elcorito.chat Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://is.gd/VIEW_PHOTO_oyqierna
Effective URL:
https://elcorito.chat/
Submission: On August 20 via manual (August 20th 2023, 8:38:18 pm UTC) from US — Scanned from DE

Summary HTTP 100 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 17 domains to perform 100 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is elcorito.chat.
TLS certificate: Issued by GTS CA 1P5 on August 6th 2023. Valid for: 3 months.

This is the only time elcorito.chat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::6819:ea35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	170.10.160.83 170.10.160.83	32748 (STEADFAST) (STEADFAST)
1	69.10.59.181 69.10.59.181	19318 (IS-AS-1) (IS-AS-1)
27	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2 10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
100	22

1 2606:4700:20::6819:ea35 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 170.10.160.83 (United States)

ASN32748 (STEADFAST, US)
PTR: serverchat24.com

photo.hdd3.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.10.59.181 (Newton, United States)

ASN19318 (IS-AS-1, US)
PTR: popola.com

huevopollito.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

elcorito.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	elcorito.chat elcorito.chat	734 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	287 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	146 KB
10	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	89 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244 www.googleadservices.com — Cisco Umbrella Rank: 157	603 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62 region1.google-analytics.com — Cisco Umbrella Rank: 2102	21 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	347 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 424 fonts.googleapis.com — Cisco Umbrella Rank: 73	148 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3	862 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	113 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 14499	3 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 4802	49 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 13692	182 B
1	waust.at waust.at — Cisco Umbrella Rank: 38505	4 KB
1	huevopollito.com huevopollito.com	499 B
1	hdd3.one photo.hdd3.one	591 B
1	is.gd 1 redirects is.gd — Cisco Umbrella Rank: 64289	145 B
100	17

	Domain	Requested by
27	elcorito.chat	huevopollito.com elcorito.chat
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	elcorito.chat pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagmanager.com	elcorito.chat www.googletagmanager.com
4	www.googleadservices.com	googleads.g.doubleclick.net elcorito.chat
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	elcorito.chat googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	images.dmca.com	elcorito.chat
2	netdna.bootstrapcdn.com	elcorito.chat netdna.bootstrapcdn.com
2	ajax.googleapis.com	elcorito.chat
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	whos.amung.us	waust.at
1	waust.at	elcorito.chat
1	huevopollito.com	photo.hdd3.one
1	photo.hdd3.one
1	is.gd	1 redirects
100	22

This site contains links to these domains. Also see Links.

Domain
radio.elcorito.chat
www.dmca.com
www.google.com

Subject Issuer	Validity	Valid
photo.hdd3.one cPanel, Inc. Certification Authority	`2023-07-17` - `2023-10-15`	3 months	crt.sh
huevopollito.com SSL.com RSA SSL subCA	`2023-06-21` - `2023-09-19`	3 months	crt.sh
elcorito.chat GTS CA 1P5	`2023-08-06` - `2023-11-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
images.dmca.com R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://elcorito.chat/
Frame ID: 1971BD5FF18394FB27596D6435830553
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Frame ID: E72E47D00553389C694663D5EF109687
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&adk=1812271804&adf=3025194257&lmt=1679705150&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Felcorito.chat%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894144&bpp=2&bdt=552&idt=261&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7502261053217&frm=20&pv=2&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=281
Frame ID: 059DBA2B3E7E2079F5A5DE0A320CC29C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288
Frame ID: 5D2C5015D40501FF693E7CA4DBB6F637
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=2005281337&adf=2296579135&pi=t.ma~as.8294562186&w=504&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=504x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894147&bpp=1&bdt=555&idt=291&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=357&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WwkMGbhi15&p=https%3A//elcorito.chat&dtd=293
Frame ID: 6A7A3919800354297D69D5551BF7258A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 51CD328775247D9366F1FBA6233AF471
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 309A3DB7D47694415CFEF77D96C970B9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: 101B838796E76B3A862D9DF3EEC1301F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: 58E58200296B74C6F73CF5981C3F61E2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DC9CEA46FC105F95AD8ECF781B2D4497
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B102C46F6AAD266D82137593AC1592AE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Elcorito ▷ Una Vaina Bien! |CHAT DOMINICO-BORICUA|

Page URL History Show full URLs

https://is.gd/VIEW_PHOTO_oyqierna HTTP 301
https://photo.hdd3.one/VIEW-PHOTO_cserkor0g Page URL
https://elcorito.chat/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

100
Requests

98 %
HTTPS

82 %
IPv6

17
Domains

22
Subdomains

22
IPs

2
Countries

1944 kB
Transfer

4045 kB
Size

11
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://radio.elcorito.chat/
Title: ¡Chat y Radio Dispositivos Mobiles!

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=b79b6e7d-3d96-4b3b-8f80-3c7363e77180&refurl=https://elcorito.chat/

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en/chrome/browser/
Title: Chrome Browser!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://is.gd/VIEW_PHOTO_oyqierna HTTP 301
https://photo.hdd3.one/VIEW-PHOTO_cserkor0g Page URL
https://elcorito.chat/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://is.gd/VIEW_PHOTO_oyqierna HTTP 301
https://photo.hdd3.one/VIEW-PHOTO_cserkor0g

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 81

https://googleads.g.doubleclick.net/pagead/adview?ai=CoZM-tnniZOSFHdLtxgOoz5DICdHVyc5vvIyhzvwO4srIqf0rEAEgv568IWCVgoCAkAegAavjwNQDyAEBqQI9mh0vtj2yPqgDAcgDywSqBPMBT9AXMSKigtWhl73kN9ixNK94RleBAdXqBiHazTwzMLo9KZ48Zh5J70HY14Xf0bgOnWl6Sya8OnZIxo58yRks_AcLoRhYadqNeq77DMF1KykQoHJOYLsmUIJqZ8-2zVjcLVFLdrSYC0v0_IM205YsRLAYkNvACP8IfYHYZy6qK49D3h0qRByP4PoYF0_AU721DXKtc2ZJIyJPJeCQDcP25iTtu7jmKKp74vRTgowAbUbaS1wiNC7sNVBojuWc2Rnw_jgyvzTcq-O66uNdgJbxtJF3V3N3WPfSIKoIrrcGoMmi79DOAxSxbES6SIa6YZ0hSqpYwAS1pPjL4wOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHvZy_K6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKGpDdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCTNodHRwczovL2xleG9mZmljZS1sb2huYWJyZWNobnVuZy5kZS9za2V0Y2hub3Rlcy5waHCACgHICwHYEwyIFATQFQGYFgGAFwGyFxwKGggAEhRwdWItNDg5NjM3NTg4MTU5NTExNBgA&sigh=EfqX5R7f5Do&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWW4BsBI0KEuPN_0v8LnYuZDkvBGcr3hgB&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224066449091042493003%22,%22debug_reporting%22:true,%22destination%22:%22https://lexoffice-lohnabrechnung.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22982528427%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224810746144383039217%22}&andc=true

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 88

https://googleads.g.doubleclick.net/pagead/adview?ai=CmCgytnniZPa2HeS71fAP9qut-A3R1cnOb92XuYe7D-LKyKn9KxABIL-evCFglYKAgJAHoAGr48DUA8gBAakCPZodL7Y9sj6oAwHIA8sEqgTzAU_QV0Jy5Ff6d0R9vDff0YetHximBQ6N_ViwJIQCT7bwS3AKMwnNQlgM-SgnVKzENXArSMzBcnaGdTjfPoT5ItMH1TlEulbWcwWaPYCt130w0mu0nf9zNJPmY-vvG7h-fFbJe1DZoQqCvF2ok47l_8H_c5uTI6s3nFkzUgl5ydGgQ_oLqKsHhxozbzg_pT8HbF4Lua6tAttp01g3XBIYwEmcENzT6J0iJLrfWJO_iJYVCklp57jw50WaI5AQ6F-g4eFwu5z-iW_NZdZpxbbz4HbQ0qOY5R7aHE64_JhsURAnsRbGnoHIOJHykF79QnL_LJfwWsAEtaT4y-MDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB72cvyuoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDuvAXSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgktaHR0cHM6Ly9sZXhvZmZpY2UtbG9obmFicmVjaG51bmcuZGUvY29taWMucGhwgAoByAsB2BMMiBQD0BUBmBYBgBcBshccChoIABIUcHViLTQ4OTYzNzU4ODE1OTUxMTQYAA&sigh=VwxKLsyTZhw&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWKn9-EUe1VzpJmXNdNJIhWbP4rHRgThgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227131069206215340958%22,%22debug_reporting%22:true,%22destination%22:%22https://lexoffice-lohnabrechnung.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22982528427%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213134708974626912305%22}&andc=true

100 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

VIEW-PHOTO_cserkor0g Show response
photo.hdd3.one/
Redirect Chain

https://is.gd/VIEW_PHOTO_oyqierna
https://photo.hdd3.one/VIEW-PHOTO_cserkor0g

768 B
591 B

869ms
138ms

Document
text/html

170.10.160.83
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://photo.hdd3.one/VIEW-PHOTO_cserkor0g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.10.160.83 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: serverchat24.com
Software: LiteSpeed /
Resource Hash: 9a0493c889c58b96e508431fc9eac773683d9839bcaf3c0feef44afec85b2733

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 347
content-type: text/html; charset=UTF-8
date: Sun, 20 Aug 2023 20:38:12 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7f9d7043992c9193-FRA
content-type: text/html; charset=UTF-8
date: Sun, 20 Aug 2023 20:38:11 GMT
location: https://photo.hdd3.one/VIEW-PHOTO_cserkor0g
server: cloudflare

GET
H/1.1 200
OK / Show response
huevopollito.com/ 40 B
499 B 477ms
125ms Script
text/html 69.10.59.181
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://huevopollito.com/?api=1&lan=teampara3&ht=1
Requested by: Host: photo.hdd3.one
URL: https://photo.hdd3.one/VIEW-PHOTO_cserkor0g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.10.59.181 Newton, United States, ASN19318 (IS-AS-1, US),
Reverse DNS: popola.com
Software: nginx / PHP/7.0.33
Resource Hash: 36cd2759ed1fdcb9b931fac68414fa848200e2b7fd6ec344d57bf40799aa4a6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://photo.hdd3.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Aug 2023 20:38:13 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.0.33
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 Primary Request / Show response
elcorito.chat/ 22 KB
6 KB 218ms
86ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/
Requested by: Host: huevopollito.com
URL: https://huevopollito.com/?api=1&lan=teampara3&ht=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66625453601bcbcc54e1d678eb76162f1b117ea1d26c8bb2ad1aa8598d59d886

Request headers

Referer: https://photo.hdd3.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f9d704e79488ff4-FRA
content-encoding: br
content-type: text/html
date: Sun, 20 Aug 2023 20:38:13 GMT
last-modified: Sat, 25 Mar 2023 01:45:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKhAJ1URGvq0lNL5W2hxI6W0FqYQLygs%2F%2Bgf3wONUFIjYaY5P6MmE1hyhO%2Bi8AaJ69s21CY5peePe1sRzRpHbDwMyboM3QoPPiYagHyPfhTkmyKMSo1mJvUueXjM%2Bg2a%2F67ZuqpGJZHIZk5Q"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 audio8_html5.css
elcorito.chat/ 37 KB
5 KB 51ms
47ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/audio8_html5.css
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1d4cdd9e85ef7e00db8d1c1ef6fe8e352628e3b528a2e247dd1b779444a6087

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 Oct 2018 02:02:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 130764
etag: W/"938b-5bb18030-448c080;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Zyq6Naqve4LwsOL%2FEs2opTDPurhvU0MZ4tUDEpTjCFAZ2sHJv%2FgowpwICzRjcxT2Ual8Jfb9RZGZeQ23%2FVVwMJjpzWpbs6DCXLcg7IWblKc%2BDsPvvXJpZrk7g9rrTroJriJ8n1m1JyqyLqA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7f9d704f19b98ff4-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 26 Aug 2023 08:18:49 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.1/ 82 KB
82 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.1/jquery.min.js

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e1354fc542b617c58cbba3aeb5116a528cf08bb1299f5dc7f3bc77a3b902b68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:28:13 GMT
x-content-type-options: nosniff
age: 83400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83513
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 21:28:13 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ 233 KB
62 KB 217ms
122ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63865
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 05:57:50 GMT

GET
H2 404 lastfm.api.md5.js
elcorito.chat/js/ 0
0 90ms
86ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/lastfm.api.md5.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lCUxAQDH%2FWsuJqs29OIdbA4FaV%2FIqADRo%2B5C1KKTMXI9Z17405InyH%2BDQ4GKjQSfHW9lKjVfO%2F5ghp2nknthlkdjiVUVKp%2Fak4iLElhNsDs9jLiGJ56uhxMNk4sZc%2BmJgs%2B3HwQMgqZb9vY"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, max-age=0
cf-ray: 7f9d704f19be8ff4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 lastfm.api.js
elcorito.chat/js/ 0
0 91ms
87ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/lastfm.api.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEMl2KlPF8LZntTgqghxw85sxPMSzqmexCerf2Kq6ei4FaEdFFfcxytYQbTW9D6kImCAPVdDbcrTH%2FglgjvFThf0kQARMaeWPuhLVHY%2FpqrFV6CyINP0klRe%2FIS13iWCRrH4JcZ6sk6ubbiG"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, max-age=0
cf-ray: 7f9d704f19bf8ff4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 lastfm.api.cache.js
elcorito.chat/js/ 0
0 92ms
89ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/lastfm.api.cache.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjrNAqOHnqjrIBXLaS7fw12o2YchNRtHtIv39%2FZVwphOL%2B1k4RUZ4%2FCwKlSI6jWAM4cj3OhI8JotY%2BkO02sJOmVdwpYaz2bSMcgqSjQbxamprsDpAvwujKjzi7hZQ2dR0fTsBnw0A9NrkGow"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, max-age=0
cf-ray: 7f9d704f19c08ff4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 swfobject.js Show response
elcorito.chat/js/ 10 KB
4 KB 55ms
52ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/swfobject.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jun 2009 04:14:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 130764
etag: W/"27ec-4a308488-17e1680;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2F7Km0PJhKUyvxQKRklUoJU2Kf67%2F0Rz0aWCV1ezc%2FyudvGQxHyU%2BsPyYxJZaYFcsZRQ7jnba%2FW521vjDGvZ5eIzqtNP8AOETlPE%2FAOe4s9cDbHtAGGhWHwXCqd5h2%2BPqvjCWG5hp%2Fju5j%2FP"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7f9d704f19c18ff4-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 26 Aug 2023 08:18:49 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
elcorito.chat/js/ 1 KB
1 KB 54ms
52ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/jquery.mousewheel.min.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8104390115f92b27003b1e4e503ef59343ccfef4ac19751093544e8cfaeae26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 26 Jun 2014 07:11:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 130764
etag: W/"570-53abc7b6-17d1bb6;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uN8ZgkJ2NuteNxd4uyN%2BIg%2BHgRBvLGY3Y9Ljm1d06rJ5BBeO36kHppdxwQAitF4OEqjml4Ud0WzhtjS8S0lJaYaR21DCHQAJKQxJezTaYkrLiM9%2FZagRsLsllMI3ekvu6cGIxNt4yQhYjNY"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7f9d704f19c28ff4-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 26 Aug 2023 08:18:49 GMT

GET
H2 200 jquery.touchSwipe.min.js Show response
elcorito.chat/js/ 11 KB
4 KB 58ms
55ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/jquery.touchSwipe.min.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ab340987711378e8cb5582b1f97f6938037712213396d8e7c7f8fa7b1ab4e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Jun 2014 05:05:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 130764
etag: W/"2c99-538ea91a-17d1bbc;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bp1vXPzK1DCSRjY3AhkO7djm2E0YXJfcL04W3up2R%2FKjYZsl3D79h36ci8FVAXwi5doXzHxX1Zl2H2BL8MZccQ59IAmKvSJv9LNI1w20DkfxWOMb6oFAgHVqNPB3ku0wHzv0WE2riC4AzWzO"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7f9d704f19c38ff4-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 26 Aug 2023 08:18:49 GMT

GET
H2 200 audio8_html5.js Show response
elcorito.chat/js/ 57 KB
13 KB 90ms
88ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/audio8_html5.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3039294d93ec76b04b90caa559cfb3e21a2aea6707455068d28e23c9530c522b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Feb 2020 10:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 130764
etag: W/"e43a-5e58ece0-17dd81f;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aeb6eGW9LfbIcawkwzsbeDXTSOR%2F8MKVKegDVuVRA0oK4W6eEy4QGtRRdmiGrXFvyrpn3wGgPDgQHtTBUMkyOGe3xG0%2FzJdlFgGcIifs0XIznDLSwKqeHTpdohBIVEq%2BsmZSEEPWjTM0RH6z"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7f9d704f5a018ff4-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 26 Aug 2023 08:18:49 GMT

GET
H2 200 bootstrap.min.css
elcorito.chat/scripts/bootstrap/css/ 97 KB
17 KB 56ms
54ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/scripts/bootstrap/css/bootstrap.min.css
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a2de362f54e3c988cc8c9fbf68fe12018c8ae42fe11509a747f52f17834466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 130764
etag: W/"184dc-5e736f78-286312d;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoRqNR2S250Jpxt3nMcWCRiifS%2BMbvaQX9oDMJ86o%2BUx1jEBAgc%2FQAL8uvrc3y3J2%2BEs2YlWAnfyWbENQFtJ3tcB9Kk1G5COGSyMsHp0yhCR64d5BALg8BBCkRaIwqIW3a5DK%2FhP0RF0G%2FZx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7f9d704f19ba8ff4-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 26 Aug 2023 08:18:49 GMT

GET
H2 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 21 KB
5 KB 141ms
47ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601, 617, 617
age: 9906638
cdn-cachedat: 2021-08-03 04:14:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 6358afe6e12aefed963ad27f3935d6d1
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7f9d704fad53921f-FRA
cdn-requestpullsuccess: True

GET
H2 200 stylesheet.css
elcorito.chat/assets/ 22 KB
6 KB 55ms
53ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/assets/stylesheet.css
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 263e0ef22df06639af1fa219ae0ab49beff0ea390f9094ec777565f7256f86db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 130764
etag: W/"56e5-5e736f78-8c2f84;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oviVDVQ9DC%2B47JyYIUJFf1RoNMiK1Sb6ReAfUZGWSHW4Th7qNYL%2B2gw93mcPFDoVxJZrVDA4koxd29HGKOxcbMh4PndQM1ItFx7nI%2B%2FdyIumH37R%2BnfOqWpnaCqi7aWCW2KtHFkE%2BX8PBjQz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7f9d704f19bb8ff4-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 26 Aug 2023 08:18:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 157ms
64ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo+Narrow|Source+Sans+Pro:200

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16276cd617d79e11fadc14d55b183e303b4220dc7bb02cc71b4ab504442287c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 20:38:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 20:38:13 GMT

GET
H2 200 simpleparallax.css
elcorito.chat/scripts/parallax/ 749 B
633 B 55ms
53ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/scripts/parallax/simpleparallax.css
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a29a4c0bb4e5f3a765e711bf3463e29253bc45137107b05bfac1f5436c803da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 130764
etag: W/"2ed-5e736f78-4461d93;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaUEpp4PR6mDL88IIcV6dxZs7FAKqj8kkD0vdd9eWuATr%2FL9xz8cFl%2BB890V47w316kGnzV1K1X%2BbP%2FGdthA0kEHQSD7O1yFPpHqEmAuo8ZDQfQRHtC%2Fli9Wab3I8FV4Fy3ks3C3V7%2FQ1Fqb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7f9d704f19bd8ff4-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 26 Aug 2023 08:18:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
65 KB 160ms
64ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144973325-1

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad1bf1a65af50f8532fb64352af03eff59d8f6fa91cb2a9e2be8ce7c89fe8a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66192
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Aug 2023 20:38:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 204ms
108ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc374cb052c52b759d2fefd739e22fe84975a622a004708b83dc0b5b5dfd6285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50922
x-xss-protection: 0
server: cafe
etag: 352253943783593712
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 20:38:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
65 KB 151ms
55ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156928160-1

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e01511de08190908a8744534e0734b03dbb329a97450307aaa67c8622a833ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66190
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Aug 2023 20:38:13 GMT

GET
H3 200 todosconwebcam.jpg
elcorito.chat/images/ 173 KB
174 KB 115ms
112ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/todosconwebcam.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9779d8159d328d842f63cac031444d411a42c8dadfae9f2313e6e4369485274b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121489
alt-svc: h3=":443"; ma=86400
content-length: 177626
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
server: cloudflare
etag: "2b5da-5e736f78-dd356c;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Xik8BS8v7ktaX42JPupdrspFlNeq5aswiRPS7Wp4nVBscrf8iFYofXPV%2Bau62lDMP%2FUOTyprnVkdjnng83sCCsOPA5xOOvXMm%2F9JlQQGBI%2F6QyK1bJktwY86jogfqRwvJiN0vnNzmCrlX58"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f9d7050bdff37d8-FRA
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H3 200 webcam.png
elcorito.chat/images/ 4 KB
4 KB 194ms
192ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/webcam.png
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49883b2ff34194c5fbf2ed8a87a378de086a67334253d63d77ee02488c9d3f10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121489
alt-svc: h3=":443"; ma=86400
content-length: 4082
last-modified: Sat, 20 Feb 2021 20:14:30 GMT
server: cloudflare
etag: "ff2-60316da6-dd356d;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BsgJGsR%2FN%2F%2BHsTvLcoXNMu8bbo31wbt0VmgM7wdgYdjZubwpP%2FmY3GrEMt8Lpvb44PI%2FhJvQFpchpscgV1LQ9f%2FIG6RQAg3XzyQzEChbo50zqs6DToq4Au%2Bgm7tFJHsQIo5YLrsNxJTONdI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f9d7050be0037d8-FRA
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H3 200 dj.jpg
elcorito.chat/images/ 45 KB
46 KB 195ms
193ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/dj.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a77ea5147173c42b23e754663635f044a9fc9cae895aa1487e7cbe4a46ae156

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121489
alt-svc: h3=":443"; ma=86400
content-length: 46248
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
server: cloudflare
etag: "b4a8-5e736f78-dd1d17;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uy7PrZGaSWvg0ZT70qt8YWjo6QR7cTiruw36I6TvUcjzuZREkPXLYtnPyiOXndJRn9s49qnXxbSIFe3XxzqWRvMTKwuAdIx8tW3Fk8wdx4uKbbl2BZGfl6u3sliJcCVYAXzP%2FevCUtF4ZtFG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f9d7050be0237d8-FRA
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H3 200 salas.png
elcorito.chat/images/ 37 KB
37 KB 232ms
229ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/salas.png
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b302f3162063054c6c6a18ac90cc62e69a395912cd157dacd2d53e1d4b06597e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121489
alt-svc: h3=":443"; ma=86400
content-length: 37779
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
server: cloudflare
etag: "9393-5e736f78-dd3566;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14gYTfO%2Bf%2Bv1QWazR5R8zVp1Eun3B%2B8kKRvWv5PsCZzEeXtNGQ%2FXOV7XFNtWOEOQhskgX9sJQsYW9lPUAHdFLJOWe1Ljx2DXqGc91UkriP3woUIzW9g%2BAwZ82xFBoVNv%2FeEZ6PnUgjwt0FR8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f9d7050be0337d8-FRA
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H3 200 amistad.jpg
elcorito.chat/images/ 23 KB
23 KB 233ms
229ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/amistad.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 287441d6ca926bac6b7e4e50b48412faf12fa3654c80d3abd0f20dc420632eee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121489
alt-svc: h3=":443"; ma=86400
content-length: 23445
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
server: cloudflare
etag: "5b95-5e736f78-dd1d0f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HPZpmZ5iqCGFepszcS8As2t01PT8kiO6iMFGPDdgTF05uGBAK29I6HRI1IUpCp4XgEe6cgj5g%2FIPrDtQJwQROiIbDEe6jffHoRlrExCsGNincTaoH8Mf6uuiPY%2BDM8FqNhA51%2BvFVDN4S0b"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f9d7050be0437d8-FRA
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H3 200 contacto.png
elcorito.chat/images/ 13 KB
14 KB 233ms
230ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/contacto.png
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc2a934d09315618cc7d670f748958a584c14cb54a8619b455b71ec9f62fc887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121489
alt-svc: h3=":443"; ma=86400
content-length: 13598
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
server: cloudflare
etag: "351e-5e736f78-dd1d14;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYzGAaYoWJGp0sS8V9Zx5pl%2FbIZ%2FjI%2BciAWRJB7XNpCe%2F3TijmLMR1nDWOlEQnXN1DpfVFo7c2DcZHVxAMcLQP3FdNse6N68AYqQu%2BQrQJhRwWQnaK9gHPDuew6xjmswwONBFgpQVgx3ns4S"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f9d7050be0537d8-FRA
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H3 200 ligar.jpg
elcorito.chat/images/ 20 KB
20 KB 234ms
230ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/ligar.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e38ca9bffa82d9df246392811cb84323aae578099752e322751189cd897ab0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121489
alt-svc: h3=":443"; ma=86400
content-length: 20434
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
server: cloudflare
etag: "4fd2-5e736f78-c95bda;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fhPpvpe6EwbHAEaWkzdpGJkv7KqkXpBJbTlcpQLQ%2FrbFMvC1X587JZ5o4lB3PVoDv%2FXpKohJ9F3xdrFkVD8niVhCf5HamgNgkWQu%2FFp%2BS5o0lTEiWPVCWxiX1tns6aYTptc3rY2SZIqDKtj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f9d7050be0637d8-FRA
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H3 200 madura.jpg
elcorito.chat/images/ 30 KB
31 KB 235ms
231ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/madura.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5dba68d705ba20baa1e8133d51261af4897d351c3d861704aa280eabd710480

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121489
alt-svc: h3=":443"; ma=86400
content-length: 30818
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
server: cloudflare
etag: "7862-5e736f78-dd3564;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvDDBwOv1dipfnzXN428R6HyfBPAuDZxQ8kO7ob%2BNU4ZqZ8LjE4CYYuERXF4eVE8mDb18I9vuyAUmAKiR7hszQVx6iEOQx2z8N2%2FIYYnymu66dEYP6tyz3%2FXaXohfOGIl2te%2F5iL7anxtPlN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f9d7050be0737d8-FRA
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H3 200 18-30.jpg
elcorito.chat/images/ 28 KB
29 KB 236ms
231ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/18-30.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b894ff327ab4f945741b16af437bfe9d6b5e89d0726181528b60b8c2ddc017e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121489
alt-svc: h3=":443"; ma=86400
content-length: 28742
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
server: cloudflare
etag: "7046-5e736f78-dd1d0b;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGT55vcM%2FPtAmNTOc0AMIzvM8irWSmhEBqBjD%2BIMxuvZh1DMzmsnVVb08M%2BK4W70sxs05kS7axtDrM1hUOVhIHrnOyyEoKfgymxrMfaowDcidHyK22TBRKK%2FsqK3fh60YcffaqjdCAg%2FIizD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f9d7050be0837d8-FRA
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H2 200 dmca_protected_sml_120l.png
images.dmca.com/Badges/ 2 KB
2 KB 91ms
43ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca_protected_sml_120l.png?ID=b79b6e7d-3d96-4b3b-8f80-3c7363e77180
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 619f522608653b3074b1161f407de89e5806804729edacadd3accc0e1bf97a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
last-modified: Tue, 04 May 2010 23:19:10 GMT
server: Microsoft-IIS/10.0
etag: "26b76633e0ebca1:0"
x-powered-by: ASP.NET
x-hw: 1692563893.cds274.fr8.hn,1692563893.cds251.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/dmca_protected_sml_120l.png>; rel="canonical"
content-length: 2122

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
672 B 138ms
42ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1692563893.cds274.fr8.hn,1692563893.cds057.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 s.js Show response
waust.at/ 8 KB
4 KB 150ms
51ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/s.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1462
etag: W/"63c0411e-2170"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwkolScJcTblxWzyX9KetCtI5pdaZGy4s5Z6tMhu2092ZJeryph1yFgHrXuNYhHlpQ7WyTO%2BF2%2BFeKGpg1%2FBIBsbJLpIuO2S7JP49QMieWobSO%2Bvl9jIoU44FsHUl3dVMZD7I9CO"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7f9d70515b1d9c00-FRA
expires: Mon, 21 Aug 2023 20:13:51 GMT

GET
H3 200 jquery-1.10.2.min.js Show response
elcorito.chat/scripts/ 91 KB
34 KB 51ms
51ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/scripts/jquery-1.10.2.min.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 121489
etag: W/"16bb3-5e736f78-18013c6;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrvW2pf9WmOPPnDQAAUhuldA4fpb%2FVsC0prCuo9riBFmZDmUcN98v1PxNd4G7zsPRFK5lvgH%2BXlpcNew8BZ6kDUA4HypLzjbZ4h9y4GCnmXxS8jt51Y7DUjkhNdjOYzZzHopCmHEITp8psNz"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7f9d70509dba37d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H3 200 bootstrap.min.js Show response
elcorito.chat/scripts/bootstrap/js/ 27 KB
8 KB 76ms
75ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/scripts/bootstrap/js/bootstrap.min.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 121489
etag: W/"6cae-5e736f78-3093870;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54SbtVZPhxZVJ%2FmAfgtS2R59HgdP8IMw1nuiznLaOtuZuSwrEM3lxyhRQRtGy3sIqSwfwKJTTa47rlFxpqUwNG6bqsM6ZjLp9227c76ExJfa%2FiknQipJC6GxgOlZzYAMbROuoEISOQ4FmsG%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7f9d7050bdf637d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H3 200 landscape-bg.jpg
elcorito.chat/assets/ 130 KB
131 KB 236ms
232ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/assets/landscape-bg.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4fb502ca1cb75eab89973f7726007591fb388ebfdea4216faddca45118213c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121489
alt-svc: h3=":443"; ma=86400
content-length: 133560
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
server: cloudflare
etag: "209b8-5e736f78-8c2f83;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPKbFUNC1fF9xrffV8oDbvfuLI7l222vAh9TScdGcY9D9aaVAi8cFmqL2Hgs4d%2FIr7pdQdDXSIdjckUwJLhQ%2FAyfd4HuSiLMLOUpVA9Zj09XzkUouWfKyclB7RzA%2Bnpn5xEiF%2FlyWrf2vCtS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f9d7050be0937d8-FRA
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H3 200 default.js Show response
elcorito.chat/scripts/ 3 KB
1 KB 115ms
112ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/scripts/default.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c23dc6d33756a70efed4e2d27fd9314b2dca3ee7e0243fd552c041a61c6c5e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 121489
etag: W/"c3d-5e736f78-18013c3;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdQRBI9XDMocCV%2FVYaJtBQng5TnpEoFDcVmkFANU80XM5a3QNpyP%2FF%2Fq9YegnIrJ6GrPam9RtFdfD6hH6QGODhKxrz%2BN55Cbv9v18%2FnTQDaE%2FJXg%2BJphb1Zw%2F8bAF62M%2FL4J2JhCcxyyxs3L"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7f9d7050bdfb37d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H3 200 simpleparallax.js Show response
elcorito.chat/scripts/parallax/ 319 B
700 B 116ms
112ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/scripts/parallax/simpleparallax.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fd7fb85167ed50ef6b6e19d89b2f5dea7b32a133b02ec15744b5921f72e9751

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 121489
etag: W/"13f-5e736f78-4461d94;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8df%2F0%2FQIgjlOtuj5Hithl24HKdnoWvOEaqMhQ3iigv9uPgcv5lDCjQyLZ89h7iDnnRakrYxAwqtg%2FXy8w0zkdH30kdxeC76K5jwKBjh4Aej79WcgKpFgPjQWW%2FHuGBQEnxDHh0jXbhm9VD3b"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7f9d7050bdfe37d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 26 Aug 2023 10:53:24 GMT

GET
H3 200 2383_z3y7qw.jpg
elcorito.chat/assets/ 125 KB
125 KB 269ms
267ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/assets/2383_z3y7qw.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54ad56988bf78090ce07a5897636fcf8f1f4209a244c8ec03aa45d16f6309375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121488
alt-svc: h3=":443"; ma=86400
content-length: 127665
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
server: cloudflare
etag: "1f2b1-5e736f78-8c2f81;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiyoL6HfgF8s5emXngOMAG62UCeytdUvojDM6jtVgLJuT7yK0SDuR1%2Bq6ulMXslmkAwcBh59%2BlFcyERBCwNRCSEH7mFRV8ECz0GP%2BrfTruedag7%2BcKyVCowPLcrocstBUbEzovBs2W5HM%2B8Z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f9d7050be0c37d8-FRA
expires: Sat, 26 Aug 2023 10:53:25 GMT

GET
H2 200 tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3ms.woff2
fonts.gstatic.com/s/archivonarrow/v29/ 12 KB
12 KB 132ms
41ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivonarrow/v29/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3ms.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow|Source+Sans+Pro:200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c3ba3bf6bf1617ee7e82251b6d4193082545eeedc60979b031d772ffb5a878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elcorito.chat
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 14:22:54 GMT
x-content-type-options: nosniff
age: 368119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11808
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 14:22:54 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 140ms
48ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow|Source+Sans+Pro:200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec190e2f6ca2b272958e593e24827f3e51d2352733b509cbe1e30868b875bb7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elcorito.chat
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:13:11 GMT
x-content-type-options: nosniff
age: 109502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14428
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 14:13:11 GMT

GET
H3 200 fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 43 KB
44 KB 95ms
51ms Font
font/woff 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Origin: https://elcorito.chat
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1076
age: 108440
cdn-cachedat: 01/04/2023 08:53:03
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 44432
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "3293616ec0c605c7c2db25829a0a509e"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 649faa2b9f47ebcc06faed46a9219554
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7f9d70510b111ad7-FRA
cdn-requestpullsuccess: True

GET
H2 200 / Show response
whos.amung.us/pingjs/ 28 B
182 B 260ms
156ms Script
text/javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=8lruh7yuwp&t=Elcorito%20%E2%96%B7%20Una%20Vaina%20Bien!%20%7CCHAT%20DOMINICO-BORICUA%7C&c=s&x=https%3A%2F%2Felcorito.chat%2F&y=https%3A%2F%2Fphoto.hdd3.one%2F&a=0&d=0.611&v=27&r=2521
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5306b6ac1f3ecd7bf578e7c4e216fccd7f0e4bfef2ee136e917fb18345945d37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7f9d70526d709076-FRA
content-type: text/javascript;charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
76 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2QGFJD0WL7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144973325-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebc42f5cbea1c940476b32d026df09f5ec9887d789fd5b29a3749fdce573a832

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78092
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 20 Aug 2023 20:38:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144973325-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 19:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2911
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 20 Aug 2023 21:49:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
65 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156928160-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144973325-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8842fd7a1c509be073af92af65c08421f8569716465a0c944bf243e19b58f22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66101
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Aug 2023 20:38:14 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 392 KB
132 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4896375881595114&plah=elcorito.chat

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a74b53037f6a5e4d717cfb06efb128dc1f9b5b9b1959a225fce980d2fbe72b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134726
x-xss-protection: 0
server: cafe
etag: 17387923888445871301
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 20:38:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/ Frame E72E 10 KB
5 KB 136ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 09:34:56 GMT
etag: 13776922816869014096
expires: Sun, 03 Sep 2023 09:34:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
76 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7QBYH7SFLV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156928160-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

437da1ed8d583840ef5abba5b9d70d1cb56be45233ea45c3253d42316707745f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78011
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 20 Aug 2023 20:38:14 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 175ms
68ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2QGFJD0WL7&gtm=45je38g0&_p=478029265&cid=1209436644.1692563894&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692563894&sct=1&seg=0&dl=https%3A%2F%2Felcorito.chat%2F&dr=https%3A%2F%2Fphoto.hdd3.one%2F&dt=Elcorito%20%E2%96%B7%20Una%20Vaina%20Bien!%20%7CCHAT%20DOMINICO-BORICUA%7C&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QGFJD0WL7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:38:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elcorito.chat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 141ms
67ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7QBYH7SFLV&gtm=45je38g0&_p=478029265&cid=1209436644.1692563894&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692563894&sct=1&seg=0&dl=https%3A%2F%2Felcorito.chat%2F&dr=https%3A%2F%2Fphoto.hdd3.one%2F&dt=Elcorito%20%E2%96%B7%20Una%20Vaina%20Bien!%20%7CCHAT%20DOMINICO-BORICUA%7C&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7QBYH7SFLV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:38:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elcorito.chat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 46ms
46ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=478029265&t=pageview&_s=1&dl=https%3A%2F%2Felcorito.chat%2F&dr=https%3A%2F%2Fphoto.hdd3.one%2F&ul=en-us&de=UTF-8&dt=Elcorito%20%E2%96%B7%20Una%20Vaina%20Bien!%20%7CCHAT%20DOMINICO-BORICUA%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1808585666&gjid=1754313458&cid=1209436644.1692563894&tid=UA-144973325-1&_gid=2116909797.1692563894&_r=1&gtm=457e38g0&jsscut=1&z=1217760853

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://elcorito.chat/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:38:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elcorito.chat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 46ms
46ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=478029265&t=pageview&_s=1&dl=https%3A%2F%2Felcorito.chat%2F&dr=https%3A%2F%2Fphoto.hdd3.one%2F&ul=en-us&de=UTF-8&dt=Elcorito%20%E2%96%B7%20Una%20Vaina%20Bien!%20%7CCHAT%20DOMINICO-BORICUA%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=791438341&gjid=2124181288&cid=1209436644.1692563894&tid=UA-156928160-1&_gid=2116909797.1692563894&_r=1&gtm=457e38g0&jsscut=1&z=1733136101

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://elcorito.chat/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:38:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elcorito.chat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
603 B 194ms
53ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=elcorito.chat&callback=_gfp_s_&client=ca-pub-4896375881595114

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4896375881595114&plah=elcorito.chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75f8f2aff429576f9f076f860a61e680395cd0b42298f8f4fd51225009c1bf3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 059D 10 KB
5 KB 461ms
460ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&adk=1812271804&adf=3025194257&lmt=1679705150&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Felcorito.chat%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894144&bpp=2&bdt=552&idt=261&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7502261053217&frm=20&pv=2&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=281

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b202242e2c39c79f9a119c5a1d545abb43c9f23971ed14ad83e15ad5b6ac5c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4584
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 20:38:14 GMT
expires: Sun, 20 Aug 2023 20:38:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 138ms
137ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=navbar%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:38:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D2C 114 KB
39 KB 930ms
929ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7686f45bececb550b8018493ef0f2c7fe5aec773c8fbe3859fb1439024b554f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40159
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 20:38:15 GMT
expires: Sun, 20 Aug 2023 20:38:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A7A 117 KB
40 KB 661ms
660ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=2005281337&adf=2296579135&pi=t.ma~as.8294562186&w=504&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=504x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894147&bpp=1&bdt=555&idt=291&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=357&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WwkMGbhi15&p=https%3A//elcorito.chat&dtd=293

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc88e2251fea3efc8a3e8c9b1eb04dc439b6f26f4a828ee74957edb7ea388888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40858
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 20:38:15 GMT
expires: Sun, 20 Aug 2023 20:38:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame 6A7A 9 KB
4 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=2005281337&adf=2296579135&pi=t.ma~as.8294562186&w=504&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=504x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894147&bpp=1&bdt=555&idt=291&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=357&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WwkMGbhi15&p=https%3A//elcorito.chat&dtd=293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 14:39:46 GMT

GET
H2 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame 6A7A 11 KB
5 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6A7A 11 KB
1 KB 50ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdcaa771e7265ff69e374f9fef053fd9ae91567074983aa1a61bf74a3001490b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 20:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 20:17:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 20:38:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 6A7A 2 KB
973 B 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 6A7A 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 6A7A 3 KB
1 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 18:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 18:15:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 6A7A 20 KB
8 KB 136ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A7A 180 KB
57 KB 150ms
50ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 20:38:15 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 6A7A 35 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 51CD 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=2005281337&adf=2296579135&pi=t.ma~as.8294562186&w=504&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=504x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894147&bpp=1&bdt=555&idt=291&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=357&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WwkMGbhi15&p=https%3A//elcorito.chat&dtd=293
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 20:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6A7A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57e1e9f00a1fab0f479ea190eeec66d94855ecbb70f23a8b9dd21484800764b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 51CD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
51ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 20:38:15 GMT
expires: Sun, 20 Aug 2023 20:38:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 20:38:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame 5D2C 9 KB
4 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 14:39:46 GMT

GET
H3 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame 5D2C 11 KB
5 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5D2C 11 KB
1 KB 50ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdcaa771e7265ff69e374f9fef053fd9ae91567074983aa1a61bf74a3001490b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 20:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 18:42:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 20:38:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 5D2C 2 KB
926 B 39ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 5D2C 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 5D2C 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 18:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 18:15:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 5D2C 20 KB
8 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D2C 180 KB
56 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 20:38:15 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 5D2C 35 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6A7A 16 KB
16 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 443521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 17:26:14 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6A7A 21 KB
21 KB 47ms
47ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:02:48 GMT
x-content-type-options: nosniff
age: 138927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21360
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 06:02:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5D2C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CoZM-tnniZOSFHdLtxgOoz5DICdHVyc5vvIyhzvwO4srIqf0rEAEgv568IWCVgoCAkAegAavjwNQDyAEBqQI9mh0vtj2yPqgDAcgDywSqBPMBT9AXMSKigtWhl73kN9ixNK94RleBAdXqBiH...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224066449091042493003%22,%22debug_reporting%22:true,%22destination%22:%22https://lexoffice-lohnabrechnung.de%22,%22event_rep...

0
0

165ms
75ms

Fetch
text/css

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224066449091042493003%22,%22debug_reporting%22:true,%22destination%22:%22https://lexoffice-lohnabrechnung.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22982528427%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224810746144383039217%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4066449091042493003","debug_reporting":true,"destination":"https://lexoffice-lohnabrechnung.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["982528427"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"4810746144383039217"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 20:38:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Aug 2023 20:38:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4066449091042493003","debug_reporting":true,"destination":"https://lexoffice-lohnabrechnung.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["982528427"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"4810746144383039217"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 309A 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 20:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5D2C 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6d9362d5dc6c68a33153d578ccf65558e2d8c9b8e5f5fcc905b1ac4a2b87ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5D2C 16 KB
16 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 443521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 17:26:14 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5D2C 21 KB
21 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:02:48 GMT
x-content-type-options: nosniff
age: 138927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21360
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 06:02:48 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 309A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
51ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 20:38:15 GMT
expires: Sun, 20 Aug 2023 20:38:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 20:38:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 175ms
73ms Preflight
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 20 Aug 2023 20:38:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6A7A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CmCgytnniZPa2HeS71fAP9qut-A3R1cnOb92XuYe7D-LKyKn9KxABIL-evCFglYKAgJAHoAGr48DUA8gBAakCPZodL7Y9sj6oAwHIA8sEqgTzAU_QV0Jy5Ff6d0R9vDff0YetHximBQ6N_Vi...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227131069206215340958%22,%22debug_reporting%22:true,%22destination%22:%22https://lexoffice-lohnabrechnung.de%22,%22event_rep...

0
0

147ms
74ms

Fetch
text/css

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227131069206215340958%22,%22debug_reporting%22:true,%22destination%22:%22https://lexoffice-lohnabrechnung.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22982528427%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213134708974626912305%22}&andc=true

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7131069206215340958","debug_reporting":true,"destination":"https://lexoffice-lohnabrechnung.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["982528427"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"13134708974626912305"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 20:38:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Aug 2023 20:38:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7131069206215340958","debug_reporting":true,"destination":"https://lexoffice-lohnabrechnung.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["982528427"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"13134708974626912305"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 101B 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 14:52:52 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 74ms
73ms Preflight
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 20 Aug 2023 20:38:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 173ms
92ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f9a930a9c30ef5fe1f644def49af090d1ddf5b08b55beacf645541f2844e426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11689
x-xss-protection: 0

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 58E5 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679705150&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692563894146&bpp=1&bdt=555&idt=283&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7502261053217&frm=20&pv=1&ga_vid=1209436644.1692563894&ga_sid=1692563894&ga_hid=478029265&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077148%2C44799571&oid=2&pvsid=3492721754777253&tmod=1410009158&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cwQ8eQNtlD&p=https%3A//elcorito.chat&dtd=288

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 14:52:52 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 20:38:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC9C 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8569
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 18:15:26 GMT
expires: Mon, 19 Aug 2024 18:15:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B102 829 B
558 B 50ms
50ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3bafc4f8957cbe95d5aba7a08185cca076d3bd077d606893d3e6d1f48c2f02d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HcUhSnrEbWLdmvt-B1v0pQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-HcUhSnrEbWLdmvt-B1v0pQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 20:38:15 GMT
expires: Sun, 20 Aug 2023 20:38:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B102 0
0 139ms
139ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=3492721754777253&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame DC9C 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 14:52:52 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DC9C 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KXsM6w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:38:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6A7A 42 B
64 B 143ms
143ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-fBV0H4d4JInIzRes11S1lLDJlRGSSwzZt7IRCBoSQR_XicDQnZA6amhfyUC8Yt5e_urOQoULHOMd9yqn56Z4YDyC8USCjWPjHMT7qu-lbFC2YiMAKiH8A9zNfZ8rQa-Yln338sdwO_8z&sai=AMfl-YSULcMOw6FHCNYAHOBo8JgifKB4sOi6e3MaKm0ZH8uaWYFXYWvIfi-5yMlMrZx4jPF8Rk-XVo6hTbjv&sig=Cg0ArKJSzKowE9_UAppdEAE&cid=CAQSGwBpAlJWKn9-EUe1VzpJmXNdNJIhWbP4rHRgThgB&id=lidar2&mcvt=1000&p=0,0,280,504&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2005281337&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692563894441&rpt=1117&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:38:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 144ms
143ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230816&jk=3492721754777253&bg=!KimlKX3NAAZGPLJIZjw7ADkAdvg8WspkV7lzMKrb7c_5bMx0Yr3xm4yIgO62lRIYf9jZcagkFGtIW888ZLUB6SNLZoD5-Wl8Vu8CAAAAV1IAAAAHaAEHCgCYbJ5dIQLfuK7urOHzHn8z5kx0YhxWS_z1UyR8IcPjQqS4jq3eVO27O_BT6nSHmzRJRUXXdGsAXIVyW2eVhG6TYpwZa8_tpuXC6nFY3I5kJCqMs_GkwuBElrdVvlkQl68eECPJb7dmisx9NUM80egua22hxULppmV93ziD2vkQHOX559ZJAoXdqjQS3s5KKbOMidw2PpN-yb2ZAsNqhC8iRYn-sSsbEF-a7eX5x-L0VgntIiYfA24GD6rah0m0MpWt56PQixDd-x-HU7T23rnJJLsQskW5IYov3H3LIk3uM43raK9fhovnTCMX1NPYUykUcm4Lm7zgUl9xAsQkltNdPv0GA9Pt4puR0iY17fEcoeX5sIaAaugsRxpSuwLcTKFqgIQty0jz6EJapkDWy30rOk7h7-D2yGnQpY0AGAcvEQJkrLVZ-E-K66Cgahzi4jau7RnVBSMt5sPtHeAMPydoAPIgCCEA3FeGwvtU8y8uMNmFcnPr9RTk1lhvhPs6_S1eJtrKCaynRi10xrJPfp7md6ROPkffAsfojPZLwq1yFAFp-ojbJVGHFX783Ugb-ta_UVIS2ecs7k2rE_kDesXRtHuvl-00NRiGcfYRiRk5I8ZpkTfbXxOWE57GFjJG0OnL4erbZaWJcfhzjqxReLZLdVoiVo-MhjKRJlPQ2RSTLL_uCkxSrnvsnX1jzlO4bKy2fzx9ho93qN3ny2GCheNTXeLUyVMi3Md3ks-yuVJeKHpe0Owp0QNGQf00_QJuoqcCg5m8OjBL_vg_Q98U16i5aGh3ZM-z2lhLu9CG-N_J_Go-OisLoOpzNDooiO4hjrLvsGcqj529aP6Spb0r0c_5YvKEOKWv4qT-TwGg4g8YGFeHTOv6rsx3_R_LvGOYrUCc6NMHIHJcaWyk3_iqR1Rzr55HBWIP_ZpW5Ukfs4tvPt-xkp8GP7cyuyXKjtAy-1J2t--MSwroaZ_cebERACA64V0JvNMTR9uhLusjIXrp07pJ7aAmb5IU8upiJxkcodMp1WDjiTNAbK9osxubPo3BCN9EB3oJY9Ts2sWZZX4QLbhVuEt7AkLPL-coKTbMtjMNOuQBFGfPQr2hVH7pOPqLox7-i41u-MC0MNVMBXs47sHrNcu_1NSCwt5R7NMKUw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5D2C 42 B
64 B 143ms
143ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0JmYoAg3DyUU4wKyR5QmDGYWWb1UW4Gf1COwZ0w9JJvNLniAdsYrl7fiM5KhcdolsoG7jeUDCoOsCF8kNEsTqLkriW81NHXGX8HkYMWqePBFA5hH6pdhfFT4aGUDVZYicA8P2PzuddzSX&sai=AMfl-YSOiWPpmcIX591t89bX-co5KKN0EV0HHJA4XjfB_LjzsdQxKa2nq0dpqJ6OAFx14AgeZHzkTCgjXiSw&sig=Cg0ArKJSzF9Nj1kt2A-3EAE&cid=CAQSGwBpAlJWW4BsBI0KEuPN_0v8LnYuZDkvBGcr3hgB&id=lidar2&mcvt=1000&p=0,0,280,930&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=528232075&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692563894435&rpt=1244&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 20:38:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.elcorito.chat/	1970-01-20 23:45:23	Name: _ga_2QGFJD0WL7 Value: GS1.1.1692563894.1.0.1692563894.0.0.0
.elcorito.chat/	1970-01-20 23:45:23	Name: _ga_7QBYH7SFLV Value: GS1.1.1692563894.1.0.1692563894.0.0.0
.elcorito.chat/	1970-01-20 23:45:23	Name: _ga Value: GA1.2.1209436644.1692563894
.elcorito.chat/	1970-01-20 14:10:50	Name: _gid Value: GA1.2.2116909797.1692563894
.elcorito.chat/	1970-01-20 14:09:23	Name: _gat_gtag_UA_144973325_1 Value: 1
.elcorito.chat/	1970-01-20 14:09:23	Name: _gat_gtag_UA_156928160_1 Value: 1
.elcorito.chat/	1970-01-20 23:30:59	Name: __gads Value: ID=49e3de3c6101c17a-22d65de956de0091:T=1692563894:RT=1692563894:S=ALNI_MYlFZo1otGQuEgiYNpm99H9_LEZTg
.elcorito.chat/	1970-01-20 23:30:59	Name: __gpi Value: UID=00000c64a66bf270:T=1692563894:RT=1692563894:S=ALNI_Ma_8NiqI9GHY29dqICTAyigAf3Q4Q
.doubleclick.net/	1970-01-20 23:30:59	Name: IDE Value: AHWqTUn4FepqTkoY3t4sYt3Da8pVzVK9lpjGEnKp6GRTqO5XMTWsoX0Qon0vZEl33ho
.doubleclick.net/	1970-01-20 14:09:27	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 16:18:59	Name: ar_debug Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://elcorito.chat/js/lastfm.api.md5.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://elcorito.chat/js/lastfm.api.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://elcorito.chat/js/lastfm.api.cache.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
elcorito.chat
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
huevopollito.com
images.dmca.com
is.gd
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
photo.hdd3.one
region1.google-analytics.com
tpc.googlesyndication.com
waust.at
whos.amung.us
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
151.139.128.10
170.10.160.83
2001:4860:4802:34::36
216.58.212.130
2606:4700:10::6816:4bab
2606:4700:20::6819:ea35
2606:4700:20::681a:507
2606:4700::6812:acf
2a00:1450:4001:806::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200e
2a06:98c1:3121::3
69.10.59.181
0ab340987711378e8cb5582b1f97f6938037712213396d8e7c7f8fa7b1ab4e5a
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0f9a930a9c30ef5fe1f644def49af090d1ddf5b08b55beacf645541f2844e426
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
16276cd617d79e11fadc14d55b183e303b4220dc7bb02cc71b4ab504442287c1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
263e0ef22df06639af1fa219ae0ab49beff0ea390f9094ec777565f7256f86db
287441d6ca926bac6b7e4e50b48412faf12fa3654c80d3abd0f20dc420632eee
2a29a4c0bb4e5f3a765e711bf3463e29253bc45137107b05bfac1f5436c803da
2b894ff327ab4f945741b16af437bfe9d6b5e89d0726181528b60b8c2ddc017e
3039294d93ec76b04b90caa559cfb3e21a2aea6707455068d28e23c9530c522b
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36cd2759ed1fdcb9b931fac68414fa848200e2b7fd6ec344d57bf40799aa4a6c
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bafc4f8957cbe95d5aba7a08185cca076d3bd077d606893d3e6d1f48c2f02d3
3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
437da1ed8d583840ef5abba5b9d70d1cb56be45233ea45c3253d42316707745f
46a2de362f54e3c988cc8c9fbf68fe12018c8ae42fe11509a747f52f17834466
49883b2ff34194c5fbf2ed8a87a378de086a67334253d63d77ee02488c9d3f10
4a77ea5147173c42b23e754663635f044a9fc9cae895aa1487e7cbe4a46ae156
4e1354fc542b617c58cbba3aeb5116a528cf08bb1299f5dc7f3bc77a3b902b68
5306b6ac1f3ecd7bf578e7c4e216fccd7f0e4bfef2ee136e917fb18345945d37
54ad56988bf78090ce07a5897636fcf8f1f4209a244c8ec03aa45d16f6309375
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57e1e9f00a1fab0f479ea190eeec66d94855ecbb70f23a8b9dd21484800764b2
619f522608653b3074b1161f407de89e5806804729edacadd3accc0e1bf97a94
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c3ba3bf6bf1617ee7e82251b6d4193082545eeedc60979b031d772ffb5a878
66625453601bcbcc54e1d678eb76162f1b117ea1d26c8bb2ad1aa8598d59d886
6b202242e2c39c79f9a119c5a1d545abb43c9f23971ed14ad83e15ad5b6ac5c8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e38ca9bffa82d9df246392811cb84323aae578099752e322751189cd897ab0c
6fd7fb85167ed50ef6b6e19d89b2f5dea7b32a133b02ec15744b5921f72e9751
75f8f2aff429576f9f076f860a61e680395cd0b42298f8f4fd51225009c1bf3e
7686f45bececb550b8018493ef0f2c7fe5aec773c8fbe3859fb1439024b554f8
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
7a74b53037f6a5e4d717cfb06efb128dc1f9b5b9b1959a225fce980d2fbe72b3
7c23dc6d33756a70efed4e2d27fd9314b2dca3ee7e0243fd552c041a61c6c5e8
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
8842fd7a1c509be073af92af65c08421f8569716465a0c944bf243e19b58f22b
9779d8159d328d842f63cac031444d411a42c8dadfae9f2313e6e4369485274b
9a0493c889c58b96e508431fc9eac773683d9839bcaf3c0feef44afec85b2733
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
ad1bf1a65af50f8532fb64352af03eff59d8f6fa91cb2a9e2be8ce7c89fe8a4b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b302f3162063054c6c6a18ac90cc62e69a395912cd157dacd2d53e1d4b06597e
b5dba68d705ba20baa1e8133d51261af4897d351c3d861704aa280eabd710480
bc374cb052c52b759d2fefd739e22fe84975a622a004708b83dc0b5b5dfd6285
c1d4cdd9e85ef7e00db8d1c1ef6fe8e352628e3b528a2e247dd1b779444a6087
c6d9362d5dc6c68a33153d578ccf65558e2d8c9b8e5f5fcc905b1ac4a2b87ba7
c8104390115f92b27003b1e4e503ef59343ccfef4ac19751093544e8cfaeae26
cdcaa771e7265ff69e374f9fef053fd9ae91567074983aa1a61bf74a3001490b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e01511de08190908a8744534e0734b03dbb329a97450307aaa67c8622a833ed6
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ebc42f5cbea1c940476b32d026df09f5ec9887d789fd5b29a3749fdce573a832
ec190e2f6ca2b272958e593e24827f3e51d2352733b509cbe1e30868b875bb7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4fb502ca1cb75eab89973f7726007591fb388ebfdea4216faddca45118213c1
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada
fc2a934d09315618cc7d670f748958a584c14cb54a8619b455b71ec9f62fc887
fc88e2251fea3efc8a3e8c9b1eb04dc439b6f26f4a828ee74957edb7ea388888

elcorito.chat Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

98 %HTTPS

82 %IPv6

17 Domains

22 Subdomains

22 IPs

2 Countries

1944 kBTransfer

4045 kBSize

11 Cookies

3 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

elcorito.chat Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

98 %
HTTPS

82 %
IPv6

17
Domains

22
Subdomains

22
IPs

2
Countries

1944 kB
Transfer

4045 kB
Size

11
Cookies

100 HTTP transactions
3 data transactions