-HjHXhcASODCJC1Y_Mz_ULxxIcjH7Nd6rehUml4zjbFE
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e75895ecc2b04735e1a3993ac5fad3ec0cb0725b7383e89adb05c974e8e7450

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
x-mg-request-uuid: 4c11a2cd-5df4-4a5f-a4a5-0371400f5090
age: 611619
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 762861
last-modified: Tue, 29 Mar 2022 09:24:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4ad89110-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTM3LHlfNDk0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lOGE2N...
s-img.mgid.com/g/11739842/680x385/-/ Frame 339A 22 KB
23 KB 484ms
472ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739842/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTM3LHlfNDk0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lOGE2NWU4NjU5ZjcxOWZiMTFmNDMzNmZhZDIyZTNkZS5qcGc.webp?v=1649675248-he4yPdaOnZtSQdyE-6w1DG8dX2CjOaKADzUQUQsrPQc
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0331b1bdc2a7a3b68aebae09c2aea659b209e6f045aa07cb5980eb70ccf1d51b

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 13:33:31 GMT
x-mg-request-uuid: 9a2db535-774a-4955-9c59-606042db1693
age: 605734
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4ada9110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22796
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMS8xMDE5MjQvMDQyNzU4YjJkMTVkNzI4O...
s-img.mgid.com/g/12581080/680x385/-/ Frame 339A 19 KB
20 KB 52ms
40ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12581080/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMS8xMDE5MjQvMDQyNzU4YjJkMTVkNzI4ODY5NjZiZGM2MThhZDVlZWIuanBlZw.webp?v=1649675248-iyEmQK_ggfR8CEU5UdAQnGmO-ftGPf_7btBC_lIDS60
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dfe273c20a6597fb27cd1de2af2ee901021e295b9d836b5c6e345a0bf21e3cf

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 10:31:29 GMT
x-mg-request-uuid: ebb8b432-a408-43e5-bae9-91f404603822
age: 609096
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4adb9110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19516
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvZmU2N2U1NmZhYjE4NTc2N...
s-img.mgid.com/g/11739839/680x385/-/ Frame 339A 21 KB
22 KB 27ms
15ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739839/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvZmU2N2U1NmZhYjE4NTc2NGI0NTA1MTc0ZmExNjc2YTguanBlZw.webp?v=1649675248-4usWvElOtwuLp6ZlVvXBPa9XQ9N-feEWOl0ZhweIGj4
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497ac5f844b254645d922a6f8a765536bcd778430af9d8906de45aa543675a39

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 14:05:37 GMT
x-mg-request-uuid: 630d0173-5ff7-4fba-a186-a521b12cb2a8
age: 601214
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4adc9110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21804
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvMDZmMjAzZWRjNjcwOTExZ...
s-img.mgid.com/g/11739848/680x385/-/ Frame 339A 37 KB
37 KB 492ms
480ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739848/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvMDZmMjAzZWRjNjcwOTExZjUyZjFmZjdiZDllNGM1YzUuanBlZw.webp?v=1649675248-pQO9gR0SQKiXNq52WBB24BMAt73nOqI-qmvOdjGtJio
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd1b3f90c141f71dff3f261c6809cf4eb8f48edd84adf12b705bf9ed53b5d4bd

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 12:57:29 GMT
x-mg-request-uuid: 1e4dc0f1-fd18-4a3d-8c71-7247d56b0f5b
age: 607180
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4add9110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37544
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNzMyLHlfNjA2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC84OTljZ...
s-img.mgid.com/g/12581127/680x385/-/ Frame 339A 42 KB
42 KB 35ms
23ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12581127/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNzMyLHlfNjA2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC84OTljZTIxMTkwOTY0NWQ3ODhiOTM4OTk1NGZmMWYxMy5qcGVn.webp?v=1649675248-wyYxn-YdsD3usbohRo9yUTNeBg_KSRW0w9GEVVf0ot8
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2e368953489b3a0d73e16e530673860fa5ed9d0d9d4406861c0a3a9c9edda6d

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 09:38:15 GMT
x-mg-request-uuid: b19b31ef-f5f7-4551-90e2-cd96fb4c64ea
age: 607888
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4ade9110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42880
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzEwMTkyNC85OWE1ZDBiMTJhODhhYjJiZWUwN...
s-img.mgid.com/g/11739847/680x385/-/ Frame 339A 16 KB
17 KB 35ms
24ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739847/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzEwMTkyNC85OWE1ZDBiMTJhODhhYjJiZWUwNDYyZGQwNTllMDllOS5qcGVn.webp?v=1649675248-Rmfi6BM0cGQyULrkkBOYgIHACmhSFr41D2EFkP-JpCU
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bc38f8c2944364f2ac86f836273907f78ad3eeea6d84460d139af10a284fb2c

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 13:33:31 GMT
x-mg-request-uuid: 77299873-1f70-42bd-b31f-22a72452e259
age: 606732
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4adf9110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16846
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTFmYTdjZjc2MzNlZDJlN...
s-img.mgid.com/g/11739870/680x385/-/ Frame 339A 25 KB
26 KB 536ms
524ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739870/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTFmYTdjZjc2MzNlZDJlNjQzMGUxMWJiNTA1MmIzMDkuanBn.webp?v=1649675248-Ss05aJTd6BdA9CYpxVA3-cQEl78rZ7R2iOxxXwOgePw
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e190d14667396952b485a2340543f4a3a090402a40e3d749f636a383b193d6

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 12:59:35 GMT
x-mg-request-uuid: 7491be8c-137c-46c2-a168-51c09906feb7
age: 608028
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4ae19110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26078
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvOWZkOGFkNWU5ODE2MzgzZ...
s-img.mgid.com/g/12581068/680x385/-/ Frame 339A 20 KB
21 KB 546ms
534ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12581068/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvOWZkOGFkNWU5ODE2MzgzZDk5YWQ5ZWZmMzJmMWU2NTEuanBlZw.webp?v=1649675248-DWTIead7l_iZeOfPwm8sp-WfddB847ouhsvt5epb5HU
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74db7f67e5138b3d8f24c1423cc253351282e47ed0b755ee98d48bf44e089b86

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 09:59:43 GMT
x-mg-request-uuid: eb2c8aba-310a-48a6-b748-cc649e22e5de
age: 603709
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4ae29110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20904
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvMDg5ZmU5ODYyNTBjZjBiZ...
s-img.mgid.com/g/11739846/680x385/-/ Frame 339A 33 KB
33 KB 556ms
544ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739846/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvMDg5ZmU5ODYyNTBjZjBiZDk0YjM0OTkyMDNmZGI2ZWUuanBlZw.webp?v=1649675248-yLbqkC-wmyPjN4BivlNUdS-PWrz5C_YV21j6cVwuLR0
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1853c3fc583bb3ce493fb27545a98e91aed240adc3ad7cd8b1bcf1ebe85e8b8c

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 16:06:26 GMT
x-mg-request-uuid: ee6fb447-a1bf-47bd-9e0f-2e701dff119c
age: 612174
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4ae49110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33588
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNWRiMTQ0ZWRhM2MzMDdlN...
s-img.mgid.com/g/11739862/680x385/-/ Frame 339A 15 KB
16 KB 572ms
561ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739862/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNWRiMTQ0ZWRhM2MzMDdlNjRkODVjZDk2OTQyMTA0NTIucG5n.webp?v=1649675248-f7aqX405gziyVGJsatC5I87RVx67YesZpuk-CTKFCR0
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cd385387c15ee51730dac2c71c684b4b7fcc6e0ab9524f25568c84fa11045a

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 13:33:31 GMT
x-mg-request-uuid: f416cb45-4556-4493-8352-90328b9249ab
age: 331990
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4ae59110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15542
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTg0OGY4MmJmOGQzNjg3Z...
s-img.mgid.com/g/11739864/680x385/-/ Frame 339A 22 KB
22 KB 580ms
569ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739864/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTg0OGY4MmJmOGQzNjg3ZDAyMzk2OWE1NjdiZDZkNjUucG5n.webp?v=1649675248-sQqV1k4NsV8pVN7OOHhJa98xADj7_ZF06GqyOBC5lHo
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f4e9b11c6e1b1314bd917651251a10aeb3956fe712f9436cb91efae4b222153

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 13:28:28 GMT
x-mg-request-uuid: 2ebacaa6-53e5-4ff0-b07e-0bb2327b9f7f
age: 611099
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4ae69110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22088
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2I0YTNkMTMzZGI4ZjY4M...
s-img.mgid.com/g/11739876/680x385/-/ Frame 339A 22 KB
23 KB 590ms
579ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739876/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2I0YTNkMTMzZGI4ZjY4MTljM2ZlNzU0NTE2MDJjYjUuanBlZw.webp?v=1649675248-19h4fLeZU2vSUv1Dk6lyWXncvZjcDjiHIjWSz723-hw
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f562a0aeace42b63e1bd96200d145a0ae64dc49bdced48a9414476494e9f491

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 12:59:35 GMT
x-mg-request-uuid: 42ffb3d3-f0ec-4fa9-9707-92ae11c6d63a
age: 612563
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4ae79110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22628
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMTQ0MCx5XzcxOS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvNDMxY...
s-img.mgid.com/g/12581126/680x385/-/ Frame 339A 27 KB
27 KB 630ms
619ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12581126/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMTQ0MCx5XzcxOS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvNDMxYjMyYTkxZGJiMTJhNDI1YTlmOTcxMmQwNTQ3ZGQucG5n.webp?v=1649675248-UhLtnLfgWi0l4oOM8ifNSlPDA0WMwv5QlyV-uO9pYb0
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65a0032811e8d87e4705664100bd841170f8b7640beec2f345848010605193ec

Request headers

Referer: https://d-1723231058573517239.ampproject.net/
Origin: https://d-1723231058573517239.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 09:45:50 GMT
x-mg-request-uuid: 1ae98e15-cb6e-4929-a422-af8880068cb4
age: 605723
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa3423f4ae89110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27298
server: cloudflare

GET
H3 200 int_exchange_wages_ad.svg
cdn.mgid.com/images/mgid/ Frame 339A 1 KB
991 B 17ms
15ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/int_exchange_wages_ad.svg
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 2917
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FG314FBY34F9SQT3
x-amz-id-2: w3XE/4rB52NECD1R1i6L6dnogE7JQ9PyovEAeQWlEmnQO1kyIT/DwzXhDMk33l3ZDZyz+7AFLSU=
last-modified: Mon, 04 May 2020 12:16:53 GMT
server: cloudflare
etag: W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6fa3423f4bb68ffe-FRA
expires: Tue, 12 Apr 2022 11:07:28 GMT

GET
H3 200 i.js Show response
cm.mgid.com/ Frame 339A 1 KB
896 B 194ms
194ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1649675247868453688735&consentData=&gdprApplies=0
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/i/diario.mx.1102084.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be36932a3cb8549e01450e5723066700932a3d9e957bbd35bb8baf81695f09fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6fa3423f5bba8ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 339A 95 B
470 B 170ms
70ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=m3bs21jCrt74&zpartnerid=1532&zdid=1532
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://d-1723231058573517239.ampproject.net
access-control-allow-credentials: true
cf-ray: 6fa342414c3dd61c-MXP
access-control-allow-headers: *
content-length: 95

GET
H3

200

m
cm.mgid.com/ Frame 339A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=acb95b4b-060d-4a71-bd73-dc6ee672b124&ttl=1652267248

43 B
414 B

110ms
109ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=acb95b4b-060d-4a71-bd73-dc6ee672b124&ttl=1652267248
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6fa34241beff8ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=acb95b4b-060d-4a71-bd73-dc6ee672b124&ttl=1652267248
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55859/ Frame 339A
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=m3bs21jCrt74
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m3bs21jCrt74
https://pixel.advertising.com/ups/55859/sync?uid=0e834236-4bdb-4d27-a642-7778b39d351f&_origin=1&gdpr=&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55859/sync?uid=0e834236-4bdb-4d27-a642-7778b39d351f&_origin=1&gdpr=&gdpr_consent=&apid=UP9235de59-b987-11ec-91ec-027031e56216

0
405 B

16ms
14ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55859/sync?uid=0e834236-4bdb-4d27-a642-7778b39d351f&_origin=1&gdpr=&gdpr_consent=&apid=UP9235de59-b987-11ec-91ec-027031e56216

Requested by

Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55859/sync?uid=0e834236-4bdb-4d27-a642-7778b39d351f&_origin=1&gdpr=&gdpr_consent=&apid=UP9235de59-b987-11ec-91ec-027031e56216
date: Mon, 11 Apr 2022 11:07:28 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

google
cm.mgid.com/ Frame 339A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTNiczIxakNydDc0&muidn=m3bs21jCrt74
https://cm.mgid.com/google?muidn=m3bs21jCrt74&google_ula={guid},5&google_gid=CAESEBvZ5eqJmHnpMu7K1eXIjsU&google_cver=1

0
187 B

106ms
106ms

Image
text/plain

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=m3bs21jCrt74&google_ula={guid},5&google_gid=CAESEBvZ5eqJmHnpMu7K1eXIjsU&google_cver=1
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
cf-ray: 6fa34240cdc48ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=m3bs21jCrt74&google_ula={guid},5&google_gid=CAESEBvZ5eqJmHnpMu7K1eXIjsU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/ Frame 339A
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m3bs21jCrt74
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=7279381779277216537&gdpr=0&gdpr_consent=
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

0
239 B

9ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 11:07:28 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ Frame 339A 0
173 B 162ms
84ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=m3bs21jCrt74
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6fa342415b1339e1-CDG
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H3

200

m
cm.mgid.com/ Frame 339A
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=3O8DT6GM9PtbX1Spbssm&pi=mgid&tc=1

43 B
430 B

204ms
201ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=3O8DT6GM9PtbX1Spbssm&pi=mgid&tc=1
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6fa3424288438ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=3O8DT6GM9PtbX1Spbssm&pi=mgid&tc=1
pragma: no-cache
date: Mon, 11 Apr 2022 11:07:29 GMT, Mon, 11 Apr 2022 11:07:29 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/ Frame 339A
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6103523253312
https://an.yandex.ru/mapuid/operacom/
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1
https://t.adx.opera.com/sync?vendor=60143&uid=50A729EFA8FF7523
https://creativecdn.com/cm-notify?pi=opera
https://t.adx.opera.com/sync?vendor=60039&uid=3O8DT6GM9PtbX1Spbssm&pi=opera
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D$UID
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D%24UID
https://t.adx.opera.com/sync?vendor=60124&uid=3515075340165226367187
https://ups.analytics.yahoo.com/ups/58484/occ
https://t.adx.opera.com/sync?vendor=60112&uid=y-fSt_EUxE2uEfoYLjMh61OChikNq45irLXYEjBDA-~A
https://ib.adnxs.com/getuid?https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60141%26uid%3D%24UID
https://t.adx.opera.com/sync?vendor=60141&uid=778758867006050927
https://cm.mgid.com/m?cdsp=528163&c=37eb786e0972467b8e9e5786cb95bfa3

43 B
446 B

113ms
112ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=528163&c=37eb786e0972467b8e9e5786cb95bfa3
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6fa34243faa08ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:29 GMT
server: Tengine
access-control-allow-origin: *
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
location: https://cm.mgid.com/m?cdsp=528163&c=37eb786e0972467b8e9e5786cb95bfa3
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 95
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/ Frame 339A
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=60188564-7b27-458e-8660-0c9ea2398587

43 B
462 B

110ms
109ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=60188564-7b27-458e-8660-0c9ea2398587
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6fa34244ebe98ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=60188564-7b27-458e-8660-0c9ea2398587
date: Mon, 11 Apr 2022 11:07:29 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3

200

m
cm.mgid.com/ Frame 339A
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=fd1ed92a-5fb8-413d-9e4b-3427783a4c21

43 B
414 B

116ms
115ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=665953&c=fd1ed92a-5fb8-413d-9e4b-3427783a4c21
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: H3
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6fa34241ff498ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=fd1ed92a-5fb8-413d-9e4b-3427783a4c21
date: Mon, 11 Apr 2022 11:07:28 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 339A 0
239 B 11ms
10ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=mgid
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 339A 43 B
220 B 97ms
8ms Image
image/gif 3.120.1.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=mgid
Requested by: Host: d-1723231058573517239.ampproject.net
URL: https://d-1723231058573517239.ampproject.net/2203172113000/frame.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.1.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-1-163.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-1723231058573517239.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 11:07:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D1E 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 10:10:58 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 21ms
21ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

619f55a78a2ef7edfadad04b26cbfbe4c866fca6591671e533ada7f002a966fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 11:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10559
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040601.js?cb=31067009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 11:07:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B06D 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:08 GMT
expires: Tue, 11 Apr 2023 11:07:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 29F3 783 B
533 B 21ms
21ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

db55be914c685a98673220146959cf8cae4d1cd2e72687dcf9d2613660386064

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L1geGaUKFheRNntlPeEbMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://diario.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-L1geGaUKFheRNntlPeEbMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 11:07:29 GMT
expires: Mon, 11 Apr 2022 11:07:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js Show response
pagead2.googlesyndication.com/bg/ Frame B06D 35 KB
13 KB 8ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 06:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13627
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 06:53:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 29F3 0
0 59ms
59ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040601&jk=2815919348481803&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B06D 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bW-_cA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:07:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A2C 42 B
64 B 47ms
46ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsue2MrrsPqM4KSPsnKCCa0EiN-3ec1H7ebFyWxruJI169WX1jR23xuaB4dK5-0u21mPbwiBFWmu6ss5afa0tGGUBPAHrMXAui03KIdxNweoLfLyM5wUhg&sai=AMfl-YQRYjzmPc_Gq44K5Z2-XlMDMMjlaM0YbbB5-OcEYcdPk-4lRQwpiMhyHcGiwsf47sx5ZIWZgVF_Q538_KBvd2gKoUbuaGbB6Kw&sig=Cg0ArKJSzLBF95VwPTgDEAE&cid=CAASF-RoQ0244-q0VeX59RJG4KX6pHcofYM1&id=lidar2&mcvt=1000&p=0,0,100,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=588329291&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649675244586&rpt=3559&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
24 B 42ms
42ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022040601&jk=2815919348481803&bg=!goGlgcXNAAZAkm7qYJI7ACkAdvg8WgoYr8DxHqEOu_Ka8oRlO0iyeLCGkbV8MYSBZS3swNDiNPRZygIAAAB1UgAAAAJoAQcKAFavcgDfEsLK5xa6euJx86pw-G63hXLEKgKKD3jCG-3nlh_J34zf9IONHHJ-_DrtmgwPgS2QdRPw4MCau7oduPmaI8DooA84eAZAf-iE3StWs15ys8qMWpkCoDtSGRrM4HDWDGXLYFs3-YIh7G5AdM-xXtHtPF1Y59yBTg-ybgU6GVm8sLWdB16hR-azliCZtkoIftMDaP9nnphAxfVE8ia2Wd-m5-9BgWgCBh2Zb3zNFNsufVNJsTa2Ua9qpwXArIX0MEuvbjRXNYVtwT66Rp4WhbO2K5za44TJYFUb8sEwIFk18qsPZiuPrL565iw02zxzhTRu1nUSbEsXQ1mzWqH9NN1NXB84ewt-ekrfxMfbo-mQwWQoNvo_5oYBP-Js1Wn_QiPPzHAAfs63UIAT13g_ezfWTttAYEkLyQMW6IVtIdLjKue_USnjv8xMbY3u-cu_ZB4ZOxbW-vvT0-COueRqfbX4R6A0XgouMz1EgitqpHcJG124Gmu1gFubXyBnVmLJxhx99IkxzF8Q7LB61wiZNQni8Z7o_EZeP8mav5oNnq-RSk6vjAxHrZqTlC0rI876P7iJlS05KSMyyHT4gQj3fgfe1Lrdd5YZ_tHlKvSnONhZPAWhJhfztbhnFtKzsVfqGmaLgJ93oeAatSemO2_joB3BkoUDq7CoYlrKyiAVSeM0yGECMZkr4h5Hbsl7Sy7xi4DRjxeBO2lanU4NvePvnncbSy2pofS3W0eJ1RL9bcU6nPzPYFi5RqSVNDmKlndWpkYHoxdjtPjEdMV4vzwWJ-ljyUUJ5EyLCxPZ01miX4wJWbjWBW_UPBEGCLh7VWMiBGE-6oJBIRtHTOtfcsOkSerkIf9c0KKo_fApGlzMdOZJvDufkRTPe-zuXsjGtlfkhWRhhIMlIj9a6A7b1ZvR5VWasLmeGsPvomCNWrK9KwCZgU9rIePLhvGVK3-zfG-CNeRDWf3o_BJW8hcqv5UdKB3afrM4Ugim16GAaFbqZc0aoUgP2oWuig

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diario.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 i-noref.js Show response
cm.mgid.com/ Frame D77E 0
228 B 111ms
110ms Script
text/plain 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1649675249879176439082&consentData=&gdprApplies=0
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/i/diario.mx.1102084.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 11:07:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6fa3424bee2e8ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMKQifGxCRqKKC9UGKJAPXg&google_cver=1&google_push=AYg5qPL7390ouPw6zHMefBszWF_2dGK_XA3ns5icK6Xi10uYJZDOHOI2JsAbvkZTgmlCOMUbC4w1uIZQEUnwjuZe5P5e2pZ9WxL6

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 02:14:37	Name: __cf_bm Value: og72ojwmpwVgwNHPBNFjJh8UvFB1KWM5lDK.XDLjSuE-1649675244-0-AVUSbK9y2yMuGmvf0jqfNK/gHLkw/5o991L51+o7v2cWotd1x2I9CURY11w7N62H92rYC496UcuPLYal0yFbXDU=
.doubleclick.net/	1970-01-20 11:36:11	Name: IDE Value: AHWqTUmTbEKM6rONzv0sJJOt32VTkSoFW8GBch8Q_LBWQklVTsH-EnvENogJ85Ccesg
.diario.mx/	1970-01-20 11:36:11	Name: __gads Value: ID=97739a23b64adb51-22a2f5fb74cd00d4:T=1649675245:S=ALNI_MatZccEiA3QWLk95AdFTUmExoBu3A
.pubmatic.com/	1970-01-20 02:16:01	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 11:00:11	Name: CMID Value: YlQL7oX5hNXqwTltLxYvuwAA
.casalemedia.com/	1970-01-20 04:24:11	Name: CMPS Value: 3219
.pubmatic.com/	1970-01-20 04:24:11	Name: KADUSERCOOKIE Value: 1C92584A-041D-4A02-A63C-4909FC9870A9
.casalemedia.com/	1970-01-20 04:24:11	Name: CMPRO Value: 1204
.casalemedia.com/	1970-01-20 02:16:01	Name: CMST Value: YlQL7mJUC+4A
.advertising.com/	1970-01-20 11:01:37	Name: APID Value: UP9235de59-b987-11ec-91ec-027031e56216
.quantserve.com/	1970-01-20 04:24:11	Name: d Value: EE0BCQHwJYEA
.quantserve.com/	1970-01-20 11:44:49	Name: mc Value: 62540bee-9d50f-7d4dd-bb439
.casalemedia.com/	1970-01-20 11:00:11	Name: CMRUM3 Value: 2d62540bee2760CAESEPxvi6Kd1kWA7YmvFrUsv04
.spotxchange.com/	1970-01-20 11:00:15	Name: audience Value: 92393347-b987-11ec-92f8-1bf9ad920306
.adnxs.com/	1970-01-20 04:24:11	Name: uuid2 Value: 778758867006050927
.adnxs.com/	1970-01-20 04:24:11	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>7wMYp1!]tbPl1M>e)ZlrFUfJ+tGXxpOPTwOMB#R'[YX$TOsmwybWlC+X^W5JLG^3If)y3KL9D3I?t/t)2X
.yahoo.com/	1970-01-20 11:00:32	Name: A3 Value: d=AQABBO4LVGICEDpbewWBUIiJzXriGxOf4RIFEgEBAQFdVWJdYgAAAAAA_eMAAA&S=AQAAAqSQdbWpsf8gp0QNf7_SbiM
.diario.mx/	1970-01-20 11:00:11	Name: _ga Value: amp-Hc01O31a2Tevkc7y-IWIOg
diario.mx/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22QYYIZB.J9%22%7D%2C%22C1102083%22%3A%7B%22page%22%3A1%2C%22time%22%3A1649675247245%7D%7D
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: m3bs21jCrt74
.doubleclick.net/	1970-01-20 02:14:38	Name: DSID Value: NO_DATA
.e-volution.ai/	1970-01-20 02:34:44	Name: v_usr Value: e99ad56e-ed23-4b57-9dd2-2d2ebf82bbdb
.adx.opera.com/	1970-01-20 02:57:47	Name: UID Value: 37eb786e0972467b8e9e5786cb95bfa3
.adsrvr.org/	1970-01-20 11:00:11	Name: TDID Value: acb95b4b-060d-4a71-bd73-dc6ee672b124
.bidswitch.net/	1970-01-20 11:00:11	Name: tuuid Value: 0e834236-4bdb-4d27-a642-7778b39d351f
.bidswitch.net/	1970-01-20 11:00:11	Name: c Value: 1649675248
.bidswitch.net/	1970-01-20 11:00:11	Name: tuuid_lu Value: 1649675248
.360yield.com/	1970-01-20 04:24:11	Name: tuuid Value: fd1ed92a-5fb8-413d-9e4b-3427783a4c21
.360yield.com/	1970-01-20 04:24:11	Name: tuuid_lu Value: 1649675248
.adsrvr.org/	1970-01-20 11:00:11	Name: TDCPM Value: CAEYBSABKAIyCwje6eurxu3NOhAFOAE.
.zeotap.com/	1970-01-20 11:00:11	Name: zc Value: 640ea306-79fd-46e2-744b-51e850add48d
.smartadserver.com/	1970-01-20 11:44:49	Name: pid Value: 7279381779277216537
.yandex.ru/	1970-01-23 17:50:35	Name: yuidss Value: 9224961041649675248
.yandex.ru/	1970-01-23 17:50:35	Name: yandexuid Value: 9224961041649675248
.creativecdn.com/	1970-01-20 11:00:11	Name: u Value: 3O8DT6GM9PtbX1Spbssm
.creativecdn.com/	1970-01-20 11:00:11	Name: ts Value: 1649675248
.3lift.com/	1970-01-20 04:24:11	Name: tluid Value: 3515075340165226367187
.analytics.yahoo.com/	1970-01-20 11:00:11	Name: IDSYNC Value: "1762~249n:173n~249n:194k~249n"
.mfadsrvr.com/	1970-01-20 19:45:47	Name: tuuid Value: 60188564-7b27-458e-8660-0c9ea2398587
.mfadsrvr.com/	1970-01-20 19:45:47	Name: c Value: 1649675249
.mfadsrvr.com/	1970-01-20 19:45:47	Name: tuuid_lu Value: 1649675249
.mfadsrvr.com/	1970-01-20 19:45:47	Name: ssh Value: !mgid,1649675249
cm.mgid.com/	1970-01-20 02:57:47	Name: mg_sync Value: {"0":1649675248,"2":1649675248,"287839":1649675249,"3":1649675248,"371158":1649675248,"4":1649675248,"5":1649675248,"501037":1649675249,"528163":1649675249}

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMKQifGxCRqKKC9UGKJAPXg&google_cver=1&google_push=AYg5qPL7390ouPw6zHMefBszWF_2dGK_XA3ns5icK6Xi10uYJZDOHOI2JsAbvkZTgmlCOMUbC4w1uIZQEUnwjuZe5P5e2pZ9WxL6 Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlQL7oX5hNXqwTltLxYvuwAABLQAAAIB&google_gid=CAESEINe9mXiw1f1k4jG4QCPujo&google_push=AYg5qPIf21I8F8iEPk-Qnt9z6pUGJl7w2y86xXGWmy94Q4a47VNVLLAfZEfW1RDE30Zm_YVudBL9xl4z6c88qTjc1st4bEugtuA&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://jsc.mgid.com/d/i/diario.mx.1102084.es6.js Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html Message: The resource https://d-1723231058573517239.ampproject.net/2203172113000/frame.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://diario.mx/estados-unidos/eu-removio-secretamente-el-malware-de-todo-el-mundo-previene-ciberataques-rusos-20220406-1917147.html Message: The resource https://3p.ampproject.net/2203172113000/vendor/mgid.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3p.ampproject.net
ad.360yield.com
adservice.google.com
an.yandex.ru
b76ab0ac3a52548bde3de7d6a8af342e.safeframe.googlesyndication.com
c.amazon-adsystem.com
c.mgid.com
cache.addthiscdn.com
cdn.ampproject.org
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cms.quantserve.com
creativecdn.com
d-1723231058573517239.ampproject.net
diario.mx
dsum-sec.casalemedia.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
image6.pubmatic.com
jsc.mgid.com
m.addthis.com
match.adsrvr.org
mwzeom.zeotap.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.rubiconproject.com
rtb-usw.mfadsrvr.com
rtb.openx.net
s-img.mgid.com
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
servicer.mgid.com
ssbsync.smartadserver.com
stats.g.doubleclick.net
sync.e-volution.ai
sync.search.spotxchange.com
sync.teads.tv
t.adx.opera.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cm.g.doubleclick.net
googlecm.hit.gemius.pl
104.111.242.245
104.16.221.74
104.19.134.78
104.19.136.78
104.75.88.126
109.206.161.21
13.248.245.213
142.250.185.226
143.204.95.188
143.204.98.62
172.217.23.98
185.184.8.90
185.33.223.38
185.64.190.78
185.86.139.93
185.94.180.125
216.58.212.162
23.35.236.247
2606:4700:10::ac43:db6
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2008
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9d
2a02:6b8::90
3.120.1.163
3.126.56.137
3.33.220.150
3.66.2.206
34.98.67.61
35.186.253.211
35.212.212.222
35.244.159.8
69.173.144.139
82.145.213.8
99.80.100.5
0331b1bdc2a7a3b68aebae09c2aea659b209e6f045aa07cb5980eb70ccf1d51b
04ebc8f1d39bdaf71f4662df1b3f29791e293a92f74df98eebe188e7e1b07087
06322f7fee6a36bb28a4cd9a778f55582921f9a4cef82efaf4c3073432e418d2
0672bcaeae421e7b5b2c27ac2ee127c558623e89247b1f8e49aff76df86bd627
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09278f5e4175344bf9f92b8e2e7be3940da6ae4c067c21e66ea676fa8be58bee
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc767341f5096ffa31e024ece3bf7c036a5d3ca57d603c9bb8d48194b888c76
0d9c956283ef35eb9461e7a59732d284bf0aef0a31b683378530f643a6f615d2
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
117f08553daf24baa31254634efe7a9aa45c4062c44b5268c753c2acffbe8ef6
11883bf6d3210b3cce678cf89dda9ea759e68f9d74338a0a3be169fa2826459d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16adfd064401bcf61aba320c08da703112404b6a7338129018d0d799217f46bc
177cb30921183438467c757ecd6b41bebaea5fcb6c9f5e9c98002f7500e3bff6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1853c3fc583bb3ce493fb27545a98e91aed240adc3ad7cd8b1bcf1ebe85e8b8c
19f765745fed4a0e6c58e6b208fa381b899b3c850235e510a0ead9905550593e
1c00fbff94805a1189d8cb6b83067fd0da2113efca24f94bd7892eb26ba41a7e
1cee0d703a6ee8f65d8ca0646450eb4a4957c647dd083fa91d48dd8fe86dff1e
1cf70be5ebec019f43b92ca0e84f8ebdbc817ee5e30e44b6c13d33e7aa4b925d
1d4030e0fff5ab07441c8aac59995d771cb8a761faab7656d9bc112cabe9435a
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e75895ecc2b04735e1a3993ac5fad3ec0cb0725b7383e89adb05c974e8e7450
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
217b6de3bfa2f9d2f48dbab55bd6c2ffc2d4e72ccbb3030052548daa4436c3c2
22cd385387c15ee51730dac2c71c684b4b7fcc6e0ab9524f25568c84fa11045a
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2bffa36b4d5afb4600e507b727dab71f0401bec855dd731dfa3addd5de66d227
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2f299736cf2e1c4d4ab15e2d510e2cf0e6865d7139cf1cf19b9cf6fe558a8af1
301c8c6a0cb900e60b3b3e884cfee57fe50026ceb814453a0e8233f3a1dd2315
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
34fd64cb76eb4741e38f7017808414a2a3ba17c29bc6ecc236bbcad53a854ddc
393d8928cbad6719cc0eb8867ce7f7d82d542b6236016cf39d167d8e101f2965
3a836b6682459d0345db14efc03d72e6f7619ae016339eb09f8757798dcb939b
3b0750a71d3400b8273391c851d80c54e7874f011b206e5b2fd83280eae43dfd
3c62cc90f5d9cb54c3b5ca998f23e05442177e167f93a8f9c747a522ccf8e6f6
3d0f43b0f58367e8beb653852a0e7f118b8cb61b09c45d0104468cbf81b8df49
3e96d44180fbc28ad374613f5c43f446cb94c85a80d4edf87d513c5ca2b9b6d7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
3fba981d54c989b196c871ea7c908f8632c84ae005c3f3ce0d97d00979e0af66
4115db747c5190c3ed77fc3d651a748ba26c2e874cd1d81e8801f2171564a851
41a3a195d0586fb0606a32858c771405b82daef0bf54f9900239004358051893
4299d7e38a63c14e32f87ecea6fa1b3c9318b926af8d6d19827847c9f58aeec8
42da746c27f604c09280c26fb5ac1bb54aef198e5a54c61406b6376214f7580b
43db821d0f19dfb805c468c5ddbfe1d41b4811f3213494cc142ec53d32e80e72
441cd33b6ce031b5841705c21dce304afc2b19158c89d10fcc7b1709aa86af21
46739e364f00c1aabc82a8ea6c23b5474737a241e7d0efcb3fe469ba1e0ce412
470aabadf643aa13008e15d8b1a8b47618b795c681bc48e23ed1ae9856082bbd
497ac5f844b254645d922a6f8a765536bcd778430af9d8906de45aa543675a39
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e29f95b45a8bb7680ee6ef14089475c75b1734caabce0d544362a866af3d72e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51c48769fc2b4cebbaf557abe166290376caf8bea4b8f6fc0c841892389cc9c4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c603f48740c8c59472d32472b8127ffe056a69bf467be6da6929ea4ca8d9eb
58064f453e8498c7c1eaefdf585a74e6fc42ea1bef4fbdc580679e595ef1f825
5bb956972e397e72d2c6ae9a13e62e6119a4d5554fbeffd369719f6d0d38416e
5bf37d2aeca211d8102a4486813beeafb539629790e712f6e861e86aa237da08
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
5dfe273c20a6597fb27cd1de2af2ee901021e295b9d836b5c6e345a0bf21e3cf
5e9d3064182da849b8637d791ffb85c2488385fb195421ac738b62dd25292da4
5e9ef66f3e31e617eab0923cc3b3067f65302790a9e7f85421ee9075a9db9f41
5f4e9b11c6e1b1314bd917651251a10aeb3956fe712f9436cb91efae4b222153
6013eea0b91e0788c8648a37d5a92f18ada72b6b4f4f78f5761e4e052688b255
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
619f55a78a2ef7edfadad04b26cbfbe4c866fca6591671e533ada7f002a966fa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6306cd98b59065621aead5fac4c5c0ba5565d8a4480327370ebe325c80a64a6e
6391d8f50155e52f4c19d7c2d3002282146bfbe9f186ca62067215568ec51d4d
63c6ce29acfc3dea165a10129a80604495ac91dd503c39902031083a905b3ba4
6454288c3fdca64ab9decf97ad7aa3ad2760ae9557ab8b10205a880413dff4b7
65a0032811e8d87e4705664100bd841170f8b7640beec2f345848010605193ec
65a021c4cd4b8f48e945f360f94f042f254fe1ec52ea53b99375398e1e5b397f
6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c
6a747a144cd6b5b22943452c5def438deb7802b73103f12c09bcbb3f316365cb
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6bae4a5df5ad2928d29b1664add68f4cc8070c283864945b9243cd09867270d8
708da9c8d623d355473530811603abc8c1c641b152f4a5e976382e895b473a61
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74db7f67e5138b3d8f24c1423cc253351282e47ed0b755ee98d48bf44e089b86
75f4b157b71670a877c05d19cae7a2e7d9c4806b0e4d7bdf9aac6b47415020a1
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a1e30f1bc06b771318233a41c45114a00485c8ae2f744ff2cad69863d04281b
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2
7bc38f8c2944364f2ac86f836273907f78ad3eeea6d84460d139af10a284fb2c
7c23a6ee6f408600ad51820ee434387f523795bcd275937b01580e5ab41125af
7e966ee449ae6c37429fe9714266168334128dcf1ec600825f06b4480cedda6c
7f048f38bbaface445ee3df770ce3b7f98f11c6bf4adfcdb19cb4329e23bc765
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
811cc2ff79995a65d15f144e10306e96333f86385decef2d2d1f8a1eafee9940
8211f94bdb2b00b49a2f18ad88310fc979a60c37bd1e463d6c3cbcad2c84010f
82a9948086efe27efb38cdbeb7508bd2ad08319d69a2fae33bab65705bfe291b
854a4580bdae46c0106aa34c9071dd01534cfc685ec1121c9ce22b249f6b8f79
864f4dae39119db98cd9b41362f2f3a5890b3faa1ba952d13227af441ae0ef8b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8db6eb08f17b61cffa681b3b9452bc4b0160777440d3dd64571d92f9d5f43605
8dcbbd19b1407233619ab6b211b511524a07cc16e103ed342bfacf2997b7a133
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
90d3ac3a689ea988058384916376e450be3143a816024f6b21ee2d9327a1632a
939e9e2548b601111d957f68579325749eec537f414674d2fbee6143b2626413
96792674a014877b65c5bc183bde96dcd0cf418c40586ebe86493bab564d36da
9811044d879df0d674981112c603bf044ab18e9165bfb9bca0f05d83d5381c7f
99f8e7270bd05a17c82d813a4c731af3cde2b4211ab178a2995f193c46de3691
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e2e68d0b8741a66de4b226d957149c74d429ea72546805c59ba0df929556749
9f562a0aeace42b63e1bd96200d145a0ae64dc49bdced48a9414476494e9f491
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a37afa4795c0cede82ad0f73f60eafee5e13f6fb3d42a739354d9280966fe434
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b8ac9f65bac9526c9fddd8cfd27085244bc2178849434e41b8e99a2afe0abf
a63b9da51f4b39444ec7a36da8bcbe819b52ccda6efa3784742edf5d65ebc1e2
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a944e174cdde5a7b2f93d353d9adc5cfc6dfbc6e14b5a7ef96bd7875cc2625c7
a967f647aded782c4b265598527594c08d73cc9ed87d3ab846058f32f1ffc66f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acef02cfff59ca6cef5f05a6a7cf7d67693e036fd89a14861cdf9e7c5986c658
ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aef369863438aecfdb5c6fe33d2f1fe96c13fd1aa410239ba34759eff672db8f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2238a30fdb1a2e4b249ad3467ba16cb5f6a032553cb54e1b2e5bab804639f1e
b38b16469af42a9ac6c8f858f28f1d6c386a1b78da8a3c61f62e87a3b6e9f37a
b4403486644a457a9c387addae634a665199f7b43972f1a1ca85c091db59b097
b47ef927561a77bc135b5f621c7fee9c3985004689c23d74fc3fcb421b9384b3
b8ca880e7b6e1c9e8c3ac1bcc2af218e61487f129476a63aedbd70fb8bfd707e
b8e190d14667396952b485a2340543f4a3a090402a40e3d749f636a383b193d6
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd0a4b69c75836d702bbb1b23a1073a4b2700696636fd316bfa6951275ba3cea
bd1856b1988bcec7876a826fc3555fa32d2880d2e616350e24b163ec557fdc5b
be36932a3cb8549e01450e5723066700932a3d9e957bbd35bb8baf81695f09fd
bf9e3fdf2eb6d408bb3d27b2669c3effaae590be06718a97c9ec00dcd01dcacf
bfa897fcf98209c6a47be5d29223fcf433d8bdca1d27d269bdcdea2152d84e7a
c2579ac00c30f497aa8894c3dc56180fd40ce5dfc741bfb27a53c94e16bb8486
c2cdb6879eb52e2a5eb6486e1c67ddb4ee1ae921fce1aedb256dc6ef23565e4c
c33d99414c3d21b6bea681f84a066b95de52b71786069f07bdd30d1df6b3099f
c51886a949b6c89c9aeac2fd433cb7c079136c42c42a2b27f2cb02743e7f2a78
c6caa6f2fd721a58676564c583920f6ce76ac43adb2b1a0d4ffb369c3c532687
c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5
c955b03f3c0bab4ac70836d576a425ca53f96ffd1d3485c2b873ae26c1366f98
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd1b3f90c141f71dff3f261c6809cf4eb8f48edd84adf12b705bf9ed53b5d4bd
ce4a19fa7f127e370e3f1d57310f9b75d4f499a5e39053ec968e9653e63886b3
ce69c445e159f9b6a82dd74da98316aeff28850ff1c405cc81d8d38a0c1af5ce
ceab57c0ac7560e29c40a091c5d02b9ad45226c1f712487949d4a4814597e8ad
cf5fb758f4ab1bb9159d6cc06de6bb91f8a40896e7ce76c81cb53da148360114
cf624cca88c1828e4dc1a61151d2ce6e826191ba2223f4cf4cdacc1d8a52981b
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1ff18d939ccaf677e296feff6c714862be875c2be0087bfa27afeaad6a66ab0
d237d5feda9f5eac730e2365c8899cd3a9d08c14b76531381fb1d7c23fe601ad
d2eb7cc7477ee2180aaee79d29347afe0aac5a0d6e648b87140fc84ed6f8b742
d315287a2c6cbf290e1c0d157e167aa68ea4ba04ce85a7c95062ba87cd69a071
d758504500950bdf26c63adab5769eb1ce654bf1195a8b5a7c8ee2cfca8b6c58
da6443b822db25b55debc1839c66c2f0ab8ca149c8627b8eef2aacc6938412bd
db55be914c685a98673220146959cf8cae4d1cd2e72687dcf9d2613660386064
dc734d8068386a195d6691f56ba7d99c195c8c01ef750ebc4742d21d1c544b04
dcbbd42424e752542d1fb56ac07717bf9e163d7f9ebed84beb1634e611ef2dc5
dd9b7f3a802bcb2d7bfd0059b4ac28b2711255e9ef0699b2f063bbc110671bdb
ddf0d7b9cae58b4b91535381d70b5b902481329bf5e19b5e2bb2b2df37ea2cd2
df22327e1fbb5afb33b3b1ae5b595eaacd02d246ce82b1e407f68ea675090a29
dfe66806b8d550d1aaff91d79b3bff67a841f4a0fb5ff84acad77c4f3315c4ea
e01b4f8f485500360652216f22116d8e86897870d84f559adccb581c10f9be68
e1613ef30152a7fbf094e2242d5bfcbfb3b640c0f515279d93dbc2fa93c76f57
e2a5d87fff0a0790e9e2bd44cc2dbca003ca23c0c1faeac920765acd7a368c1b
e2d4917e73617b7542f1c206cf5cf5b8f395c387584ff8c071eb75c4fe4f5746
e39d8d1a1f8935d9609168b378a0caf1697fff05bfb0ade214447b65071f1f3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5000d1608f5e881ffac0ce07543e784791f624a9384e0994d7816984f6d5210
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb
e84419ebaac6f2588c4e89486c54aaa281b13ae5ce4fe24efec488234810b992
e951b97967974edc90373c03310475fdccaa7dc588c26a1cef531468ee65ba8c
ebd3662a8fa08f92d9d3ab37752b5b82d80f2959d74e2a3ebce843e1f5933429
ec6ac07fe47891ec4a8e6c6181c9114265ee67632237f8512c9f94b5f68416a5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f024f691539ef3f33b28ae9cf90cad2e034d859481c6389aed82927354d72826
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
f2e368953489b3a0d73e16e530673860fa5ed9d0d9d4406861c0a3a9c9edda6d
f2fbfce552bc3fabfceeeeb5a7adf1d8c86db9962aefbd02000137e686966cb6
f74c3e05748107cef06ce7449fe69855d19a8463c950167239995ffdb62a2461
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
fae64fda35ad2520c9976abfa73a0fc8b0c749baf5967d22b349f7f7b30ab3ca
fc6658c9138aff70858a788ca6487c36221d6b7aaef57122e9edd50d47dcb7b6

diario.mx Open in urlscan Pro 143.204.98.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

372 Requests

91 %HTTPS

45 %IPv6

43 Domains

63 Subdomains

41 IPs

10 Countries

5356 kBTransfer

10933 kBSize

43 Cookies

12 Outgoing links

Redirected requests

372 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

diario.mx Open in urlscan Pro
143.204.98.62 Public Scan

Screenshot
Live screenshot

Full Image

372
Requests

91 %
HTTPS

45 %
IPv6

43
Domains

63
Subdomains

41
IPs

10
Countries

5356 kB
Transfer

10933 kB
Size

43
Cookies

372 HTTP transactions
10 data transactions