www.tuparada.com Open in urlscan Pro
34.232.82.202 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tuparada.com/g/
Submission: On September 25 via manual (September 25th 2023, 8:22:35 pm UTC) from US — Scanned from DE

Summary HTTP 294 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 55 IPs in 5 countries across 29 domains to perform 294 HTTP transactions. The main IP is 34.232.82.202, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.tuparada.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 14th 2023. Valid for: a year.

This is the only time www.tuparada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	34.232.82.202 34.232.82.202	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
19	52.222.236.123 52.222.236.123	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	108.138.7.23 108.138.7.23	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	18.239.16.130 18.239.16.130	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	18.238.243.129 18.238.243.129	16509 (AMAZON-02) (AMAZON-02)
1	18.239.64.29 18.239.64.29	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
17	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
8 10	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 7	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
3 6	63.33.177.221 63.33.177.221	16509 (AMAZON-02) (AMAZON-02)
31	2a00:1450:400... 2a00:1450:4001:81c::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
6	2600:9000:20a... 2600:9000:20ab:6600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
25	2600:1f18:1ac... 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1	14618 (AMAZON-AES) (AMAZON-AES)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.80.29.75 104.80.29.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	64.233.167.156 64.233.167.156	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	15.197.133.55 15.197.133.55	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	18.165.183.35 18.165.183.35	16509 (AMAZON-02) (AMAZON-02)
2	54.203.213.254 54.203.213.254	16509 (AMAZON-02) (AMAZON-02)
5	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.162.185.61 35.162.185.61	16509 (AMAZON-02) (AMAZON-02)
6	52.222.169.54 52.222.169.54	16509 (AMAZON-02) (AMAZON-02)
294	55

3 34.232.82.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-82-202.compute-1.amazonaws.com

www.tuparada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.222.236.123 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-123.fra56.r.cloudfront.net

images.info-tuparada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.7.23 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-23.fra56.r.cloudfront.net

cardsimages.info-tuparada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.16.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-16-130.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-129.ams58.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.64.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-64-29.ams58.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.130 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.26.193 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.101 (Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 63.33.177.221 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-177-221.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Cologne, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20ab:6600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.80.29.75 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-29-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.133.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4b61a47cf5978487.awsglobalaccelerator.com

de2-bid.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-35.zrh55.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.203.213.254 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-213-254.us-west-2.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.162.185.61 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-185-61.us-west-2.compute.amazonaws.com

prod.tahoe-analytics.publishers.advertising.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.169.54 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-54.cdg52.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169	632 KB
41	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433 bid.g.doubleclick.net — Cisco Umbrella Rank: 1063	428 KB
39	adsafeprotected.com 3 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1083 static.adsafeprotected.com — Cisco Umbrella Rank: 851 dt.adsafeprotected.com — Cisco Umbrella Rank: 765 pixel.adsafeprotected.com — Cisco Umbrella Rank: 1025	408 KB
31	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 408	1 MB
23	info-tuparada.com images.info-tuparada.com cardsimages.info-tuparada.com	314 KB
17	criteo.net static.criteo.net — Cisco Umbrella Rank: 897 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8000 csm.eu.criteo.net — Cisco Umbrella Rank: 7577	174 KB
17	google.com www.google.com — Cisco Umbrella Rank: 11 cse.google.com — Cisco Umbrella Rank: 4999 clients1.google.com — Cisco Umbrella Rank: 659 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1673	374 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	460 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	4 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	773 KB
6	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 1330	19 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 360	5 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 404 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945 aax.amazon-adsystem.com — Cisco Umbrella Rank: 541	67 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	21 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	46 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7499 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13805 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 8894	48 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1600 syndication.twitter.com — Cisco Umbrella Rank: 1900	132 KB
3	tuparada.com www.tuparada.com	64 KB
2	a2z.com prod.tahoe-analytics.publishers.advertising.a2z.com — Cisco Umbrella Rank: 5441	373 B
2	adsrvr.org de2-bid.adsrvr.org — Cisco Umbrella Rank: 21148 insight.adsrvr.org — Cisco Umbrella Rank: 964	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 2022	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 863	418 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	89 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	139 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 720 fonts.googleapis.com — Cisco Umbrella Rank: 113	37 KB
1	truste.com choices.truste.com — Cisco Umbrella Rank: 1356	10 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11661	60 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 120	5 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3974	408 B
294	29

	Domain	Requested by
35	pagead2.googlesyndication.com	www.tuparada.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net fw.adsafeprotected.com www.googletagservices.com
31	s0.2mdn.net	www.tuparada.com s0.2mdn.net 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
28	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com www.tuparada.com s0.2mdn.net googleads.g.doubleclick.net
25	dt.adsafeprotected.com	76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
19	images.info-tuparada.com	www.tuparada.com
17	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com www.tuparada.com
11	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
11	www.google.com	www.tuparada.com cse.google.com www.gstatic.com www.google.com tpc.googlesyndication.com
10	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
10	www.googletagservices.com	www.tuparada.com 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com securepubads.g.doubleclick.net fw.adsafeprotected.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	choices.trustarc.com	choices.truste.com
6	static.adsafeprotected.com	76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com pixel.adsafeprotected.com
6	googleads4.g.doubleclick.net	www.tuparada.com
6	fw.adsafeprotected.com	3 redirects www.tuparada.com 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
5	imageproxy.eu.criteo.net	ads.eu.criteo.com
5	www.gstatic.com	www.google.com
4	cardsimages.info-tuparada.com	www.tuparada.com
3	cdnjs.cloudflare.com	s0.2mdn.net ads.eu.criteo.com
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	c.amazon-adsystem.com	www.tuparada.com c.amazon-adsystem.com
3	www.tuparada.com	www.tuparada.com
2	prod.tahoe-analytics.publishers.advertising.a2z.com	c.amazon-adsystem.com
2	pixel.adsafeprotected.com	76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	fonts.gstatic.com	www.tuparada.com fonts.googleapis.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	platform.twitter.com	www.tuparada.com platform.twitter.com
2	cse.google.com	www.tuparada.com www.google.com
2	connect.facebook.net	www.tuparada.com connect.facebook.net
2	www.googletagmanager.com	www.tuparada.com www.googletagmanager.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	choices.truste.com	76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
1	insight.adsrvr.org	76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
1	de2-bid.adsrvr.org	76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.nl3.eu.criteo.com	76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
1	ads.eu.criteo.com	76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
1	m.exactag.com	76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
1	lh3.googleusercontent.com	www.tuparada.com
1	fonts.googleapis.com
1	www.google.de	www.tuparada.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	clients1.google.com	www.tuparada.com
1	syndication.twitter.com	platform.twitter.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	ajax.googleapis.com	www.tuparada.com
294	54

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
twitter.com
www.tiktok.com
greetingsforever.tuparada.com
tuaparada.tuparada.com
www.1000grusskarten.de
www.saludosyregalos.com

Subject Issuer	Validity	Valid
tuparada.com Amazon RSA 2048 M03	`2023-08-14` - `2024-09-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2023-08-22` - `2024-09-15`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-09-13` - `2023-12-12`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-16`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-21`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://www.tuparada.com/g/
Frame ID: 243D77A5F8C3DE7160E5BA6869A1D85E
Requests: 79 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.tuparada.com
Frame ID: C27715D0126462251E85E749FA735924
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZf9QZAAAAAKpkWGh4u1nnIkSPxUPzdzGiUJGx&co=aHR0cHM6Ly93d3cudHVwYXJhZGEuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=tr0871qzmqam
Frame ID: CE8A4D80536EE13D00700C47F012BD29
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230921/r20190131/zrt_lookup.html
Frame ID: A10E0ACEAA14A15DBC668E608B94E6E3
Requests: 1 HTTP requests in this frame

Frame: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D545144F67B72962CAD392F19AFE2B1A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6LdZf9QZAAAAAKpkWGh4u1nnIkSPxUPzdzGiUJGx
Frame ID: 0BA64B4581C95B67670A3989ACBCDD70
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D3FFB4EBD9F7EFE00108496CBBCF6E8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A95AB1B9E8B4D7EF124A8006FF52289
Requests: 2 HTTP requests in this frame

Frame: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C6072BE1A0D4575534C50051E56C534C
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXEvbKuOfvP1IhppCu2N0B_y0AY4JXuUjdLMWwXPnDw0sW6JtkDHQ9V9QjQggvIxOoqA7YChNRUe8UJDfnwMQFB6wmoJEwQGUMtg44UgNly82gGzce7ydy4G3BaxeaEyURelQ2xUl6omEOV1NGfFuiLkB2UIr4Cuy7uvrzaoIFiO0o5W2M
Frame ID: 5A2F964770B6207E8231D733A4DAD91D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4F9E838796D731F827B79556EB45F0D5
Requests: 3 HTTP requests in this frame

Frame: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 73E1E4643D6CA84C802FA061E7AA016F
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Frame ID: 33C9F05FD6741CB21CCD7FFA2367983F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY1YHo4gEwAQ&v=APEucNUytIpL2mlPxwDJGk6F7r6O41JQrZNY2MPOB8mIDzRniDx3sMg1tKRXHxIVL3b4u6PkwMstvnBwkwFzSy5g6-i8CdyMhP4qfVs3WIJjQhclkWcOfymhDz0NpYkuSRNCw38ElMYfNcbu_vqO9TutKXUhGuTvquG1yMpaeI3kp_dbEOq3X4c
Frame ID: A6B059AC96C140269E3FF3AF5527F8D7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D37490729F2E33E0C86350FA8C743FC3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250
Frame ID: 0270C32B92690EF0A4DDAF5A9C7610CE
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F9A9BDE2C2A353FF97207FDF8FD9C5C4
Requests: 1 HTTP requests in this frame

Frame: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 34B2E2A5834BB6DD6F9A965E2B8C9CDA
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyXJRDn9OgBGJ_90PABMAE&v=APEucNXEwgwl_6S2ugySARYc6QqnSSlgYCSRZcSt53wxf6NfNAXPhkWoUc50oW8APvGbCzCdwVP1A3dfWSOKiJ7SMCfo-jjuEnb-GHqnoS7HZDxvc6pAhiXkYhm0OmfJPgc3a6jyH_4OkkF8kvGA5DpNfUgeTvDPyuJ5VNSUMUtEZjLA2QKVmcs
Frame ID: 3A9D2456F58EB8CFF9E0671A462EDD53
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
Frame ID: E5DFE54920AFD910B1A509EFD97511B0
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0E1A88CAA4555313B624B2357C033D66
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 66E7E9CDB0E3B4D66739DE5C4A8823CF
Requests: 3 HTTP requests in this frame

Frame: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A9CCD6A7E305C1A81D62244B5FF8247F
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRHsBQAFzXgK4GuSAAEMHYUlQ71MDp2bnK-0YQ&u=%7Coi%2FVmCrRyGUJD7%2BibH9XcMr4ScvQTmasxZaUlOuELG4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5I_gGZ0oWA1lbtxKvkwKRDpCIoFOcm45g2X5SRpPM25oj-YIz50UpGSyPCDM9is8V5bMPY88uu8N6bGv8lLeP_xtRP3LaRYC0gSK1E_DrRpzcTlEyT8oYvpoETcHwnz4p9A1NZMwI4KHarSRr7izF3w_QXIwm4fPPfpzvW5RUnkpNKbSTdypwXkMPQytUIRk9GG0YmhuA4iWd7zuSMeBdryJzsylnY17KVUuTH9tM9flzEuCFla66A5H4oAKkeTW8Htx8rrTnp_KdkXwOCkvXUtW_wkoBqoXup0LRHNmtyIGri0fVAJ6dZwx-1d6nQcCdtNG_leZNJ-9U_aB0BJhVeOz8j78MFb6XdFZ-a0VhyM5IhAos7V-8geUbrHhqGYui-wrLn0RgyKcO1fCHks62r0yUBCq8sD3q9Bkj7beCAv1C0K5xBLwjwNTv-zjzqydlIZzp2MfD9kyIACn1hxN0t0EG-iGnpBqcgJMkdhCsE21DFAURAOcNNpGrJCpyPVSd4AxwPmWMSelJ2vsuR5zzVBpeILQcf2YjOCBvxgfCyYiiqfSFrRoQhI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3L-QBewRZfiaF5LXgQedmIS4C8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjg1NzEyODE3MTYxNTM1OcgBCakCWqHfpLy_sT7gAgCoAwHIAwKqBIICT9AXtmLANv3yx7DKvx8mHkUo29hULecKU3G00Ck9aP7oOuDnqjZMu_v69o0hjuss7vAAYXyoPlfHCk33BJQ42vTc-3Y9SpCnalXOEXvEyHugFWpwLzhJ1tufZS1OEwpiMRhgTVMi7XEeUU8fGuKl6kGdMQDZXCcH89s1AWMKfn4G05h1vmgqevKtXPOy-74-H1B2Z-BM8Q6LrviBSmXnefmrwG6J2g1HcliWEn1lWmx2juFokxIvQ7D_MGHQMnS5HGG7uegJT326KEAypumuR5TuCy_3MycjsT0eIsZYV8e_XN0eYyo3-aWEelDQTSE8QurzEvUlScuHmnixZfmPsWAa4AQBgAbGxMuW6vDrpkSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3uumujWWpoHQnEpKbp7qvuWYBo2Q%26client%3Dca-pub-2857128171615359%26adurl%3D
Frame ID: A0BB801D18D66C9EFD37BECD067F35F3
Requests: 20 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250
Frame ID: 42E6238F34D3FB7AB4C4D67F35D2A75F
Requests: 12 HTTP requests in this frame

Frame: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0166641CF5FB8CA65F8A652F0E6F5437
Requests: 32 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1ED3D2CAB2C689D4B4DBC101ECBD3222
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssV1O1tv2KQHeIqf-LAKD2qBizwLNg_E1pEX_K-PQ5u75sIRNcnfSSMX7MV6R3srcg1kmMuygyZzQFIsMz7xkKZCbZfXNyQwTiw_iUSjjaYBSXPQ-AVZkAcE32cskV9mh7IENUGKHn62MrCqx2WKWY3lhFKYMJzWggjehTDsMmB8bjH1zt2mjBtB9PUqldabpU8zfFbEhQGqRou-1uKyW5I3I8c3OguH-bwKu75oiYDRNrQIDPhwqRb2rA4mjtmfpezKLKMPdx20nPjwgmOJPVaEZD-qdpIqNpZwPpxTHFyxumvhKZD_xpR9KzqjEoZRv4f2WcotE81xnlZ9s2x4jQflxMPaUUEjxPR1Hj8Hz373imF8JC50WtMFPs1KVL5dx-ioW28UZeniGEy1QlUORdJR2qOV5rtVw&sai=AMfl-YTWRDr2IvJFHC-KKePWvkV_6phFdZvAwrcFe3M49CxF4kZk2H6gFlbcMylH8jIDI_bKKHCgA7cP6lyxyP7S_XfT69cQfmQwWlpwCrPtyOcWQHetIBIoNXCjvh_egvw29zykQOVH_t73VnEvhEFM&sig=Cg0ArKJSzCPYlu_FisqwEAE&uach_m=[UACH]&adurl=
Frame ID: 395A26A3222BCF8F6A124CAEF6D497F4
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4BTcGmiEXIt_kwMjiRrbfcJ87wWqM-v2SVm-veSVqXdcSjA8UCMFanE_9vZVBbCIK_LSO_oIVgzFRhEYF6oMxFanvuzmqDuILVbA-ikAy01PMY71HM96qjLXaWgjhozoC2JJqTBKCiC9IQLs1meNDymVznWQ-XtKwyP0YDzSB_wHymwOtYSLx0PqeG67NRxfzk84C2r8KBLKdrhOf5gDundUt51-lWOz2QxOiCdhKw22H_HxjF2WXwIIFrOoGmZr71WihIwTGtdOw5MjWPGaTNqALzJUqJ9K523yn8AlUTmqFdChg8Cu91cO29LvMDFuwhKkCp3jyauAV1GYimx0NcNeQ3UVD1N99tElDDtC_7NbdCtCarVbNC33M9NmRE1EhQJP4CQbbqPaq28jfOAZ-1QIVag&sai=AMfl-YRwmX2f3wb92zf68CGcwY6dg-8Am1p-676raq8E57a61gSzBSaKQj0-u7_5ZWHKpx2tHupubM187FYGAB5LU4h-iMJnb6Xpx76Bex0lU4UWHESTwgZyPCHV3emaj21hAqhJqBfPiHL1X-lIHkM&sig=Cg0ArKJSzHhsv48VgiV9EAE&uach_m=[UACH]&adurl=
Frame ID: 2A8D17D87D83D47F02EE9272D086B7F9
Requests: 7 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C16A64BCD52B9775ED0C0A76F1A50E7E
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: F9279222A86FEC3C34CA1B3D67E7B674
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tarjetas, postales, fiestas, feliz día, tarjetas para móvilesbuscar

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Zepto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

zepto.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

294
Requests

96 %
HTTPS

57 %
IPv6

29
Domains

54
Subdomains

55
IPs

5
Countries

5605 kB
Transfer

13745 kB
Size

21
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TuParada

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tuparada/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TuParadacom

Search URL Search Domain Scan URL

URL: https://twitter.com/TuParada

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@tuparada

Search URL Search Domain Scan URL

URL: https://greetingsforever.tuparada.com/
Title: English

Search URL Search Domain Scan URL

URL: https://tuaparada.tuparada.com/
Title: Português

Search URL Search Domain Scan URL

URL: https://www.1000grusskarten.de/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.saludosyregalos.com/
Title: Empresas

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRHsBFe2foZVV0R7gnCt8AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOB6Cw_jpUM6xl8URRjMm5Y&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOB6Cw_jpUM6xl8URRjMm5Y%26google_cver%3D1

Request Chain 102

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDgyNDA0MTI4OTUzOTU5OA%3D%3D

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1

Request Chain 134

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRHsBFe2foZVV0R7gnCt8AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOB6Cw_jpUM6xl8URRjMm5Y&google_cver=1

Request Chain 136

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDgyNDA0MTI4OTUzOTU5OA%3D%3D

Request Chain 139

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-2857128171615359&ias_chanId=1&ias_placementId=20338656462&bidurl=https://www.tuparada.com/g/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gQhQfLIsVJhAE4xXRumBLW&adContainerId=brand_safety_BOwRZebaI9nB9u8Pz7yx8AQ&cbFunctionName=goog_wrapCb_BOwRZebaI9nB9u8Pz7yx8AQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.tuparada.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.tuparada.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8ef9e214-4d94-eb57-b8f7-5f1782e0c247,c:pgpcF8,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-rwrkt,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f*.990511-61634100%7C1f1%7C1f21%7C1f3%7C1g1%7C1g2%7C1g3,idMap:1f*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:25,oid:3fa103c2-5be1-11ee-a680-a61e53ea29c8,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_BOwRZebaI9nB9u8Pz7yx8AQ&cbFunctionName=goog_wrapCb_BOwRZebaI9nB9u8Pz7yx8AQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEhBbiwBJPSeuJyhp3gE2dE&google_cver=1

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEG40kGUEth1EZimIIo9DD9I&google_cver=1

Request Chain 183

https://fw.adsafeprotected.com/rfw/bgd/1562583/72689833/xbbe/creative/adj?p=APEucNXO1r05mu-PvPniOhmxWNgsqTi5eF5L8mCE1Bse-p5Bvrdk9YI&d=CokBAKAmf-BaD_UKM_HgMnVQC7FKsflSOVl56V-MU4OHqTQ5Z2oLnGPddT09mwVAI_H8kvCuNlHP7t4BOC-H0vNN4h6ls6jLwFNUU2CLd17h_h8flp-Hz_h68DBtoc6xtYJgt16p5DdDbS5dkJmGWN6SJmPMQ8G5QZmtmt3KjaulPmq2wcvWvjJ5Zq4SqRUAoCZ_4HSeir93Z2SAy2RPkuAgvmF8f0jwke0zFt83RkM6QT12Tj6cu41em7d927gKPOTwXKw7qhxQMYvlh7WLcU7tK3hS1eTzZKRpXP-aqYBkDYSGso9VujxxJVxTbPxD07qVydxO5NA_44hRNgqQbciklZKjRIq1QUzrV3RSrMYW_2oebVOaCoJF6yyO_jWBQ7HIckKmNmjcYexSWWxzvT-CJEyfc9T94CcGhJI6H0croZzf1_NCeaatqZc20UfaaZtqmTsohtTeFLLaxs4GcnfCLjkXFAK4_-IuRuigg0yjSZZoweRv_jZfH4lUryJEz_A1Mgrsbd4zgRsTRxCC6hYIRJxiBqHhFz-GkYye0Ud0Z2eJyeBY1JkhyAxGQ3bGAdZqw5-JITmQa1ULfH5UhDLFKLTqDEMRLGC3r1KZuUo-uWs7IbOXecVMmA7Sx7rgZywYUKMcqLaNFhRKEDb6yGND-BWRbrXbBj_wwNcEAcSiwWACkAZoyPYqNItMWy07Sg_AP-_yW1rxnwk7KFybkaeny4x42YEuKAcCHfzyLiTjNxNqquL3zDDyLRqmXGv-iPSbjnTy7ec4bCdbg1WsDR7dHnUox1eISABrlsv-XqN5ZMbBTw71wiKk2JiAlnVlvvoKkgc9GZTnLj-lOls1mDuKt0Yl1mdWo0HCSvIHZQyxXMUZmU9Q8nBT1_U6XW1cka82wlBlkWcCHFWyVHldQfhoKH8MJirpj1-GzyQvA1tGpiCRq4CAA4xoHWxMosx73hspSt9FcU7Km11u_PUom3ML5dK9rsKE80hy82bRceIoRrBYx8yR_QOhZA_noVuSutaEhPcRvBtjsmd8tlPlkW8J-cJPCpaLYKtSNbPfYy_oieKQjPBfvA9L3UH3ETiL2Y3GVIR_XgS6AXUaawoz47jYQ2GsiuAalXigpA3G_Z2hxwclc2SA5mAQWI9Zh-1-Kj-x8zchb9sFw1r5BOHh5uwOXqjf48AaaFO_0ThE5V57e3T1mFLjJdA7IfaydACjoD9-x6sS62c7zuGzNb4WkTbI0D5W618JlZWYS1orqw_uWJuF6qWFlLy1SK-tGw5ZoDjevveux1aqCXJ13pCfABaFBMcEW9BcMQ9XqUpGjF1Rmc-bJqtHzLaCA3n8fhEK8WDg8Ssq_H0JzdSb4iI2tNcqI7RUzQhh2OqgbcjcVHIgxnSpzvqGZ_7-uPvwQ1vtEze-zSM_A6jigYnvTwQ-y5k0Ewe2_a8_CUEgd-5-KiwKyS6D2gs46e8uPellhbHytXqf-hGnKXd6ja6q2Uemc-_SAs_Xxc7L2isVFJnShPMY_yvEo2TZhuXW9lrXvHwz-I08tBG_6fs7K5myJ7-Ds58-QHNHrtw6-cYRtIn0MFyE0R8eTKesoKomYzubfqNzWdziN6IZ0jk3CABu3ECEzXiTXKpunIMYA7wK4qpLx-GclH_mc97-82L5N7Gd0ugeRt7OuNI8T_kuY-Tzk-Pkj6WXazCnFaETsSpjUxX4b548FIHCPo-6A1z4DjylNAich8rwmXfGiRZPt6wjJyIJip720cQIUXXQeUTDD5JpLBD8h5wkoLyQLRD8epCLNw2s7EywUe_3PwlHiP-jFaVDy-7dJjGeVmkJSKDJW0m5RvXrCDiUP2Zs75H9phYSjRkBO4PRbXTg7mG5hW15gdtgSuRDR47cEWqzHnKVF1f9KjOQPtaCHygZON61apPg2KU8R5QkAU3wuvJLbKfMUaHxf_qM2qE5uZKZBbnXyTojGstdXQu2JGggu9VUWhNKO-3tMwf7Uj077NVfIYfFPEq969jECnJmFsO59urs88e0zZ4OQ7PpkgZFWNQ_YbQa7cwWNftN89UXa8kDMa4gs6vWwRxl3Lhi6vE5Ky9d8bTsgdTkGVhzgDIe1mMZIgMtrcDHr02y5vd6isscT1vkfBwZ382LJCJCjf-h79IFdVD4aNwQT218aX4sfbwJ53APrLxiiMTjXcZli7XGaiJ3kNE2DZJSKTjtzWXHWGIL7NoUdjYCEAzBd_ooo_MrChV2DxnkZSus3uUrtIBeRmGN2gMUEkwh-_ZtefRwD6hiVz5oPWXNIQjigjR-HbBCD5UeIahvfy862jQQFJAaH4YLSEOnH-ZfO64Ttv-ka2NeU5Vm-DXdw_Xfrwq97FrhQHsLoGn8zoxnpW0-Bp7TomNO9NquG6X3lBuDFVSaauMubq-t1q9ggJ2wAE5Ado6N_plp4-y3Hn3uxH0dIQphi2ijVoldm2b3Tb2g7AkXeGo5gpeyBB_E0ZsBw6WQrTMciRwSM2nBAxRI7pai7TdHjSifP7H9Zw-tXDPR9GJKiBI_NhTp6BGfU3iWe1_ZwRct_C2hCHwdKi7dMOf0YvcbYZWTY13LKFraix5nvaQatytkeeKBj96-X6zA0XAV524JNdhE6wbCXgINQ7hhdTRMto5vGCYGzNSJwyrgvVSat6IA_UKNbRr17L3JGIAIFIOUNGZEZVI0CEMtfBsW5bxEEUaV-MXkPdOOyi56iXkpvy_FlpIXV8MtsRMGSj9VcOj-O9OYrWtGg34wjo1m35Nkr0DCxRQsYTghofPvjBk1UVLrDRMAQOBVPozN-_FfW37kqY99NHJlePk53bwVeK7juEYEGgS000KKfWSBnGvMAwY1q7oc6UaT_U49m4gbnXWkjvL6VED21NbHilPx5HCYmTWrCrCvv1TZkvrTGDZMmVMBmANgdaIaRSRkc69b7QRm9KXopcR4OmsIZ_ssdGptyf8SBTlqdsI7Gyr7gSfQnB9M4H1l0BV2IWaxSXv3unoz1kguC0X7rQ-uRwX1F-R4lVill9EeAksmDsr14fOegO1UnHaBcIhcXLlf6PrTx0x3T7R0_anZ7ibD8k5kG_IiWgoxDPySZQh5oCFDeZ6FS3GNMKys6fdDDg71aurTv3JxxRlrAaX2ZJjnGniwv06_OofP4JzQp6VYdHpLbrra6p-ANiDdR2Ob10tXlLrHcty7ROgP-Ma_6EDdLEbWuKs8xvqJQEEf2l7Uw9XsuDQUcf9xuCtTPLcIVTWSn4V2oRB0PdycmUQFBF6MsTO5lrC8Fzmjgluv_gBlYzPqXfYgyKRzYn7C8a2paAi185BDUDW9s40FWCpB9UAzxviEz0zrTRc0yCXsjde-j-0KOrr6xSYUrBp9wXzEUuh4GuoK4n_Frn4jMoaruX1SrSDtnZv7CR89yvlqzkDAgUxNlv722g6GMhwHA4fBnMVbQPWc-ucjnXV4SLtH3LeQj2NX6M8FHfspMyAMvxryuYfhF-stiHTcnrqpZc9QqJg5p74kd9bjeXlHZV0zxtQST8EpvbjxOo5WLNCPWYtEDYt_9bXKmBmT9EDsoqa29ofjA6zSXA8XW3zMihSCOp8-uYwr2EOLx-YJseBwkJrdsbGTd7eypleZWZuRhsiKfv32ktmY_bGu0dIx6NNmlb_W5wq5taJJyQDPFEQpOM45J5g5euai-t5Q0VCMjm5fQivobtr8ihwIdEnDsOnmPJmwKXo3r4NdgpayVyLhULxGCxvSfOeimcXnZS8IfN_gywjtMHFKO_8-Ws9sRyfCd0fHbvTkRVE5A15whXumZXzf60_sFm0J4BWL_dEDO9zLV5kSuX2tCRpSCAQSTADICaaNOv7ZwbAgrgAN4pk8yo9QU9CEvY64XgOxMG4_qPqwydgXlDvCQDJCqbqeC218soX7Clxrm5Bu8lG4CQfgN0aCOTANILWcQmUYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013159638&ias_pubId=pub-2857128171615359&ias_chanId=1&ias_placementId=20358516230&bidurl=https://www.tuparada.com/g/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hBNSSgdLGxHiUqKlownGX0&adsafe_url=https%3A%2F%2Fwww.tuparada.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.tuparada.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:a847fb56-e944-866e-4a3a-5686ebe10711,c:pgpcLg,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-gj8v6,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tQU0zdR+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h*.1562583-72689833%7C1h1,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:3fda8a08-5be1-11ee-8805-8ecc6a6213de,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXO1r05mu-PvPniOhmxWNgsqTi5eF5L8mCE1Bse-p5Bvrdk9YI&d=CokBAKAmf-BaD_UKM_HgMnVQC7FKsflSOVl56V-MU4OHqTQ5Z2oLnGPddT09mwVAI_H8kvCuNlHP7t4BOC-H0vNN4h6ls6jLwFNUU2CLd17h_h8flp-Hz_h68DBtoc6xtYJgt16p5DdDbS5dkJmGWN6SJmPMQ8G5QZmtmt3KjaulPmq2wcvWvjJ5Zq4SqRUAoCZ_4HSeir93Z2SAy2RPkuAgvmF8f0jwke0zFt83RkM6QT12Tj6cu41em7d927gKPOTwXKw7qhxQMYvlh7WLcU7tK3hS1eTzZKRpXP-aqYBkDYSGso9VujxxJVxTbPxD07qVydxO5NA_44hRNgqQbciklZKjRIq1QUzrV3RSrMYW_2oebVOaCoJF6yyO_jWBQ7HIckKmNmjcYexSWWxzvT-CJEyfc9T94CcGhJI6H0croZzf1_NCeaatqZc20UfaaZtqmTsohtTeFLLaxs4GcnfCLjkXFAK4_-IuRuigg0yjSZZoweRv_jZfH4lUryJEz_A1Mgrsbd4zgRsTRxCC6hYIRJxiBqHhFz-GkYye0Ud0Z2eJyeBY1JkhyAxGQ3bGAdZqw5-JITmQa1ULfH5UhDLFKLTqDEMRLGC3r1KZuUo-uWs7IbOXecVMmA7Sx7rgZywYUKMcqLaNFhRKEDb6yGND-BWRbrXbBj_wwNcEAcSiwWACkAZoyPYqNItMWy07Sg_AP-_yW1rxnwk7KFybkaeny4x42YEuKAcCHfzyLiTjNxNqquL3zDDyLRqmXGv-iPSbjnTy7ec4bCdbg1WsDR7dHnUox1eISABrlsv-XqN5ZMbBTw71wiKk2JiAlnVlvvoKkgc9GZTnLj-lOls1mDuKt0Yl1mdWo0HCSvIHZQyxXMUZmU9Q8nBT1_U6XW1cka82wlBlkWcCHFWyVHldQfhoKH8MJirpj1-GzyQvA1tGpiCRq4CAA4xoHWxMosx73hspSt9FcU7Km11u_PUom3ML5dK9rsKE80hy82bRceIoRrBYx8yR_QOhZA_noVuSutaEhPcRvBtjsmd8tlPlkW8J-cJPCpaLYKtSNbPfYy_oieKQjPBfvA9L3UH3ETiL2Y3GVIR_XgS6AXUaawoz47jYQ2GsiuAalXigpA3G_Z2hxwclc2SA5mAQWI9Zh-1-Kj-x8zchb9sFw1r5BOHh5uwOXqjf48AaaFO_0ThE5V57e3T1mFLjJdA7IfaydACjoD9-x6sS62c7zuGzNb4WkTbI0D5W618JlZWYS1orqw_uWJuF6qWFlLy1SK-tGw5ZoDjevveux1aqCXJ13pCfABaFBMcEW9BcMQ9XqUpGjF1Rmc-bJqtHzLaCA3n8fhEK8WDg8Ssq_H0JzdSb4iI2tNcqI7RUzQhh2OqgbcjcVHIgxnSpzvqGZ_7-uPvwQ1vtEze-zSM_A6jigYnvTwQ-y5k0Ewe2_a8_CUEgd-5-KiwKyS6D2gs46e8uPellhbHytXqf-hGnKXd6ja6q2Uemc-_SAs_Xxc7L2isVFJnShPMY_yvEo2TZhuXW9lrXvHwz-I08tBG_6fs7K5myJ7-Ds58-QHNHrtw6-cYRtIn0MFyE0R8eTKesoKomYzubfqNzWdziN6IZ0jk3CABu3ECEzXiTXKpunIMYA7wK4qpLx-GclH_mc97-82L5N7Gd0ugeRt7OuNI8T_kuY-Tzk-Pkj6WXazCnFaETsSpjUxX4b548FIHCPo-6A1z4DjylNAich8rwmXfGiRZPt6wjJyIJip720cQIUXXQeUTDD5JpLBD8h5wkoLyQLRD8epCLNw2s7EywUe_3PwlHiP-jFaVDy-7dJjGeVmkJSKDJW0m5RvXrCDiUP2Zs75H9phYSjRkBO4PRbXTg7mG5hW15gdtgSuRDR47cEWqzHnKVF1f9KjOQPtaCHygZON61apPg2KU8R5QkAU3wuvJLbKfMUaHxf_qM2qE5uZKZBbnXyTojGstdXQu2JGggu9VUWhNKO-3tMwf7Uj077NVfIYfFPEq969jECnJmFsO59urs88e0zZ4OQ7PpkgZFWNQ_YbQa7cwWNftN89UXa8kDMa4gs6vWwRxl3Lhi6vE5Ky9d8bTsgdTkGVhzgDIe1mMZIgMtrcDHr02y5vd6isscT1vkfBwZ382LJCJCjf-h79IFdVD4aNwQT218aX4sfbwJ53APrLxiiMTjXcZli7XGaiJ3kNE2DZJSKTjtzWXHWGIL7NoUdjYCEAzBd_ooo_MrChV2DxnkZSus3uUrtIBeRmGN2gMUEkwh-_ZtefRwD6hiVz5oPWXNIQjigjR-HbBCD5UeIahvfy862jQQFJAaH4YLSEOnH-ZfO64Ttv-ka2NeU5Vm-DXdw_Xfrwq97FrhQHsLoGn8zoxnpW0-Bp7TomNO9NquG6X3lBuDFVSaauMubq-t1q9ggJ2wAE5Ado6N_plp4-y3Hn3uxH0dIQphi2ijVoldm2b3Tb2g7AkXeGo5gpeyBB_E0ZsBw6WQrTMciRwSM2nBAxRI7pai7TdHjSifP7H9Zw-tXDPR9GJKiBI_NhTp6BGfU3iWe1_ZwRct_C2hCHwdKi7dMOf0YvcbYZWTY13LKFraix5nvaQatytkeeKBj96-X6zA0XAV524JNdhE6wbCXgINQ7hhdTRMto5vGCYGzNSJwyrgvVSat6IA_UKNbRr17L3JGIAIFIOUNGZEZVI0CEMtfBsW5bxEEUaV-MXkPdOOyi56iXkpvy_FlpIXV8MtsRMGSj9VcOj-O9OYrWtGg34wjo1m35Nkr0DCxRQsYTghofPvjBk1UVLrDRMAQOBVPozN-_FfW37kqY99NHJlePk53bwVeK7juEYEGgS000KKfWSBnGvMAwY1q7oc6UaT_U49m4gbnXWkjvL6VED21NbHilPx5HCYmTWrCrCvv1TZkvrTGDZMmVMBmANgdaIaRSRkc69b7QRm9KXopcR4OmsIZ_ssdGptyf8SBTlqdsI7Gyr7gSfQnB9M4H1l0BV2IWaxSXv3unoz1kguC0X7rQ-uRwX1F-R4lVill9EeAksmDsr14fOegO1UnHaBcIhcXLlf6PrTx0x3T7R0_anZ7ibD8k5kG_IiWgoxDPySZQh5oCFDeZ6FS3GNMKys6fdDDg71aurTv3JxxRlrAaX2ZJjnGniwv06_OofP4JzQp6VYdHpLbrra6p-ANiDdR2Ob10tXlLrHcty7ROgP-Ma_6EDdLEbWuKs8xvqJQEEf2l7Uw9XsuDQUcf9xuCtTPLcIVTWSn4V2oRB0PdycmUQFBF6MsTO5lrC8Fzmjgluv_gBlYzPqXfYgyKRzYn7C8a2paAi185BDUDW9s40FWCpB9UAzxviEz0zrTRc0yCXsjde-j-0KOrr6xSYUrBp9wXzEUuh4GuoK4n_Frn4jMoaruX1SrSDtnZv7CR89yvlqzkDAgUxNlv722g6GMhwHA4fBnMVbQPWc-ucjnXV4SLtH3LeQj2NX6M8FHfspMyAMvxryuYfhF-stiHTcnrqpZc9QqJg5p74kd9bjeXlHZV0zxtQST8EpvbjxOo5WLNCPWYtEDYt_9bXKmBmT9EDsoqa29ofjA6zSXA8XW3zMihSCOp8-uYwr2EOLx-YJseBwkJrdsbGTd7eypleZWZuRhsiKfv32ktmY_bGu0dIx6NNmlb_W5wq5taJJyQDPFEQpOM45J5g5euai-t5Q0VCMjm5fQivobtr8ihwIdEnDsOnmPJmwKXo3r4NdgpayVyLhULxGCxvSfOeimcXnZS8IfN_gywjtMHFKO_8-Ws9sRyfCd0fHbvTkRVE5A15whXumZXzf60_sFm0J4BWL_dEDO9zLV5kSuX2tCRpSCAQSTADICaaNOv7ZwbAgrgAN4pk8yo9QU9CEvY64XgOxMG4_qPqwydgXlDvCQDJCqbqeC218soX7Clxrm5Bu8lG4CQfgN0aCOTANILWcQmUYAWAB&cry=1&bundleId=

Request Chain 248

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1526752/72603768/dcm/dcmads.js?bundleId=www.tuparada.com&ias_dspID=9&ias_campId=bnzq4wb&ias_pubId=pub-2857128171615359&ias_chanId=google&ias_placementId=tcvdzeq&bidurl=www.tuparada.com%2fg&ias_dealId=&adsafe_par&ias_impId=v4~~2853e063-a820-4455-b0c7-7c9c78123ce2&adsafe_url=https%3A%2F%2Fwww.tuparada.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.tuparada.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:b60f373a-32f6-18c1-59ae-417b9babb24c,c:pgpcV2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-j24k2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:5,mot:0,app:0,maw:0,fm:tQU0znx+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1j*.1526752-72603768,idMap:1j*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us.bi,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:26,oid:404d494d-5be1-11ee-8739-ea8889c9152f,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://www.googletagservices.com/dcm/dcmads.js?bundleId=www.tuparada.com

294 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.tuparada.com/g/ 106 KB
20 KB 540ms
257ms Document
text/html 34.232.82.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.82.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-82-202.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: df477a4f62362b375d463d5ff1eb2335b81f01dae04eecda23bca05a081a1dfe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 20471
content-type: text/html; charset=utf-8
date: Mon, 25 Sep 2023 20:22:25 GMT
server: Microsoft-IIS/8.5
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 19:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 19:45:04 GMT

GET
H2 200 normalv2.css
images.info-tuparada.com/css/ 4 KB
2 KB 219ms
27ms Stylesheet
text/css 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.info-tuparada.com/css/normalv2.css
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6296ae462a1d265ba3ecbe45eb840c017b8fa9616a5d1ec51a2f9d77535092d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:41:50 GMT
content-encoding: gzip
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 60037
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 1570
last-modified: Thu, 27 Jan 2022 23:44:32 GMT
server: Microsoft-IIS/8.5
etag: "5af55d5d713d81:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: vxQLmHmjJ1i2DYmDHkjchtiwgSXLsEJlkmoQxGBMNQC7eVRBrR-7VA==

GET
H2 200 bootstrap.min.css
www.tuparada.com/images/bootstrap/css/ 113 KB
26 KB 123ms
122ms Stylesheet
text/css 34.232.82.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tuparada.com/images/bootstrap/css/bootstrap.min.css
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.82.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-82-202.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6db8bd4a23489ea80afba56b589d6857d0ed369655a9726be0cd8a2d190fe1d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/g/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:26 GMT
content-encoding: gzip
last-modified: Tue, 26 Jan 2021 20:11:50 GMT
server: Microsoft-IIS/8.5
etag: "c7c28e7b1ff4d61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 26556

GET
H2 200 bootstrap.min.js Show response
images.info-tuparada.com/bootstrap/js/ 39 KB
15 KB 214ms
22ms Script
application/javascript 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.info-tuparada.com/bootstrap/js/bootstrap.min.js
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 829354af148cbfc5599d37cb6076ff4edf2379aa263b5726a75b5707547c6be5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 09:51:01 GMT
content-encoding: gzip
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 383485
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 14551
last-modified: Tue, 26 Jan 2021 20:11:50 GMT
server: Microsoft-IIS/8.5
etag: "2425917b1ff4d61:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: XCtykE8wzl86ekKNLyUYvloRMKm8qQ-T-MD-is3t40O4rC3tx03TPA==

GET
H2 200 js_funcs.js Show response
images.info-tuparada.com/js/ 11 KB
4 KB 216ms
25ms Script
application/javascript 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.info-tuparada.com/js/js_funcs.js
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3663b1b2e15570e1eb8d9126f275bea9f446106de3f90e5c9942f3db05d6f5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:26:03 GMT
content-encoding: gzip
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 61243
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 3565
last-modified: Tue, 26 Jan 2021 20:12:05 GMT
server: Microsoft-IIS/8.5
etag: "45c89841ff4d61:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: E9zjKDkaBtiq8YFSHbnjamsGK9T_0N93wkw9pew4odzEvdMtMWmKBQ==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 80ms
31ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c84a93bd9c5300c1d75a733958664acf817d565d2ed6a33857582ebc4702beb5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 25 Sep 2023 20:22:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 80ms
33ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2090009-1

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b2c9cba24b22b753cb48f1d7aa04fbe77bf1e6e3d8270184fe8f2b7d12ae142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Sep 2023 20:22:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 162ms
103ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab41654684873a8684f6767a2099516dd4f4b62a7543ec3f47da0721932505a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51284
x-xss-protection: 0
server: cafe
etag: 17826968154267856101
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:22:26 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 73ms
25ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

36f6bceda6d24ba3564911c4d5d05e320ae548b40741dea7e69374af30d725b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tuparada.com/
Origin: https://www.tuparada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Sep 2023 20:22:26 GMT
content-md5: qpC5+tFSy8s+cDJz7SwpGw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1683
x-fb-debug: Zb/kRfIVytHcCDgf94O6yLkO9RCUhC9MrXii/qBXCLPa9olMrJTA5/eLKKmV9dxhnX+VqIR+fCHpwANLUZCC2Q==
x-fb-content-md5: 581b5d95b1a20c4125ed422e94b5a7b6
cross-origin-opener-policy: same-origin-allow-popups
etag: "5959fd296dd71fed4c326cd703440e48"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:29:55 GMT

GET
H2 200 logo-90.jpg
images.info-tuparada.com/images/tp/ 14 KB
15 KB 30ms
19ms Image
image/jpeg 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/images/tp/logo-90.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cc8fafe61d36cb1017a8e4eb0415a00882accc25493760e066225eb1317e77a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:33:17 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Sun, 13 Mar 2022 14:24:14 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 60549
x-powered-by: ASP.NET
etag: "e96754e636d81:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 14626
x-amz-cf-id: mJQ0e4XKKeTnJ5akeyt2O0cQtRdeF6sMiKpCJfc7JGz4Sw56xqDRJw==

GET
H2 200 titulovertarjeta.gif
images.info-tuparada.com/images/tp/ 10 KB
11 KB 47ms
37ms Image
image/gif 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/images/tp/titulovertarjeta.gif
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 307c66df79f9391f37f1a57764091775cccbbb93ac2ebe170a24c2382cebdd97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 15:49:58 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 20:12:03 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 448348
etag: "4a73d831ff4d61:0"
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10658
x-amz-cf-id: TUs1Iq3zPfdWpbmmJVCobxAQtp6jtCG0NB42JP-E73Fgq5euh_PtXQ==

GET
H2 200 31174-1-tarjetas-de-cumpleanos.jpg
cardsimages.info-tuparada.com/3712/ 16 KB
17 KB 232ms
24ms Image
image/jpeg 108.138.7.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cardsimages.info-tuparada.com/3712/31174-1-tarjetas-de-cumpleanos.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-23.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 73946e67ada8207577d53e15397f12a09a281a2fb68223cb6afef9ce3e4b364b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:00:57 GMT
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2015 18:36:44 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P6
age: 48089
x-powered-by: ASP.NET
etag: "063bffaddad01:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 16557
x-amz-cf-id: hMePaKG-uBhLOsdu2WFdK3zHpX-YolLeLjxE0MieQ4yZZ1F3ARoTOQ==

GET
H2 200 31131-1-imagenes-y-fotos-para-compartir.jpg
cardsimages.info-tuparada.com/3713/ 17 KB
18 KB 235ms
28ms Image
image/jpeg 108.138.7.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cardsimages.info-tuparada.com/3713/31131-1-imagenes-y-fotos-para-compartir.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-23.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bfe33fe93a9e97d0a688943f73d2a257a771e7571187c562ebc9a14fa688e1fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 09:30:14 GMT
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
last-modified: Thu, 13 Aug 2015 01:19:50 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P6
age: 39132
x-powered-by: ASP.NET
etag: "07f512666d5d01:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 17748
x-amz-cf-id: 0QaVk3UKGX3UFUKxkk_tzwqvlmWKrATjHTAOrbJCh3eZXJjpDR-Evg==

GET
H2 200 la-tarjeta-del-dia-responsive-60alto.jpg
images.info-tuparada.com/images/tp/ 16 KB
16 KB 34ms
25ms Image
image/jpeg 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/images/tp/la-tarjeta-del-dia-responsive-60alto.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 27f7e373c525cf7494c695a7a40eb85fc2b5482520ef90482cc4228bd946c82d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 05:30:17 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 20:12:03 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 53529
x-powered-by: ASP.NET
etag: "3bedf821ff4d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 15909
x-amz-cf-id: I3n-ZXqqPqYuoUUV2ar-Aiv6ta2oqupQgfRkUmkvF-Ep80_r1TbtOw==

GET
H2 200 24567-3-riete-de-ti-mismo-nunca-de-los-demas-1.jpg
cardsimages.info-tuparada.com/2128/ 20 KB
20 KB 230ms
24ms Image
image/jpeg 108.138.7.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cardsimages.info-tuparada.com/2128/24567-3-riete-de-ti-mismo-nunca-de-los-demas-1.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-23.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6b3efff1e4e8cbb4b8e897acbcd24b48e71adaf593eeed8b6c9aea80b05337ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 05:47:19 GMT
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
last-modified: Fri, 11 May 2018 20:53:54 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P6
age: 52507
etag: "05d202c6ae9d31:0"
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 20504
x-amz-cf-id: hXRJEcKO2pj-rQCcCgRUCdoVKBom7Bq3qlxsWpxUz1O69QLv_VQkuw==

GET
H2 200 la-frase-del-dia-responsive-60alto.jpg
images.info-tuparada.com/images/tp/ 10 KB
10 KB 30ms
21ms Image
image/jpeg 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/images/tp/la-frase-del-dia-responsive-60alto.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 50196ac4c0e105b7a06c64f4065a1a93bc3e8c90330eb792254cadfec480f7b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 05:11:25 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 20:12:03 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 400261
x-powered-by: ASP.NET
etag: "3bedf821ff4d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10046
x-amz-cf-id: GkuCP54r7C9FdzDy1ddSO1UOPf71k0lQ8bAel7YEAeBZnw54G800xQ==

GET
H2 200 54282-1-prueba-la-version-premium.jpg
cardsimages.info-tuparada.com/4876/ 47 KB
47 KB 233ms
27ms Image
image/jpeg 108.138.7.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cardsimages.info-tuparada.com/4876/54282-1-prueba-la-version-premium.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-23.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7fbd08f34feadcf1f85de276a5826cca59b71b3703e33b6133d09ff1e0e7372c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 06:29:30 GMT
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2017 11:47:26 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P6
age: 49976
x-powered-by: ASP.NET
etag: "e4ea5c194fd31:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 47775
x-amz-cf-id: 1tYObAoGdAXNG75h_BxRsCo_rTbBdhvka6ogFUG4DhNbKbee467mcw==

GET
H2 200 secciones-relacionadas-responsive-60alto.jpg
images.info-tuparada.com/images/tp/ 8 KB
8 KB 42ms
35ms Image
image/jpeg 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/images/tp/secciones-relacionadas-responsive-60alto.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 43aebbac9f9df27133ad9b502aea0664312269d0997835258d1fe0796605cf77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 10:53:21 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 20:12:03 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 552545
x-powered-by: ASP.NET
etag: "cffac831ff4d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7931
x-amz-cf-id: M5EOQdGNnP725GCucTA3cZDP2ve3IHNSS05Y-Hv-jzH5k2S3NxKhXA==

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 118ms
54ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-8160330842069811:jb783g4kfui

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

d0f30d9983904f424910651e423a74d065204b9e3ab7549c9e8167a6fad50c08

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-pUohFgfj9O4GSJAQ6rhyKg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-pUohFgfj9O4GSJAQ6rhyKg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Mon, 25 Sep 2023 20:22:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2994
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Mon, 25 Sep 2023 20:22:26 GMT

GET
H2 200 Newsletter-de-tuparada-com.jpg
images.info-tuparada.com/images/tp/ 3 KB
3 KB 33ms
26ms Image
image/jpeg 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/images/tp/Newsletter-de-tuparada-com.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fe7b01b614fc55d5ca5d6c896e154f0e7d89622e482ce24bbed7f87d1f84f42b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:33:17 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 20:12:02 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 60549
x-powered-by: ASP.NET
etag: "59694c821ff4d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2598
x-amz-cf-id: GwM2jlgKTteSfUZ4y-hSkY3CPkmr3WvP9oqa_n_4SgQIRVrDadPfNA==

GET
H2 200 facebook-icono-sitio.jpg
images.info-tuparada.com/ 2 KB
2 KB 34ms
27ms Image
image/jpeg 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/facebook-icono-sitio.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f7574614ebc5bbce56884c092ec3947d0ce027881121478dc5b50facbb434acc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 05:44:43 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 20:11:51 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 53529
x-powered-by: ASP.NET
etag: "b923b07b1ff4d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2090
x-amz-cf-id: 2YUAc5n-nJ4MVNLtvrT2LS4eBymp08cVj59ruM0meTuHWbgumvfJBg==

GET
H2 200 instagram-icono-31x31.jpg
images.info-tuparada.com/ 3 KB
4 KB 34ms
27ms Image
image/jpeg 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/instagram-icono-31x31.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9dd7db54b532c521659bb7f82a4c29a0472adc0b6fff109787d806df0324b99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 04:14:52 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 20:12:05 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 60245
x-powered-by: ASP.NET
etag: "7bbd7a841ff4d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3264
x-amz-cf-id: uhWpXduKBHBJzxhpHtMowiuIruZ8pTjHFekCvGQvA5EG0a_FowFsMA==

GET
H2 200 recibir-el-newsletter-31x31.jpg
images.info-tuparada.com/ 2 KB
2 KB 41ms
35ms Image
image/jpeg 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/recibir-el-newsletter-31x31.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e2e31726decc6257e2805d12245f332a1761d5757d4aec270712943bf33560f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 05:44:43 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 20:12:06 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 53529
x-powered-by: ASP.NET
etag: "7a44a3841ff4d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1607
x-amz-cf-id: Pg8uvbwDQ7zTo_kq11L6vL7JWA1QW32AeilpxutxzI9_ioyhgqR2mA==

GET
H2 200 youtube-icono-31x31.jpg
images.info-tuparada.com/ 2 KB
2 KB 44ms
38ms Image
image/jpeg 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/youtube-icono-31x31.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 199f319a16283638c5a5ab897eda2c4120737b45109c5013a658afeaeefefc65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 19:35:34 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 20:12:06 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 89212
x-powered-by: ASP.NET
etag: "98e1e851ff4d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2039
x-amz-cf-id: 24h-3mIIo44GPhex-TWvBIgOwaikpRyl_wheONQKGuFAUvl8reYHBg==

GET
H2 200 twitter-icono-sitio.jpg
images.info-tuparada.com/ 2 KB
2 KB 43ms
38ms Image
image/jpeg 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/twitter-icono-sitio.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b1d38f31cd91ab187ba3ea0f6a99cebb2af453b79185ded461a025aea419b46d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 14:15:49 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 20:12:06 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 194797
x-powered-by: ASP.NET
etag: "29c78851ff4d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2171
x-amz-cf-id: juKWSoE8GVc4nnXniQuLntT1v-vwCAVkf0Q62JTln68yHF-q7LMQFA==

GET
H2 200 tiktok-31x31.png
images.info-tuparada.com/ 3 KB
3 KB 46ms
41ms Image
image/png 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/tiktok-31x31.png
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7b79f1e2b4aaf1363e2003e23fd38287a1c9200b6cdc77dfd22313c632296eb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 05:30:18 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Thu, 01 Dec 2022 21:53:14 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 53528
x-powered-by: ASP.NET
etag: "10676850cf5d91:0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2569
x-amz-cf-id: sGSWFbee5VUTq2SzNqsSNaPOtgY1rgXC8p6S22yCdMIv0IJ2h4klzA==

GET
H2 200 logoedveF.gif
images.info-tuparada.com/ 3 KB
4 KB 47ms
42ms Image
image/gif 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/logoedveF.gif
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 471c079b3de1074c5ca4f52efab4bd97eaa947e842cb57792bd0296957854bd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:33:17 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 20:12:05 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 60549
x-powered-by: ASP.NET
etag: "913290841ff4d61:0"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3382
x-amz-cf-id: 7AZViKSUrgb_U5kbRmRRvvgW14dcxR7qb_Gc14FjlLasUiLbDNNjnQ==

GET
H2 200 pagos-con-tarjeta-de-credito-online.jpg
images.info-tuparada.com/ 20 KB
21 KB 45ms
40ms Image
image/jpeg 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/pagos-con-tarjeta-de-credito-online.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8478191b654f6d73d151d24c2240564dedddcd5d4f2887574222fab96ab47591

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:35:38 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 20:12:05 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 197332
x-powered-by: ASP.NET
etag: "fcbb99841ff4d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 20806
x-amz-cf-id: qZoRs1x0qfK3ZYeVNyRlyAyGc2WQoEYo54KTAFQfPjcKvpShYXx0XA==

GET
H2 200 logo_dnpdp_nuevo_200px-w.jpg
images.info-tuparada.com/ 6 KB
7 KB 47ms
43ms Image
image/jpeg 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/logo_dnpdp_nuevo_200px-w.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a7fb964b751bb87481d19a41ce4dbd2456e564ee230860aa1bc27e9db45ca2e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:39:32 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 20:12:05 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 430974
x-powered-by: ASP.NET
etag: "3d18d841ff4d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6401
x-amz-cf-id: 3mV8mUR5AVaLAXI4LXkPD9f8LK5UU7mG8pnTH5_oekEx0SwZMBhOig==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 98 KB
29 KB 137ms
86ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dae63a0efb7d118b798eedcbdea2061bd12353d21b1a5a135e24ad248a62995a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29300
x-xss-protection: 0
server: cafe
etag: 265 / 19625 / 31078107 / config-hash: 2120668318649748813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:22:26 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 255 KB
63 KB 97ms
27ms Script
application/javascript 18.239.16.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.16.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-16-130.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:15:31 GMT
content-encoding: gzip
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 215e4a16b9afcb599baed4231992f516.cloudfront.net (CloudFront)
last-modified: Thu, 21 Sep 2023 19:18:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P6
age: 416
x-amz-server-side-encryption: AES256
etag: W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: -E-ijVOupeocx7TGiF6CWUVXNj6eJqp8Ksu4ZfrGaI7XYUmQhXUwqg==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 76ms
19ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 20:22:26 GMT
Content-Encoding: gzip
Age: 1037
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/67C1)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 glyphicons-halflings-regular.woff2
www.tuparada.com/images/bootstrap/fonts/ 18 KB
18 KB 122ms
121ms Font
application/font-woff2 34.232.82.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tuparada.com/images/bootstrap/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/images/bootstrap/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.82.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-82-202.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://www.tuparada.com/images/bootstrap/css/bootstrap.min.css
Origin: https://www.tuparada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:26 GMT
last-modified: Tue, 26 Jan 2021 20:11:50 GMT
server: Microsoft-IIS/8.5
etag: "2425917b1ff4d61:0"
x-powered-by: ASP.NET
content-type: application/font-woff2
cache-control: max-age=604800
accept-ranges: bytes
content-length: 18028

GET
H2 200 fondo-globos-estrellas-1920x400.jpg
images.info-tuparada.com/bgimages/ 83 KB
83 KB 27ms
26ms Image
image/jpeg 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.info-tuparada.com/bgimages/fondo-globos-estrellas-1920x400.jpg
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 29663627685c689e9f6af033713e4684ec16fcab238068c914b9251c79bc949b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:58:22 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Thu, 04 Nov 2021 21:30:49 GMT
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA56-P4
age: 469444
etag: "f8e2813cc3d1d71:0"
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 84744
x-amz-cf-id: qHbHNHdnfJTVbj2riJdPzYR8PtAJysfWfaSulinmP-rZtN4usGV5bA==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ 456 KB
184 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tuparada.com/
Origin: https://www.tuparada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187854
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 07:24:05 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4a6c8eabbd4ce589bc3f9bc3b3b07ec2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b52af2e1b56c9aa15115a27fd2f561388f5050d59c2469601c6d06c04e7ad24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tuparada.com/
Origin: https://www.tuparada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Sep 2023 20:22:26 GMT
content-md5: CVfT3vBxx4TNh6LWbEJAjA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88121
x-fb-debug: 9gThYkdqRveBfjskyWVWoQwjy58ScZW/U7Y2ZijZ7iVlptZam2k1h90INzRAcg/6QkTXFIA7NZZ9foVuMlbdQw==
x-fb-content-md5: 455be49bce55ddc265d93b953367f924
cross-origin-opener-policy: same-origin-allow-popups
etag: "b2d7708044dc94759b72cecf9dae0e52"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 24 Sep 2024 19:27:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8Z10T12ZTZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2090009-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87e800b0470bc833c0b5127362391a3cfd9ed10e7fa816af04c6cae9d1b1917c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90017
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Sep 2023 20:22:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 64ms
18ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2090009-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Sep 2023 19:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2285
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 25 Sep 2023 21:44:21 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame C277 320 KB
104 KB 19ms
19ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.tuparada.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.tuparada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3425284
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Mon, 25 Sep 2023 20:22:26 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 cse_element__es.js Show response
www.google.com/cse/static/element/e992cd4de3c7044f/ 310 KB
103 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__es.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8160330842069811:jb783g4kfui

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6673bda617d623cb34b5325401660ab4b319a3305027dbb788ac20ea320d42ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105452
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 25 Sep 2023 20:22:26 GMT

GET
H2 200 default+es.css
www.google.com/cse/static/element/e992cd4de3c7044f/ 41 KB
9 KB 57ms
56ms Stylesheet
text/css 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/default+es.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8160330842069811:jb783g4kfui

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 25 Sep 2023 20:22:26 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
5 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8160330842069811:jb783g4kfui

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 19:56:15 GMT
x-content-type-options: nosniff
age: 1571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4495
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 25 Sep 2023 20:46:15 GMT

GET
H2 200 f5b5c94d-b3f2-4155-9fb0-e816e76304e7 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
814 B 123ms
25ms Script
application/javascript 18.238.243.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/f5b5c94d-b3f2-4155-9fb0-e816e76304e7
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-129.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6713f5d8ad02be50dde6a3a9b63817409d81be94fbfcd47911aad23dabc76acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 19:37:54 GMT
via: 1.1 5ca3eb318b3d637b6c83037daa75f174.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
age: 2672
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: JqMA2SHXobNmXfdmApS0qjdhoX0l9IVHwTt7lKsnnLQwfvZSYPKpIA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 24ms
24ms XHR
text/plain 18.239.16.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.tuparada.com&pubid=f5b5c94d-b3f2-4155-9fb0-e816e76304e7
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.16.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-16-130.ams58.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:10:23 GMT
via: 1.1 215e4a16b9afcb599baed4231992f516.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P6
age: 722
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.tuparada.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: CtOtqvPGz8VA-ChB4j4x1-xBQ5rsjAuMBZCohmkpOQul8V3dKwhR8Q==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 146ms
59ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&pid=UeC8x7q1dhj5A&cb=0&ws=1600x1200&v=23.919.1525&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1460686499781-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F1032400%2F728x90-top-tuparada-tarjetas-y-regalos%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1487596533596-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F1032400%2F970x250-Top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1507842976169-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1032400%2F336x280-Top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1599225195907-0%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1032400%2F300x600-Top-Premium-Fijo-Vertical%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1460685937409-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1032400%2F300x250-Top-2-Tuparada-tarjetas-regalos%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1460686042296-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1032400%2F300x250-Top-3-Tuparada-Ecards-felicidades-fechas-importantes%22%7D%5D&pubid=f5b5c94d-b3f2-4155-9fb0-e816e76304e7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:26 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 033f456f54ceb7135f57b018b334dfdc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: WNSRC3BYNJ5RM4N60YGS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.tuparada.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: JpKD4D3k9B6L0TcXNzwa5wQxg0FHi_WmqoNvvCKZfFttCyZZ5yXttA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 75ms
25ms XHR
application/javascript 18.239.16.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.16.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-16-130.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 32301bfd0e3b06c528ccd8abdb13411e.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 20:19:39 GMT
x-amz-cf-pop: AMS58-P6
age: 58918
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: mt852L_ocLpQQ_Nd0QgPQfVRSUYJsRZ8wF9zSgIwaDE-Q0Vgw_h4aw==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame C277 869 B
659 B 173ms
124ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=b6788e4189c9fb63c7e200054dc1944899be5aed

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.tuparada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-response-time: 103
date: Mon, 25 Sep 2023 20:22:26 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 25 Sep 2023 20:22:26 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 848c35966aaff9b5
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: e7347be70fd02a293e06e7dfd2625b6b7a48bf8e4b0a930b825630026621379b
content-length: 337

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/ 409 KB
130 KB 64ms
18ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 15:49:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132106
x-xss-protection: 0
server: cafe
etag: 17184539905708832606
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 24 Sep 2024 15:49:03 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CE8A 52 KB
29 KB 44ms
43ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZf9QZAAAAAKpkWGh4u1nnIkSPxUPzdzGiUJGx&co=aHR0cHM6Ly93d3cudHVwYXJhZGEuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=tr0871qzmqam

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3114a2497ebc7e6183f2d4bf7562b933707802aefd7f9fba33d9818433257fcb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Axyj88UH-einTc4p4fDhlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tuparada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Axyj88UH-einTc4p4fDhlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309200101/ 378 KB
128 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8160330842069811&plah=www.tuparada.com&bust=31078087

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9def04dc3bfe27be26fc2952951a37202208cbab34b83985108213e10f2bb7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131313
x-xss-protection: 0
server: cafe
etag: 1019184951293653204
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:22:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230921/r20190131/ Frame A10E 10 KB
5 KB 64ms
19ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230921/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tuparada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 06:54:05 GMT
etag: 2603938475786422795
expires: Mon, 09 Oct 2023 06:54:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 83ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8Z10T12ZTZ&gtm=45je39k2&_p=1854975860&cid=105045324.1695673347&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1695673346&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&dt=Tarjetas%2C%20postales%2C%20fiestas%2C%20feliz%20d%C3%ADa%2C%20tarjetas%20para%20m%C3%B3viles&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8Z10T12ZTZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 26ms
26ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1854975860&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&ul=en-us&de=UTF-8&dt=Tarjetas%2C%20postales%2C%20fiestas%2C%20feliz%20d%C3%ADa%2C%20tarjetas%20para%20m%C3%B3viles&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1967362115&gjid=776244930&cid=105045324.1695673347&tid=UA-2090009-1&_gid=805737017.1695673347&_r=1&gtm=457e39k2&jsscut=1&z=1761320213

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuparada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 144 KB
53 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__es.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30c64f47498bf0f2a5aa2335b5d45d5e374f23c97dc87b0434a60127ad0cf87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "10072531957304897626"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://afs.googlesyndication.com>; rel="preconnect"
expires: Mon, 25 Sep 2023 20:22:26 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 20ms
19ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/e992cd4de3c7044f/default+es.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/e992cd4de3c7044f/default+es.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:25:37 GMT
x-content-type-options: nosniff
age: 277009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 21 Sep 2024 15:25:37 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/es/ 1 KB
1 KB 20ms
20ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/es/branding.png

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6034e5ee0510f90b538cb59205702151396dda15fc431432b7fc95e4ecde8886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 22:22:31 GMT
x-content-type-options: nosniff
age: 251995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1404
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 21 Sep 2024 22:22:31 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 82ms
20ms Image
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame CE8A 55 KB
24 KB 65ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZf9QZAAAAAKpkWGh4u1nnIkSPxUPzdzGiUJGx&co=aHR0cHM6Ly93d3cudHVwYXJhZGEuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=tr0871qzmqam

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 12:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 12:39:43 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame CE8A 456 KB
184 KB 74ms
31ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187854
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 07:24:05 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 113 KB
44 KB 1869ms
1866ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=43686703042046&correlator=76528260878718&eid=31077098%2C31078140%2C31078107%2C31077190&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=1032400%2C970x250-Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695673346894&lmt=1695666146&adxs=230&adys=117&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&vis=1&psz=1140x0&msz=1140x0&fws=4&ohw=1140&ga_vid=105045324.1695673347&ga_sid=1695673347&ga_hid=1854975860&ga_fc=true&dlt=1695673346125&idt=657&prev_scp=amznbid%3D2%26amznp%3D2&adks=4267403520&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48dd6292b5052bbc9f5e30255c0e56ae6e8d4e641084f8485124384f5eabd897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44629
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 2486ms
2483ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=43686703042046&correlator=76528260878718&eid=31077098%2C31078140%2C31078107%2C31077190&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=1032400%2C300x600-Top-Premium-Fijo-Vertical&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C300x250%7C336x280%7C300x600&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695673346902&lmt=1695666146&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=105045324.1695673347&ga_sid=1695673347&ga_hid=1854975860&ga_fc=true&dlt=1695673346125&idt=657&prev_scp=amznbid%3D2%26amznp%3D2&adks=2216675861&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daeaa72cdd2874079fd566c7618e9ea47094015ef9a9c7670aaa80ec9ecbaf87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24090
x-xss-protection: 0
google-lineitem-id: 5390271971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138256602736
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 1554ms
1552ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=43686703042046&correlator=76528260878718&eid=31077098%2C31078140%2C31078107%2C31077190&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=1032400%2C336x280-Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695673346905&lmt=1695666146&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=105045324.1695673347&ga_sid=1695673347&ga_hid=1854975860&ga_fc=true&dlt=1695673346125&idt=657&prev_scp=amznbid%3D2%26amznp%3D2&adks=1169543229&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efdf730ce29f25e9e0da2f6ecf02c71a5a856367cb5aa7ecc05a62af7555ebaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24017
x-xss-protection: 0
google-lineitem-id: 24312600
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138307969048
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
15 KB 2727ms
2724ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=43686703042046&correlator=76528260878718&eid=31077098%2C31078140%2C31078107%2C31077190&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=1032400%2C300x250-Top-2-Tuparada-tarjetas-regalos&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695673346906&lmt=1695666146&adxs=1021&adys=916&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&vis=1&psz=338x0&msz=338x0&fws=4&ohw=338&ga_vid=105045324.1695673347&ga_sid=1695673347&ga_hid=1854975860&ga_fc=true&dlt=1695673346125&idt=657&prev_scp=amznbid%3D2%26amznp%3D2&adks=587705439&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acac5ecdb15a1aa3e5c1c13b57b868cd9a11551d8dd3b5b5bc6d5d72c00dd1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 1444ms
1442ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=43686703042046&correlator=76528260878718&eid=31077098%2C31078140%2C31078107%2C31077190&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=1032400%2C300x250-Top-3-Tuparada-Ecards-felicidades-fechas-importantes&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695673346909&lmt=1695666146&adxs=241&adys=916&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&vis=1&psz=338x0&msz=338x0&fws=4&ohw=338&ga_vid=105045324.1695673347&ga_sid=1695673347&ga_hid=1854975860&ga_fc=true&dlt=1695673346125&idt=657&prev_scp=amznbid%3D2%26amznp%3D2&adks=1989840955&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68558426bd8a34e30200dd7af8f729b85f1262c5888e076f7ecc2b6edf924a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9589
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
12 KB 2126ms
2124ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=43686703042046&correlator=76528260878718&eid=31077098%2C31078140%2C31078107%2C31077190&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=1032400%2C160x600-Top-Tuparada-tarjetas-regalos&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600%7C160x600&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695673346911&lmt=1695666146&adxs=1205&adys=336&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&vis=1&psz=165x0&msz=165x0&fws=4&ohw=165&ga_vid=105045324.1695673347&ga_sid=1695673347&ga_hid=1854975860&ga_fc=true&dlt=1695673346125&idt=657&adks=3645640441&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8cbdf1718ed0b5092779bec6c462431a76b44ffcbb7a07ad79554abcb326c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12478
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 3088ms
3086ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=43686703042046&correlator=76528260878718&eid=31077098%2C31078140%2C31078107%2C31077190&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=1032400%2C300x250-Central-1-Tuparada-Ecards-felicidades-dias-especiales&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695673346913&lmt=1695666146&adxs=241&adys=1832&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&vis=1&psz=338x0&msz=338x0&fws=4&ohw=338&ga_vid=105045324.1695673347&ga_sid=1695673347&ga_hid=1854975860&ga_fc=true&dlt=1695673346125&idt=657&adks=3155062717&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d985c937f5850f04011968127d8fa65b2e22d5b0b754f89688003765cc982210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24252
x-xss-protection: 0
google-lineitem-id: 24312240
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138385533933
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 3076ms
3075ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=43686703042046&correlator=76528260878718&eid=31077098%2C31078140%2C31078107%2C31077190&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=1032400%2C728x90-Central-Tuparada-Tarjetas-y-regalos&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C580x400%7C970x250%7C970x90%7C336x280&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695673346915&lmt=1695666146&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=105045324.1695673347&ga_sid=1695673347&ga_hid=1854975860&ga_fc=true&dlt=1695673346125&idt=657&adks=3857311086&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27b6bedfdd4260821bc189221a92cf79a9a35434a24b48b3cd966d4e9bce4e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24231
x-xss-protection: 0
google-lineitem-id: 24313440
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 7386951360
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
24 KB 3085ms
3084ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=43686703042046&correlator=76528260878718&eid=31077098%2C31078140%2C31078107%2C31077190&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=1032400%2C300x250-Central-2-Tuparada-ecards-felicidades-fechas-importantes&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695673346917&lmt=1695666146&adxs=1021&adys=1832&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&vis=1&psz=338x0&msz=338x0&fws=4&ohw=338&ga_vid=105045324.1695673347&ga_sid=1695673347&ga_hid=1854975860&ga_fc=true&dlt=1695673346125&idt=657&adks=1944697268&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc3c5fe1bf0261bb89e8b3457c925af47ade3fe547648a7c4d86bcf7bd9f4c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24253
x-xss-protection: 0
google-lineitem-id: 29719800
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138218275411
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 2958ms
2957ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=43686703042046&correlator=76528260878718&eid=31077098%2C31078140%2C31078107%2C31077190&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=1032400%2C970x250-Central-Nuevo&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250%7C580x400%7C336x280%7C970x90&ifi=11&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695673346919&lmt=1695666146&adxs=230&adys=2295&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&vis=1&psz=1140x0&msz=1140x0&fws=4&ohw=1140&ga_vid=105045324.1695673347&ga_sid=1695673347&ga_hid=1854975860&ga_fc=true&dlt=1695673346125&idt=657&adks=3220834716&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3d96dc07b5f1b1902a33e493b3b8d6ec60b397ae85de324100dbca5f1f12826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15202
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D545 6 KB
3 KB 132ms
54ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tuparada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:27 GMT
expires: Tue, 24 Sep 2024 20:22:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 80ms
26ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2090009-1&cid=105045324.1695673347&jid=1967362115&gjid=776244930&_gid=805737017.1695673347&_u=YADAAUAAAAAAACAAI~&z=562965749

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuparada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 25 Sep 2023 20:22:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-8160330842069811 Show response
fundingchoicesmessages.google.com/i/ 157 KB
52 KB 126ms
53ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8160330842069811?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8160330842069811&plah=www.tuparada.com&bust=31078087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d68864cfeb2d5b353b7417efe9b8e08efbdfc71693d840f4c6adb89805a8af5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-cDEKP_MeLEZGmLt_szic5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-cDEKP_MeLEZGmLt_szic5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 56ms
56ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2090009-1&cid=105045324.1695673347&jid=1967362115&_u=YADAAUAAAAAAACAAI~&z=1513290411

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 88ms
43ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2090009-1&cid=105045324.1695673347&jid=1967362115&_u=YADAAUAAAAAAACAAI~&z=1513290411

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CE8A 102 B
135 B 28ms
27ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZf9QZAAAAAKpkWGh4u1nnIkSPxUPzdzGiUJGx&co=aHR0cHM6Ly93d3cudHVwYXJhZGEuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=tr0871qzmqam
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 25 Sep 2023 20:22:27 GMT

GET
H2 200 AGSKWxViRSq6bigmx6c3bQMtQNWiY9i-jZ2DX807VZLbewSsQ9Q8O537-FyOxfmUoJEHcWhr3UR7zPMIzLXtaAbs1wh6fi8pL8jqA6D_pLUpNoDDe6CVqFkFggIiR2CbEWemWM9KyPtarg== Show response
fundingchoicesmessages.google.com/f/ 1 MB
114 KB 207ms
206ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxViRSq6bigmx6c3bQMtQNWiY9i-jZ2DX807VZLbewSsQ9Q8O537-FyOxfmUoJEHcWhr3UR7zPMIzLXtaAbs1wh6fi8pL8jqA6D_pLUpNoDDe6CVqFkFggIiR2CbEWemWM9KyPtarg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1NjczMzQ3LDE5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudHVwYXJhZGEuY29tL2cvIixudWxsLFtbOCwia2xwYlp4U2F4TUkiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjEiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.klpbZxSaxMI.es5.O/d=1/rs=AJlcJMy0b7NKyXKoqYCox9jlrmwP71islA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ad204625ce878839e0f095837614fbb4b709e54fb5612e118a3f03625e65688

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6WfZypFNcxTWUua4tjg7AQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-6WfZypFNcxTWUua4tjg7AQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 0BA6 7 KB
1 KB 32ms
31ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6LdZf9QZAAAAAKpkWGh4u1nnIkSPxUPzdzGiUJGx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c6b247ba42d4b25c661fe98fae2bb47918c261237e984240eb041b66e391716

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ShI48a-CQ9AAMDpEUo89cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tuparada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ShI48a-CQ9AAMDpEUo89cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 0BA6 55 KB
24 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6LdZf9QZAAAAAKpkWGh4u1nnIkSPxUPzdzGiUJGx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 12:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 12:39:43 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 0BA6 456 KB
184 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6LdZf9QZAAAAAKpkWGh4u1nnIkSPxUPzdzGiUJGx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187854
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 07:24:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 69 KB
4 KB 82ms
37ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.klpbZxSaxMI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy0b7NKyXKoqYCox9jlrmwP71islA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cad1c8be3f8f84a05361f5b560fbd93895541c6da9de09b995ee742f0b4c6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Sep 2023 20:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:22:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Sep 2023 20:22:27 GMT

GET
H2 200 cAMWGv1wOoGD86TVvP3uEMfZfkrlGO8AI1FPgKvGvzSkZg8aJ62denYLrHnK20G_HWLRe99mRlP_eG3cllyVap6AbfTU6unch7lO8w31uAeOwck4c7kCrQ=h60
lh3.googleusercontent.com/ 5 KB
5 KB 71ms
20ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/cAMWGv1wOoGD86TVvP3uEMfZfkrlGO8AI1FPgKvGvzSkZg8aJ62denYLrHnK20G_HWLRe99mRlP_eG3cllyVap6AbfTU6unch7lO8w31uAeOwck4c7kCrQ=h60

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fcd2770104538d9a72e4b531910cd21294f03ae69bcd03f05ec0f6a1c2888d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 19:48:38 GMT
x-content-type-options: nosniff
age: 2029
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4863
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 26 Sep 2023 19:48:38 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 65ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tuparada.com/
Origin: https://www.tuparada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:56:40 GMT
x-content-type-options: nosniff
age: 555947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2024 09:56:40 GMT

POST
H3 204 AGSKWxWQY5g6UEId8pmEk2IsVYI_vYxEge9SXBzNzANiGR_XmMeU2e4LeTlAfYBTLoqrj7wZA9noNfHM8i6tvNxxGJTeJLxyjeopgr4NlBKCPYdR-Y-KQ6-lWcAGxyw-o538yQDS1reTzQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 73ms
34ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWQY5g6UEId8pmEk2IsVYI_vYxEge9SXBzNzANiGR_XmMeU2e4LeTlAfYBTLoqrj7wZA9noNfHM8i6tvNxxGJTeJLxyjeopgr4NlBKCPYdR-Y-KQ6-lWcAGxyw-o538yQDS1reTzQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NK2MBqmRBVYa2pPLXB6bUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tuparada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 20:22:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NK2MBqmRBVYa2pPLXB6bUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.tuparada.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 63ms
63ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tuparada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 18:17:53 GMT
x-content-type-options: nosniff
age: 353074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 18:17:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 124ms
81ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309210101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f4e6b7e02a840c14163faf29010f6eacb3aa3f6aa736f56120467254a0146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12098
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 132ms
76ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 20:22:27 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D3F 13 KB
5 KB 24ms
20ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tuparada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 11:42:32 GMT
expires: Tue, 24 Sep 2024 11:42:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6A95 829 B
562 B 30ms
29ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36cb84d4761fdaee0b7ce2bc57110dedaf05a54762ff59140cb1e0c9d26fe4d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RTh0MDXKWL29Iel6jvGykQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tuparada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RTh0MDXKWL29Iel6jvGykQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:28 GMT
expires: Mon, 25 Sep 2023 20:22:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6A95 0
0 53ms
52ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309210101&jk=43686703042046&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D3F 37 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 17:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 17:07:51 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6D3F 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?P1APmw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C607 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tuparada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:27 GMT
expires: Tue, 24 Sep 2024 20:22:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5A2F 624 B
537 B 108ms
106ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXEvbKuOfvP1IhppCu2N0B_y0AY4JXuUjdLMWwXPnDw0sW6JtkDHQ9V9QjQggvIxOoqA7YChNRUe8UJDfnwMQFB6wmoJEwQGUMtg44UgNly82gGzce7ydy4G3BaxeaEyURelQ2xUl6omEOV1NGfFuiLkB2UIr4Cuy7uvrzaoIFiO0o5W2M

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:28 GMT
expires: Mon, 25 Sep 2023 20:22:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C607 89 KB
31 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:22:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C607 42 B
63 B 55ms
53ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C47WyZVslLMDEFizjrd_xhguZbVA5a__NIbb53DRXDOvQqED2GL02nlB4QyUNtJFvocx4_fKnhMY8DT4DVdylLm7M0GibbKnHpTzrbu_JYwmzNmyw

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C607 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9101015457627575599&x=1&ct=76

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame C607 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame C607 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C607 182 KB
57 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:22:28 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5A2F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1

43 B
341 B

43ms
43ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXEvbKuOfvP1IhppCu2N0B_y0AY4JXuUjdLMWwXPnDw0sW6JtkDHQ9V9QjQggvIxOoqA7YChNRUe8UJDfnwMQFB6wmoJEwQGUMtg44UgNly82gGzce7ydy4G3BaxeaEyURelQ2xUl6omEOV1NGfFuiLkB2UIr4Cuy7uvrzaoIFiO0o5W2M
Protocol: H2
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FgMaj0J8hlA0cjjpL27x%2B%2BNsSNiwXn%2BozaXCdDA1dJEKH9oM2Qmjnl4SVclWHbhheAUPviAsi4oPEYaRACE4qYAlFZoUZD7QWzcm4rymC4LhjnemKx%2B%2BrzP%2FskqDEJrKBcV5KF1iXAcDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c5fabd09fd37d1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5A2F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRHsBFe2foZVV0R7gnCt8AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1

43 B
323 B

35ms
35ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXEvbKuOfvP1IhppCu2N0B_y0AY4JXuUjdLMWwXPnDw0sW6JtkDHQ9V9QjQggvIxOoqA7YChNRUe8UJDfnwMQFB6wmoJEwQGUMtg44UgNly82gGzce7ydy4G3BaxeaEyURelQ2xUl6omEOV1NGfFuiLkB2UIr4Cuy7uvrzaoIFiO0o5W2M
Protocol: H2
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7BYe2AA3S4SqWvj9MeMthj8H1caJ0RBCa81Hx0MmLEFFnFtJRGnp%2BavwJjaTzNE6Cbq3u86tYJYDZB8bXB4OkSlgT3t1Juk6AiO45Zs86eDxGD3ytYgbQc1GugD1ME4Ym6ezY0c%2FVuGNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c5fabd8a9b37d1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 5A2F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOB6Cw_jpUM6xl8URRjMm5Y&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOB6Cw_jpUM6xl8URRjMm5Y%26google_cver%3D1

43 B
891 B

37ms
37ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOB6Cw_jpUM6xl8URRjMm5Y%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXEvbKuOfvP1IhppCu2N0B_y0AY4JXuUjdLMWwXPnDw0sW6JtkDHQ9V9QjQggvIxOoqA7YChNRUe8UJDfnwMQFB6wmoJEwQGUMtg44UgNly82gGzce7ydy4G3BaxeaEyURelQ2xUl6omEOV1NGfFuiLkB2UIr4Cuy7uvrzaoIFiO0o5W2M

Protocol

Server

185.89.210.101 , Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
an-x-request-uuid: cd711a5c-2f4e-40c4-a886-9f985118c27b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.131; 217.114.215.131; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
an-x-request-uuid: 6b2d6847-fa35-40f2-a680-144eed1d08ed
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOB6Cw_jpUM6xl8URRjMm5Y%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.131; 217.114.215.131; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A2F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDgyNDA0MTI4OTUzOTU5OA%3D%3D

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDgyNDA0MTI4OTUzOTU5OA%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
an-x-request-uuid: 8f959a4f-1aea-46c4-876a-04a4a3852ae9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDgyNDA0MTI4OTUzOTU5OA%3D%3D
x-proxy-origin: 217.114.215.131; 217.114.215.131; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C607 0
20 B 53ms
52ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6385715469970&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C607 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6385715469970&version=m202309120101&ct=76&x=1&cor=9101015457627575000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C607 104 KB
40 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cgz0uU-e1w8DlFbF2BkeVB-WbweUijDtUf1vG5PtoDiw5zV7emcY2xzQn48qMgaT9FJmNhOOpZDpbeWbfuTMmogzrxYbmGgItxfADHKglLlu7GE5Z1QbPyVJuB2Im2MckV8gdSeHcT3K1apl-kEtxQj1Rh2oxrtc7_MtFWg1PsJZS9UzQ&dbm_d=AKAmf-C53BMFjIVpp9OrHRMPBrjW-BL4vc6lEPsTpZnU4G1RTeXz6mYNu6KKHdadwOZ6n_9_7Ts6905kXThEVoIBl3XmD-u0TfM_x3olJa7BgouebLHisHXOYRiQHdpj5vlE9DYUWbTSDrW336Z4NCum1T_MP46ux55Drxd6xPGuQcGU0_d1z6iJB-1n6MjvpETlmGrF8nNSl7YmTmMHJAMY-M-50Z2qanezGSqy16HnqTBAod53M-ouUK8nCVvn57bjUSLMpI135ZveLaC4DUsoZlMy-NuNDo3M1dTmC8_AOSbJk-HSCBmNES_L1hHROektTv7bZ_0DxBfE-heBS7DA2b8kv2hsaBOdp0BRY2gCqK9hlo-CHVsC-GNMWyBeoD1fcXdhGS8lDno2AMnarAe3CYlxrJa8isgjEXZzb48T-8GY5TycO3ueH9hv5pSqBXJMp7IjYpoG9BVH2b4PZi0cJvaXNvEVKMHxtF6qt-Ld9Xq-FesqMCcWWjOpOyfEYGPE5JLvCuJfYPKmWzgI0Ypk1qeQS25bRyT1jw8hvqH9ppjesz1zNBcgswAsDIYb69luJ3UOAhXgKQoK_wWfc-GtpGsPKC1QptTxE__E_8ywhzGtl6gs84db9DFgaQhMIPJNKLrsVi6_RltDoMxK6MEkFe9BhCUSDra10pibcOrjYLmcjbYnqzKkjC614-jEOUKCJHFgpLE2V3eIGkFARmBLfc7me86XsNtbtF0ypVEisrj72xejXr7V_ncRo-dNnTMPUJF2vwCW3HZbJacVl0Y99Jud2bn27kOKATWlZ4WjBxySeFDgzntnTkYSn5rQaH809b7chaZ0tyuvpu0rJY7d8slMYNCLfinTdVu4JkuunEI7oyT3_P6Z6wnnBj7CvQgi7l1wclJs1E9jsdab02SAb371B5sy4hUMMQlww1dDH0YT09C90-Qfv3Xid5C866ayj0GFhXAMKDGn7iQheHZX3TBIGWFJgUIxbuH53KYDFB2C1xMsNlazubFK9FeCTn7O9UwbSpTSqqZOLWf1QgyTuREo-WP132HLGTcvoUk4VrTaHZLBGs8gmo7oWUpD6CGFR2ejeopI2GP3TvGPzleWoWRRu5tgrU1kgm7aXVEWDlmJQSTnSEowdlGHYIHModMGAegiex3nK0Uym0M68YmUsIQNKjT158NgZNptCLHtv6Lay7vNWsOliXq5CR6m15tBEgTXgAcbYeaZR_MbzCKZxnltLgVB0eP4txegc3uesXRm7ukpjjzjjEVAdxZKdPtY3n_X6rRA-N_CvV2XHQuxleVIwBNEtCSI8BbA2VPnpDUf7F5ITPDhdKFShqAgTUSMsveM-J5-TJ_wKo15qUSehfDnbNCKS-xs0o_HiDVd_G61tqij3D1zIIEZrfxxkjsU98UMTUmJfN3je458wjIbQJZZkghiWl-y7hMoQi3VIpSEKkiraaCKqkzDiWDyjG9n4uoGHSZNz6hU1LFgkabBJu7VLCPmQK5r96eevRmLlPtpk7oEmxh5yotdT4F-uG93t2M03o4WmQULPj89ssIBWwjdNWSnM0YX-9DdTwCKxMznONoLBekKwZHcbRfArz7iZWOSGYXLodwd8rnTofjr88EzgJNhJUf6i-5zQY1UrxJE8H6aZZgR3oRciP2RsmZcVn_O_RXXiNmw8XkQwmVUY30TzIVN5UHUWNN60MV_oi-hVT5fCzXGghCkmMFubw0qxkPmerq37Qph59I4Cca5mQsO3HjEQglHJXNxHfotTTQuDfEFXluIiqVYyuJQg8aSvAVgAGcWKY-zEWa0KttMDHxlabCBxvv49c50uq9cdKxCM_2jtnCcEOBV1QIVIHSHp42XyBGCSMEj62510P8MsX3sIoz6R0w85ZpZE30Gzy9GySoA-Z_-BF_Bd8GT5bVIZsU9GpieOfT1aKO1UO8dk2G_wFLxRiIm4bBC554GXLNG2-ioB7bl0LZrh7aNULBDJ45KosFLjrM1epwoIJRDKlWUyunTdM8zMnJsRx4_jcH-oKHeEWUyooqHHZMBJ56ZLABvtlAlmYQfIB14tDEOVSy10p8X1z_-vb3DkwVBxntS4NYDC-sDyTx2G8ZYFCDRgtRWTe237E5stoMaIxlg75A5IeZ2mFiETJo5vSr7bHcdfKfV4U8arIJTQFDMcBAyQzZrM7LO_bnpUnWukAuKCyFxorHsRErMgxt6qDsqWuFDeK_f8htAZjbVlq_sJIoNztgoyDRBhiWWPYJavtARcbOW66ZR9VdClRqNgvgMSLKdgnpg7FVsu--FMNOyK7T4raqjcsD9PmGGdPjFPeKknQBVNfVZ1_HPtm6LRNWjCO0ttBHBvgm5U3ID-qz2d5LgEQVLoNFJobVUe6PRrM8hIt454JGpoK18nBfOTks43MMfH0XA4AGXu1UlOA93YSh0jmbnxD5FJJ6pjuOg30GHRfLbZD27GB_N63AID1lS_Ce9qlDaca-ZtRbaOzOijXwMYoBLhJvh63b_alaao4xXlPMt7Es8TP9iJokRjPDy96MJwaSuaPRGx6EuN8I8xY5sIM5pxnTGI6EQKvWTXkFSlX_WZ57Gmo_Y-dCckmlWbqm699P75tjqhrvLKP9eX90mckhHDPwdYYG1C5MlrUx8pHZ7sDE8vwk_BxxeFftCdoucluCtGqdS6OwV6tBDZkYlTBp2kG13Xe2jBZrtvFKny84gBx7Mup1rDr4NGfluvqr8cGYhYKvskOjovmW8pKE1r8n1U9S7tVlNQh9k9bP-c1sbGjS_l1i6s_Ml3_mm5_tXVrLAjdWJV4R-Wp5QPrCMhARwveH1wjZuFOTxX2NSLb42pY7q_ieuvsZ5aroztMJ6J6H83cyeX2vbqoquGBqhfxkjzMTZvBwMkaAgTu6huj2ORqedqaVaZrTSgIbURIH6eoBft8VPCcvvKLMtWr6LwJ9zB34u8I5TrT2F4aF3_0dCa2VNZgldoXUiHm9K6yS9lBSi6FrwR97ebTxEx_rxqO18j_iDmQVRc7U44Pe23wGg_RsCEGb626rdSOFboKbWRs7UBvBjjJ6i8Ymask7RKOyo8fUcvVvz2n5yviOtxeeeo_MiDPPbZalG6_fNY62mWC6JrXoiPyJG_y2EEtL6pR_AYIPGmtffu-_zv-2fgw8mqNa1XbbiI4NYAEI7jb4JTx7rqMau2XdVMSWyuGPVkMECRCweMRyEHVU7-WxkEMmhFnao_rALB-0gRMIx3M7fgX6lXNq9vAcOkzImIF5vzw0la1lVa6ik5PjFPFR868kYp7-RKTPxdEkP4zodJ1dG8wE09aKCKdprdPvpb0FmPpXK73pNPkU7c9itkXLxES6a090KL145WB7dE7u4OX481okMFeeQ0VUGccGb7-xTVK8Nyi23NB0Uut6oMjk5fUhkw0t6iytVGzlRep6MSSGnSgdSEuQYvfAlvVS4K3WMVSHAWodDJ4FZhukKvkX77oGKAolXFEojQ49tEL0zt50U_j2-r0ubaB4vroiZZLKCHdPZb4vxaTwIQCs13ie2toENmgq0VvIfOSNx_HF9as-U_b60nAKmvMjJRlAczoUp_sRo0l6fKANiY5fbGY6L5t_yzMrWuNDZTguthglwLaIaTXke644&cid=CAQSSwBpAlJWFwzbgYsDjpRjiU2UASJjGdZMSvUVDDT2_eMtpb_hk7zj3mnfcOdMxq-HGMKjCRffUG-ncHmcmRppHxmgq93jsblyLxVQshgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.tuparada.com%2F&ds=l&xdt=1&iif=1&cor=9101015457627575000&adk=2004672170&idt=109&cac=0&dtd=30

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80f810dc535dfb42a9b10b1aaca45b6145fab8c3ebfb9b6a5c134aed8354fada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40697
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame C607 250 KB
75 KB 255ms
94ms Script
application/javascript 63.33.177.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-2857128171615359&ias_chanId=1&ias_placementId=20338656462&bidurl=https://www.tuparada.com/g/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gQhQfLIsVJhAE4xXRumBLW
Requested by: Host: www.tuparada.com
URL: https://www.tuparada.com/g/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.177.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-177-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a6341772407d0bfc4339a7e4f3f039f28d22c6d7d00f3d55d8c74c67597db0e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C607 111 KB
39 KB 120ms
19ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
Origin: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 21:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 21:04:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230921/r20110914/elements/html/ Frame C607 11 KB
4 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230921/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cgz0uU-e1w8DlFbF2BkeVB-WbweUijDtUf1vG5PtoDiw5zV7emcY2xzQn48qMgaT9FJmNhOOpZDpbeWbfuTMmogzrxYbmGgItxfADHKglLlu7GE5Z1QbPyVJuB2Im2MckV8gdSeHcT3K1apl-kEtxQj1Rh2oxrtc7_MtFWg1PsJZS9UzQ&dbm_d=AKAmf-C53BMFjIVpp9OrHRMPBrjW-BL4vc6lEPsTpZnU4G1RTeXz6mYNu6KKHdadwOZ6n_9_7Ts6905kXThEVoIBl3XmD-u0TfM_x3olJa7BgouebLHisHXOYRiQHdpj5vlE9DYUWbTSDrW336Z4NCum1T_MP46ux55Drxd6xPGuQcGU0_d1z6iJB-1n6MjvpETlmGrF8nNSl7YmTmMHJAMY-M-50Z2qanezGSqy16HnqTBAod53M-ouUK8nCVvn57bjUSLMpI135ZveLaC4DUsoZlMy-NuNDo3M1dTmC8_AOSbJk-HSCBmNES_L1hHROektTv7bZ_0DxBfE-heBS7DA2b8kv2hsaBOdp0BRY2gCqK9hlo-CHVsC-GNMWyBeoD1fcXdhGS8lDno2AMnarAe3CYlxrJa8isgjEXZzb48T-8GY5TycO3ueH9hv5pSqBXJMp7IjYpoG9BVH2b4PZi0cJvaXNvEVKMHxtF6qt-Ld9Xq-FesqMCcWWjOpOyfEYGPE5JLvCuJfYPKmWzgI0Ypk1qeQS25bRyT1jw8hvqH9ppjesz1zNBcgswAsDIYb69luJ3UOAhXgKQoK_wWfc-GtpGsPKC1QptTxE__E_8ywhzGtl6gs84db9DFgaQhMIPJNKLrsVi6_RltDoMxK6MEkFe9BhCUSDra10pibcOrjYLmcjbYnqzKkjC614-jEOUKCJHFgpLE2V3eIGkFARmBLfc7me86XsNtbtF0ypVEisrj72xejXr7V_ncRo-dNnTMPUJF2vwCW3HZbJacVl0Y99Jud2bn27kOKATWlZ4WjBxySeFDgzntnTkYSn5rQaH809b7chaZ0tyuvpu0rJY7d8slMYNCLfinTdVu4JkuunEI7oyT3_P6Z6wnnBj7CvQgi7l1wclJs1E9jsdab02SAb371B5sy4hUMMQlww1dDH0YT09C90-Qfv3Xid5C866ayj0GFhXAMKDGn7iQheHZX3TBIGWFJgUIxbuH53KYDFB2C1xMsNlazubFK9FeCTn7O9UwbSpTSqqZOLWf1QgyTuREo-WP132HLGTcvoUk4VrTaHZLBGs8gmo7oWUpD6CGFR2ejeopI2GP3TvGPzleWoWRRu5tgrU1kgm7aXVEWDlmJQSTnSEowdlGHYIHModMGAegiex3nK0Uym0M68YmUsIQNKjT158NgZNptCLHtv6Lay7vNWsOliXq5CR6m15tBEgTXgAcbYeaZR_MbzCKZxnltLgVB0eP4txegc3uesXRm7ukpjjzjjEVAdxZKdPtY3n_X6rRA-N_CvV2XHQuxleVIwBNEtCSI8BbA2VPnpDUf7F5ITPDhdKFShqAgTUSMsveM-J5-TJ_wKo15qUSehfDnbNCKS-xs0o_HiDVd_G61tqij3D1zIIEZrfxxkjsU98UMTUmJfN3je458wjIbQJZZkghiWl-y7hMoQi3VIpSEKkiraaCKqkzDiWDyjG9n4uoGHSZNz6hU1LFgkabBJu7VLCPmQK5r96eevRmLlPtpk7oEmxh5yotdT4F-uG93t2M03o4WmQULPj89ssIBWwjdNWSnM0YX-9DdTwCKxMznONoLBekKwZHcbRfArz7iZWOSGYXLodwd8rnTofjr88EzgJNhJUf6i-5zQY1UrxJE8H6aZZgR3oRciP2RsmZcVn_O_RXXiNmw8XkQwmVUY30TzIVN5UHUWNN60MV_oi-hVT5fCzXGghCkmMFubw0qxkPmerq37Qph59I4Cca5mQsO3HjEQglHJXNxHfotTTQuDfEFXluIiqVYyuJQg8aSvAVgAGcWKY-zEWa0KttMDHxlabCBxvv49c50uq9cdKxCM_2jtnCcEOBV1QIVIHSHp42XyBGCSMEj62510P8MsX3sIoz6R0w85ZpZE30Gzy9GySoA-Z_-BF_Bd8GT5bVIZsU9GpieOfT1aKO1UO8dk2G_wFLxRiIm4bBC554GXLNG2-ioB7bl0LZrh7aNULBDJ45KosFLjrM1epwoIJRDKlWUyunTdM8zMnJsRx4_jcH-oKHeEWUyooqHHZMBJ56ZLABvtlAlmYQfIB14tDEOVSy10p8X1z_-vb3DkwVBxntS4NYDC-sDyTx2G8ZYFCDRgtRWTe237E5stoMaIxlg75A5IeZ2mFiETJo5vSr7bHcdfKfV4U8arIJTQFDMcBAyQzZrM7LO_bnpUnWukAuKCyFxorHsRErMgxt6qDsqWuFDeK_f8htAZjbVlq_sJIoNztgoyDRBhiWWPYJavtARcbOW66ZR9VdClRqNgvgMSLKdgnpg7FVsu--FMNOyK7T4raqjcsD9PmGGdPjFPeKknQBVNfVZ1_HPtm6LRNWjCO0ttBHBvgm5U3ID-qz2d5LgEQVLoNFJobVUe6PRrM8hIt454JGpoK18nBfOTks43MMfH0XA4AGXu1UlOA93YSh0jmbnxD5FJJ6pjuOg30GHRfLbZD27GB_N63AID1lS_Ce9qlDaca-ZtRbaOzOijXwMYoBLhJvh63b_alaao4xXlPMt7Es8TP9iJokRjPDy96MJwaSuaPRGx6EuN8I8xY5sIM5pxnTGI6EQKvWTXkFSlX_WZ57Gmo_Y-dCckmlWbqm699P75tjqhrvLKP9eX90mckhHDPwdYYG1C5MlrUx8pHZ7sDE8vwk_BxxeFftCdoucluCtGqdS6OwV6tBDZkYlTBp2kG13Xe2jBZrtvFKny84gBx7Mup1rDr4NGfluvqr8cGYhYKvskOjovmW8pKE1r8n1U9S7tVlNQh9k9bP-c1sbGjS_l1i6s_Ml3_mm5_tXVrLAjdWJV4R-Wp5QPrCMhARwveH1wjZuFOTxX2NSLb42pY7q_ieuvsZ5aroztMJ6J6H83cyeX2vbqoquGBqhfxkjzMTZvBwMkaAgTu6huj2ORqedqaVaZrTSgIbURIH6eoBft8VPCcvvKLMtWr6LwJ9zB34u8I5TrT2F4aF3_0dCa2VNZgldoXUiHm9K6yS9lBSi6FrwR97ebTxEx_rxqO18j_iDmQVRc7U44Pe23wGg_RsCEGb626rdSOFboKbWRs7UBvBjjJ6i8Ymask7RKOyo8fUcvVvz2n5yviOtxeeeo_MiDPPbZalG6_fNY62mWC6JrXoiPyJG_y2EEtL6pR_AYIPGmtffu-_zv-2fgw8mqNa1XbbiI4NYAEI7jb4JTx7rqMau2XdVMSWyuGPVkMECRCweMRyEHVU7-WxkEMmhFnao_rALB-0gRMIx3M7fgX6lXNq9vAcOkzImIF5vzw0la1lVa6ik5PjFPFR868kYp7-RKTPxdEkP4zodJ1dG8wE09aKCKdprdPvpb0FmPpXK73pNPkU7c9itkXLxES6a090KL145WB7dE7u4OX481okMFeeQ0VUGccGb7-xTVK8Nyi23NB0Uut6oMjk5fUhkw0t6iytVGzlRep6MSSGnSgdSEuQYvfAlvVS4K3WMVSHAWodDJ4FZhukKvkX77oGKAolXFEojQ49tEL0zt50U_j2-r0ubaB4vroiZZLKCHdPZb4vxaTwIQCs13ie2toENmgq0VvIfOSNx_HF9as-U_b60nAKmvMjJRlAczoUp_sRo0l6fKANiY5fbGY6L5t_yzMrWuNDZTguthglwLaIaTXke644&cid=CAQSSwBpAlJWFwzbgYsDjpRjiU2UASJjGdZMSvUVDDT2_eMtpb_hk7zj3mnfcOdMxq-HGMKjCRffUG-ncHmcmRppHxmgq93jsblyLxVQshgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.tuparada.com%2F&ds=l&xdt=1&iif=1&cor=9101015457627575000&adk=2004672170&idt=109&cac=0&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:33:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230921/r20110914/ Frame C607 30 KB
11 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230921/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
server: cafe
etag: 192838463742493612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:41:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C607 41 KB
13 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 307444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 06:58:24 GMT

GET
DATA 200
OK truncated
/ Frame C607 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fe3df1af14b467efdea7843340f3a9126a7d9534d1251dcd3850488e7c554bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309210101&jk=43686703042046&bg=!eHulezTNAAYrDsWMCw47ADQBe5WfONJvlz6jT_wObYk_wW4vUXKnmhg1n6wpbs5mI-62Q78KO66y6eAnzENqB8v9YBs_AgAAAD1SAAAABWgBBwoAChhLN49qM5vM92mZAravU0p1EFywcxU2RodK3pbueXFSatuRuAgs9c2pAsUBqv6_9SbtUqNYN32-9-VZ11jrrH4CPUWvuaBVKo1niCiJ_y2_e1Hdn4C4nNyExqVrmm4j74K5TTIqZSI-Rf3Osq9FwPFSA0Df7Yvaa--UZC9PXdquyLFmCEbWwHGvHTvz__bHKsgE0gPC11lT-SgYn609zDSjqML2Mmco0IYZBT8qKqo5Sk-TY_OkLml2Q8jKKy-qYRsK9qrYf2tPVVrlpx0_e84w6hziR7ZC7C1I9apZl92Q0cUJO8fURL6alMfwhBV_dN7T5xr0esbwB_P_WkJjlnM_9bn3O_Aigukjt4VjmhI-5wjHfqtHOhVLxSStO2C7Q3vw_WQyyDrs6dEdDsnjq4qJn2ADAk0hhe4CzoirOMt2i1UHY8TghY3pB0xQ-s9cSkMlTqAa5ZKnxuKbN31lr5atGLxcAVEgN6Zz4infwEFj9eOla8hCYNsWLtjg4YYtts6cbfKbvzNOYv3y_IzXXZXJLFdhpiKztBHjbpxcpy9hJJFzRf-c0uXYN7jPkahMXDQLpYTPkXcMHmNrorRFsF2atJuB4iloOHswWxee0-Saq9uIUgEKtvBr7wbTI3cy5Qwj1eY73itJ2i_HqQQtyeGowZb3oZiRuXTGb2A5Pj3eb6HNwTJQu-0Kly6KJJbWyFxxKgeQ8xNTzv-Mr6JxJYuZa-AkG-a_IhZKhtW7oyWCt-ZSSvmSZmZmn2UwUrRZSSDu4tN06yqc2VPRDUlGnk_8oHrrr9Ji8bed1sDo4jCg-xoctUSvmPMZUS4WOd3w_W4DmSHNvLkAT3-hBh12yJvXOLgtK9oQkQNW41J_e2EewvQ0Cr86JeDVQyEFwj0Q9YYVDryTnO1_UfWCzgo-LPKZY4-9ZHdxl33Mhq7wBBv9IadE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4F9E 22 KB
8 KB 20ms
19ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 93078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:31:10 GMT
expires: Mon, 23 Sep 2024 18:31:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 73E1 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tuparada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:27 GMT
expires: Tue, 24 Sep 2024 20:22:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F9E 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 17:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 17:07:51 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8545329873006492075/ Frame 33C9 142 KB
22 KB 60ms
21ms Document
text/html 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 551095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22810
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 11:17:33 GMT
expires: Wed, 18 Sep 2024 11:17:33 GMT
last-modified: Wed, 09 Feb 2022 10:36:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C607 0
0 135ms
67ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvWW1_95uoHb4BjwrT27gyengFqbplrvPpiLliBq1lz1AmmOcitT39xNN3W2DW_cjztvMUYIpPbCrnYQ6G5R3bFXoB0EtECxtGvhVlffpIqXjxBSZ9kfgY8zZGeOXVdR0W73ucE6vAsECdEjJmIr5a84Zij1r27nOL0G3mlhgsrWt4Tu77wEwotAD65_ZLxytgvo9T7HRw4U5uZGCAN5HAxFa2UIHqwp2ginM0SSOqM0aG1RSy6B_PLmpIzOk5w_DufPekbx5IVOWMjfM5wCOM9XMCz9h-6Y1Q1PeSwI_XMtgOn8yMzQkSXBZLyx_mS6GpT-cmQxxY0-WqXrWIdIhUOVge3pibayqWzICaqPvgZldMmcRmrZ8hWAmdli5Ab20_Q8wehHx6erBDW9acfs_Rdwreh2wj2RiPinL1aAAcA6u0TNIHNk6FiW27CjFXe0aj_DBiRJMGifqcmAsE7mqZp5a3FRPdT1SccfKD4rjMO3upESaDLqMGayvYL28di9VkPzavrjGlkaz82L2kg-wHly9-QwVIcyuIUxIwy6-hIeK03cqdJo7idjZndypuD3O-BSJQ-QR8SolXZUcw6M-Hrtl-BiwLqCXnuiGHEMqZ6bh638qxKxyMJURgStjW25y9hkDpoCC-9xH5xh2YBozyOvjNqZ5RpkHzyoHEVEJk-plUZq3UOq3lXxuVDfP_nNJ5wcvlSafCAtnThh3V17Fy1FzDE2i6meLsBiU0fYQ0vMHPLaacxuPI3o2cU0RGhS_K7YzkzHyLFr7qdSpUs5e7gKSZvQpqHoK4l28YUvadgziNHlttfDzs2j2X4Fim_z8uNvLrJBTSJwY6m6jsc5CvFQEsVxEvIk7koqUUPBhxZ7s4XnkiN2xaqHCBOGETolp4MR_X4s6Gj3GwISzjnQZ8wR6AbRDDVGrXY286XcJeaLQS3MDCl9vJdmPu17wJP-j101y9-xMDctF-3_-t662f4PlFEMbHeQFukQKJMCOOLV3KcQIjPTUhwgwstNo9uKqZbvuwJIk-8m4U-KNedpKuvLGZqABcQ1QS30JxuFjZraoQnYUNyu0CtOEq3XSBx-aSXUXGUcEkDFTMvfrYaof_aQjS94gD8CTRfihdLE-9GMEegh1A_Lty0YChxmv9afApuKoJvizsT6vtAH-eGoJsYHncwXZVxuhSG1UX3u7QCjA6k9_E8lmqVp4ZNZ6b34S14Ryg7BNin-SpwlBUO9kihN7gJYScJvqaBNisAHASA2HZ04mHxzDwGC_H8p3MH6IMVUk&sai=AMfl-YQ3mT-DDLjqfLCH_eUFMehT8ubE_wOihZ6y8pPpbGBQpI2j4BD5kcBPS_iWY6Qi2Z51aiG2f8Uvc7SazRt0AAErtIlxnHlkVVE2iqHg73qtdkohQA4D5E0BcixtyA1SbhkIMv7sR8oyovHc7oKH6v8-qB7t7YiDz4C04lto5D6yKUnXWuhOSfM7N9kf5uPTKTb1a3wmNN4a3-oGGxog99U5wm3J6qC8PoUYUFHTFeASt7qRvEN1qvQyfEu-5F5N7rmPlNb3RGd6-NRnQY_mLMQukIS3aMoV&sig=Cg0ArKJSzHhoRPgVe1oyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=180&cbvp=1&cstd=176&cisv=r20230921.05405&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 20:22:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A6B0 624 B
245 B 61ms
60ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY1YHo4gEwAQ&v=APEucNUytIpL2mlPxwDJGk6F7r6O41JQrZNY2MPOB8mIDzRniDx3sMg1tKRXHxIVL3b4u6PkwMstvnBwkwFzSy5g6-i8CdyMhP4qfVs3WIJjQhclkWcOfymhDz0NpYkuSRNCw38ElMYfNcbu_vqO9TutKXUhGuTvquG1yMpaeI3kp_dbEOq3X4c

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:28 GMT
expires: Mon, 25 Sep 2023 20:22:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 73E1 172 KB
60 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
Origin: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Sep 2023 12:29:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230921/r20110914/elements/html/ Frame 73E1 7 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230921/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 04:59:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230921/r20110914/ Frame 73E1 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230921/r20110914/abg_lite_fy2021.js

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:32:55 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 73E1 41 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 307444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 06:58:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 73E1 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 73E1 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 73E1 42 B
63 B 53ms
53ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C4nNMp8lv9AT8a-ZOPYks4Bd_vU_CMj9Cm6e0kh4oCaveWWCIpYy8bUUzEhChOPx2FOK07B5swWMJcYXquydtXpT4aI6NVDMOqCkRHt4rZvMmACS0

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 73E1 182 KB
57 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:22:28 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 33C9 29 KB
10 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 06:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Sep 2023 06:22:23 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D374 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 93078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:31:10 GMT
expires: Mon, 23 Sep 2024 18:31:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8414893630757870910/ Frame 0270 1 KB
767 B 27ms
27ms Document
text/html 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33bb3637c12a17fbc18a9b93ceea2171d0506135347de1fe4a541be60f519453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:28 GMT
expires: Tue, 24 Sep 2024 20:22:28 GMT
last-modified: Thu, 27 Apr 2023 13:53:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 73E1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8bb71a172a1fe93e899f253c0492d4e5161587509513238caa384a775f13fac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 73E1 0
0 69ms
69ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFO7kAhHc2NLaSGVuvgSMmGMEERl0fYzW_a5OcTM_hOGJy2tFxJIyPjgJux9jdC3x6NeThPIoEb-nF2-qrIvkA9eO08W4hml7FBcWi7HDNjcDaTTulLC2G2HWFVeJHa4MmJ8OnvnWac4nzuYovG0afVchQ1xEn_-soCz5eiNJfsHPhwtdm20OUH8YMG52uqw4VwuZvlAibs_zFOV8Q1HwuevN0bTspfksROunBPopPzaWNMnumb6ygDI6ioIaKH7k5qh1CkxZmPue_VZKW7IjDuiaFpeWf8XYC_X7YLxiu39llXTdOTHF9iScSKZc_4o3NxBGQtywTcLnh86Jnl0yrEPG37EVRoiDoBdyHAn-ndqvwq8mVFJaj39WIzfpcZgdJoh-Z_hszpxkdFG7go1bBQ8XExXDrwI1WAAS4PdJ4fa-hCGYM31lXCCA4EsUiaiquL-rtXud3-vI2gIVxXI872g3xGaQW0HDIDDQri2_9OJyrcMIXpu-_RNasAQda3iK9KQ8xwcxjt_vAbOxO9KpXtTSIJB9LY8RJxGmtD28-sCF0f5tA4-QYwMD4As5gKp_moCmvaAVqEp9jVrBmTydm1lZ5HNMB-psmWw-Zt9vI_bfjbdTQew3rot-IfZgzt-4AUpGdQDRa9RCSY2JFwkPPayMrKQ9lpmTFvxE4TkIXIhVeXe3VmIYtZjghdFLhCebPxtuomnQOvOIaWTLKgd11VUdvKP7S78CnI9-0QrF5etfpGGpe0keY4Z9KLP0oepgrRUkZl1HeH-XbO32A8JSgxUvgQ3NjdS2tu1t5Tqu_eqPuONKFeIlwB0WhO6Rl3xYhgM1OvXzMSYKZribmXrvwGjdjPOJNtNLcBXsonFIw9x2d2QIHgoTAG87M6oebVGwmISbEwEnzMppZHxV8SM9-8GrKYFo_qjMXY_dxf2_I7IN_6d4OnUwj8NpSoa23ATQWXZpHomidlytu6yiZLwlPrXxCPkghro84J6Hk9DWYj6k5CXm_XsmPNje4JyjqJg276M_aoBoDRAaxIQ8Oa6UlIyADJ6uKyrmP_Br5oOu6Q4z2c20eSeOmIqhTizg7ucZ7aVhuuFyHdmHNvGk6ASISbHvJY6wDFXxV2PBpN24lkPq4CZS14iidQUJdPWtScL4N1SoRW_C2UAM1PK0PhjbPAxDs3EhJopa5ME4v60mko9bgaG5CTJy1E5SyzL__u0QIMzQbo9gAw5HKbISzAr851Qyx0mnbk5vXM_BpAThKa5Y251WIDcP2W-pwuljbdj1DcHuPWhEOwBHAxfTSPrX3NMk9lsQ3QA&sai=AMfl-YRFqsddyZXeOLgVs2FEUQFbdmZ4c6SZZUAmYsDJf40m3D_VEPqegNEXXgofYMFJl_EVi9VnyvqsH8UvEKWg9E0O_SSWqvOe693rJ8TFNvLR87bIIJ0X3hUgRzGGn0wStlNrPKHqVVRwAWTa7ph-vJ6h5YH39zOugVOU0vipeCSwi5gyTT7yShiIRw6aQJM_DR-k5ge4x0gOvXWFb52tiRnjB7EHvUUpNcqpB8oRMi9YJ23yC_WqE-PAjPg_RPwDjvOn_McUwmQMeGGGy4_3gdST96h_SjvTN9q3yv7RKNOcS4iEGG2JXUTSeYHJ_jxUawLyP91yUqMsTa6ZNUvk8XdAR0AaYtYuKdDe8FX9DesB2sVGEq4yXawhcpOPyAy63Lz8-5jjDF9kBWoghXBP_8EVFODDaPzr7XrTwLCeNGs3Ma3LiFtLVcQoSXMhtoZeida4oJPNLPuhDEbQc9IWEcjM66d8Bwa0A14IhWEg&sig=Cg0ArKJSzNjyk2oRZnwqEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=77&cbvp=1&cstd=68&cisv=r20230921.44487&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 20:22:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 73E1 60 B
60 B 153ms
48ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=181030986&extPm=361382338&gdpr_consent=&gdpr=

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Cologne, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 20:22:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 25 Sep 2023 08:22:28 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1119
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A6B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1

43 B
733 B

57ms
56ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY1YHo4gEwAQ&v=APEucNUytIpL2mlPxwDJGk6F7r6O41JQrZNY2MPOB8mIDzRniDx3sMg1tKRXHxIVL3b4u6PkwMstvnBwkwFzSy5g6-i8CdyMhP4qfVs3WIJjQhclkWcOfymhDz0NpYkuSRNCw38ElMYfNcbu_vqO9TutKXUhGuTvquG1yMpaeI3kp_dbEOq3X4c
Protocol: H3
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9B7L0BLMUT0p8NMHaRF%2B76g5SO%2BIGei5012FIWZdv8Kd8Dwu9m6Ups9QPwpB0W83hbGIzxWzns0hk3cTRcwxyuD74%2F08qcwY3ua8hx58kSIC5VTQwf%2Bjh3ZISUxmw7ACQ23ZRbygAzctPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c5fabffc8db90c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A6B0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRHsBFe2foZVV0R7gnCt8AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1

43 B
733 B

71ms
71ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY1YHo4gEwAQ&v=APEucNUytIpL2mlPxwDJGk6F7r6O41JQrZNY2MPOB8mIDzRniDx3sMg1tKRXHxIVL3b4u6PkwMstvnBwkwFzSy5g6-i8CdyMhP4qfVs3WIJjQhclkWcOfymhDz0NpYkuSRNCw38ElMYfNcbu_vqO9TutKXUhGuTvquG1yMpaeI3kp_dbEOq3X4c
Protocol: H3
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWIlrVf0fLjK7z71FdOszRqmbiy7fMcxDq0r4IV%2Fthv10782wwxkTh0n6ZAceOyuWrkGPKfhdSnxNyHmf7Kfe0Oa0HmoZIdJPCE6zKECLMDYH%2BxQlv1oJ%2FPxcuxb%2BD7PeLSvN1oWbwZWEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c5fac06d65b90c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2zlZv9V786WJleEXsU314&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A6B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOB6Cw_jpUM6xl8URRjMm5Y&google_cver=1

43 B
837 B

28ms
27ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOB6Cw_jpUM6xl8URRjMm5Y&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY1YHo4gEwAQ&v=APEucNUytIpL2mlPxwDJGk6F7r6O41JQrZNY2MPOB8mIDzRniDx3sMg1tKRXHxIVL3b4u6PkwMstvnBwkwFzSy5g6-i8CdyMhP4qfVs3WIJjQhclkWcOfymhDz0NpYkuSRNCw38ElMYfNcbu_vqO9TutKXUhGuTvquG1yMpaeI3kp_dbEOq3X4c

Protocol

Server

185.89.210.101 , Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
an-x-request-uuid: f8d4fe35-a4d6-44d6-8be1-e61a05aa89fc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.131; 217.114.215.131; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOB6Cw_jpUM6xl8URRjMm5Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A6B0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDgyNDA0MTI4OTUzOTU5OA%3D%3D

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDgyNDA0MTI4OTUzOTU5OA%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:28 GMT
an-x-request-uuid: 2ba34769-42e6-4229-bb27-c186a97a7aa6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDgyNDA0MTI4OTUzOTU5OA%3D%3D
x-proxy-origin: 217.114.215.131; 217.114.215.131; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0270 113 KB
38 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:22:29 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 0270 118 KB
40 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Sep 2023 12:29:11 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame C607
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-2857128171615359&ias_chanId=1&ias_placementId=20338656462&bidurl=https://www.tuparada.com/...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_BOwRZebaI9nB9u8Pz7yx8AQ&cbFunctionName=goog_wrapCb_BOwRZebaI9nB9u8Pz7yx8AQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

34ms
31ms

Script
application/javascript

2600:9000:20ab:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_BOwRZebaI9nB9u8Pz7yx8AQ&cbFunctionName=goog_wrapCb_BOwRZebaI9nB9u8Pz7yx8AQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:20ab:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding: gzip
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
date: Tue, 19 Sep 2023 04:09:27 GMT
x-amz-cf-pop: AMS58-P3
age: 576783
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: thWfJmj38Yo0rMN1TuHa0JuNpT9WZtfZ9UK1RowVZILEo4w9O_rpyA==

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: nginx
x-server-name: app18.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_BOwRZebaI9nB9u8Pz7yx8AQ&cbFunctionName=goog_wrapCb_BOwRZebaI9nB9u8Pz7yx8AQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame F9A9 91 KB
23 KB 99ms
28ms Script
application/javascript 2600:9000:20ab:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 2463321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: IOawkDJsYIKyBJAHs3ZjLAQ-fmD7rn3zrE4S-SaPXRZNkStQFkWV9g==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C607 43 B
215 B 364ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8ef9e214-4d94-eb57-b8f7-5f1782e0c247&tv=%7Bc:pgpcG0,pingTime:-3,time:78,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:78,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f*.990511-61634100%7C1f1%7C1f21%7C1f3%7C1g1%7C1g2%7C1g3,idMap:1f*,rmeas:1,rend:0,renddet:na,siq:25%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C607 43 B
216 B 359ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8ef9e214-4d94-eb57-b8f7-5f1782e0c247&tv=%7Bc:pgpcG1,pingTime:-6,time:79,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:79,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B72~0%5D,as:%5B72~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f*.990511-61634100%7C1f1%7C1f21%7C1f3%7C1g1%7C1g2%7C1g3,idMap:1f*,rmeas:1,rend:0,renddet:na,siq:25%7D&tpiLookup=ao:www.tuparada.com*&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame D374 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 17:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 17:07:51 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C607 0
0 58ms
57ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvWW1_95uoHb4BjwrT27gyengFqbplrvPpiLliBq1lz1AmmOcitT39xNN3W2DW_cjztvMUYIpPbCrnYQ6G5R3bFXoB0EtECxtGvhVlffpIqXjxBSZ9kfgY8zZGeOXVdR0W73ucE6vAsECdEjJmIr5a84Zij1r27nOL0G3mlhgsrWt4Tu77wEwotAD65_ZLxytgvo9T7HRw4U5uZGCAN5HAxFa2UIHqwp2ginM0SSOqM0aG1RSy6B_PLmpIzOk5w_DufPekbx5IVOWMjfM5wCOM9XMCz9h-6Y1Q1PeSwI_XMtgOn8yMzQkSXBZLyx_mS6GpT-cmQxxY0-WqXrWIdIhUOVge3pibayqWzICaqPvgZldMmcRmrZ8hWAmdli5Ab20_Q8wehHx6erBDW9acfs_Rdwreh2wj2RiPinL1aAAcA6u0TNIHNk6FiW27CjFXe0aj_DBiRJMGifqcmAsE7mqZp5a3FRPdT1SccfKD4rjMO3upESaDLqMGayvYL28di9VkPzavrjGlkaz82L2kg-wHly9-QwVIcyuIUxIwy6-hIeK03cqdJo7idjZndypuD3O-BSJQ-QR8SolXZUcw6M-Hrtl-BiwLqCXnuiGHEMqZ6bh638qxKxyMJURgStjW25y9hkDpoCC-9xH5xh2YBozyOvjNqZ5RpkHzyoHEVEJk-plUZq3UOq3lXxuVDfP_nNJ5wcvlSafCAtnThh3V17Fy1FzDE2i6meLsBiU0fYQ0vMHPLaacxuPI3o2cU0RGhS_K7YzkzHyLFr7qdSpUs5e7gKSZvQpqHoK4l28YUvadgziNHlttfDzs2j2X4Fim_z8uNvLrJBTSJwY6m6jsc5CvFQEsVxEvIk7koqUUPBhxZ7s4XnkiN2xaqHCBOGETolp4MR_X4s6Gj3GwISzjnQZ8wR6AbRDDVGrXY286XcJeaLQS3MDCl9vJdmPu17wJP-j101y9-xMDctF-3_-t662f4PlFEMbHeQFukQKJMCOOLV3KcQIjPTUhwgwstNo9uKqZbvuwJIk-8m4U-KNedpKuvLGZqABcQ1QS30JxuFjZraoQnYUNyu0CtOEq3XSBx-aSXUXGUcEkDFTMvfrYaof_aQjS94gD8CTRfihdLE-9GMEegh1A_Lty0YChxmv9afApuKoJvizsT6vtAH-eGoJsYHncwXZVxuhSG1UX3u7QCjA6k9_E8lmqVp4ZNZ6b34S14Ryg7BNin-SpwlBUO9kihN7gJYScJvqaBNisAHASA2HZ04mHxzDwGC_H8p3MH6IMVUk&sai=AMfl-YQ3mT-DDLjqfLCH_eUFMehT8ubE_wOihZ6y8pPpbGBQpI2j4BD5kcBPS_iWY6Qi2Z51aiG2f8Uvc7SazRt0AAErtIlxnHlkVVE2iqHg73qtdkohQA4D5E0BcixtyA1SbhkIMv7sR8oyovHc7oKH6v8-qB7t7YiDz4C04lto5D6yKUnXWuhOSfM7N9kf5uPTKTb1a3wmNN4a3-oGGxog99U5wm3J6qC8PoUYUFHTFeASt7qRvEN1qvQyfEu-5F5N7rmPlNb3RGd6-NRnQY_mLMQukIS3aMoV&sig=Cg0ArKJSzHhoRPgVe1oyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=460&vt=11&dtpt=280&dett=3&cstd=176&cisv=r20230921.05405&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 34B2 6 KB
3 KB 22ms
18ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tuparada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:27 GMT
expires: Tue, 24 Sep 2024 20:22:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C607 43 B
215 B 334ms
115ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8ef9e214-4d94-eb57-b8f7-5f1782e0c247&tv=%7Bc:pgpcGw,pingTime:-2,time:110,type:a,im:%7Bsf:0,pci:%7Btdr:72%7D,pom:1,prf:%7BbeA:649,beZ:651,mfA:653,cmA:655,inA:655,inZ:660,prA:660,prZ:668,si:674,poA:676,poZ:703,cmZ:703,mfZ:703,loA:729,loZ:732,ltA:760,ltZ:760%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:110,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B103~0%5D,as:%5B103~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f*.990511-61634100%7C1f1%7C1f21%7C1f3%7C1g1%7C1g2%7C1g3,idMap:1f*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:25,sinceFw:84,readyFired:true%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 33C9 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:24:54 GMT

GET
H3 200 flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 33C9 4 KB
2 KB 23ms
23ms Image
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1508
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:26:10 GMT

GET
H3 200 head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 33C9 11 KB
3 KB 24ms
23ms Image
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3285
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:36:49 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 33C9 4 KB
2 KB 25ms
24ms Image
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 829
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:23:40 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 33C9 6 KB
2 KB 22ms
21ms Image
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:26:50 GMT

GET
H3 200 300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 33C9 38 KB
38 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:11:21 GMT
x-content-type-options: nosniff
age: 668
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38528
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:26:21 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 73E1 0
0 59ms
59ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFO7kAhHc2NLaSGVuvgSMmGMEERl0fYzW_a5OcTM_hOGJy2tFxJIyPjgJux9jdC3x6NeThPIoEb-nF2-qrIvkA9eO08W4hml7FBcWi7HDNjcDaTTulLC2G2HWFVeJHa4MmJ8OnvnWac4nzuYovG0afVchQ1xEn_-soCz5eiNJfsHPhwtdm20OUH8YMG52uqw4VwuZvlAibs_zFOV8Q1HwuevN0bTspfksROunBPopPzaWNMnumb6ygDI6ioIaKH7k5qh1CkxZmPue_VZKW7IjDuiaFpeWf8XYC_X7YLxiu39llXTdOTHF9iScSKZc_4o3NxBGQtywTcLnh86Jnl0yrEPG37EVRoiDoBdyHAn-ndqvwq8mVFJaj39WIzfpcZgdJoh-Z_hszpxkdFG7go1bBQ8XExXDrwI1WAAS4PdJ4fa-hCGYM31lXCCA4EsUiaiquL-rtXud3-vI2gIVxXI872g3xGaQW0HDIDDQri2_9OJyrcMIXpu-_RNasAQda3iK9KQ8xwcxjt_vAbOxO9KpXtTSIJB9LY8RJxGmtD28-sCF0f5tA4-QYwMD4As5gKp_moCmvaAVqEp9jVrBmTydm1lZ5HNMB-psmWw-Zt9vI_bfjbdTQew3rot-IfZgzt-4AUpGdQDRa9RCSY2JFwkPPayMrKQ9lpmTFvxE4TkIXIhVeXe3VmIYtZjghdFLhCebPxtuomnQOvOIaWTLKgd11VUdvKP7S78CnI9-0QrF5etfpGGpe0keY4Z9KLP0oepgrRUkZl1HeH-XbO32A8JSgxUvgQ3NjdS2tu1t5Tqu_eqPuONKFeIlwB0WhO6Rl3xYhgM1OvXzMSYKZribmXrvwGjdjPOJNtNLcBXsonFIw9x2d2QIHgoTAG87M6oebVGwmISbEwEnzMppZHxV8SM9-8GrKYFo_qjMXY_dxf2_I7IN_6d4OnUwj8NpSoa23ATQWXZpHomidlytu6yiZLwlPrXxCPkghro84J6Hk9DWYj6k5CXm_XsmPNje4JyjqJg276M_aoBoDRAaxIQ8Oa6UlIyADJ6uKyrmP_Br5oOu6Q4z2c20eSeOmIqhTizg7ucZ7aVhuuFyHdmHNvGk6ASISbHvJY6wDFXxV2PBpN24lkPq4CZS14iidQUJdPWtScL4N1SoRW_C2UAM1PK0PhjbPAxDs3EhJopa5ME4v60mko9bgaG5CTJy1E5SyzL__u0QIMzQbo9gAw5HKbISzAr851Qyx0mnbk5vXM_BpAThKa5Y251WIDcP2W-pwuljbdj1DcHuPWhEOwBHAxfTSPrX3NMk9lsQ3QA&sai=AMfl-YRFqsddyZXeOLgVs2FEUQFbdmZ4c6SZZUAmYsDJf40m3D_VEPqegNEXXgofYMFJl_EVi9VnyvqsH8UvEKWg9E0O_SSWqvOe693rJ8TFNvLR87bIIJ0X3hUgRzGGn0wStlNrPKHqVVRwAWTa7ph-vJ6h5YH39zOugVOU0vipeCSwi5gyTT7yShiIRw6aQJM_DR-k5ge4x0gOvXWFb52tiRnjB7EHvUUpNcqpB8oRMi9YJ23yC_WqE-PAjPg_RPwDjvOn_McUwmQMeGGGy4_3gdST96h_SjvTN9q3yv7RKNOcS4iEGG2JXUTSeYHJ_jxUawLyP91yUqMsTa6ZNUvk8XdAR0AaYtYuKdDe8FX9DesB2sVGEq4yXawhcpOPyAy63Lz8-5jjDF9kBWoghXBP_8EVFODDaPzr7XrTwLCeNGs3Ma3LiFtLVcQoSXMhtoZeida4oJPNLPuhDEbQc9IWEcjM66d8Bwa0A14IhWEg&sig=Cg0ArKJSzNjyk2oRZnwqEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=319&vt=11&dtpt=242&dett=3&cstd=68&cisv=r20230921.44487&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3A9D 640 B
265 B 61ms
60ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COyXJRDn9OgBGJ_90PABMAE&v=APEucNXEwgwl_6S2ugySARYc6QqnSSlgYCSRZcSt53wxf6NfNAXPhkWoUc50oW8APvGbCzCdwVP1A3dfWSOKiJ7SMCfo-jjuEnb-GHqnoS7HZDxvc6pAhiXkYhm0OmfJPgc3a6jyH_4OkkF8kvGA5DpNfUgeTvDPyuJ5VNSUMUtEZjLA2QKVmcs

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:29 GMT
expires: Mon, 25 Sep 2023 20:22:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 34B2 89 KB
31 KB 142ms
142ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:22:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34B2 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dbj6OtpbfGRS04Xb52WewPi8D6eKsZHRgoY1OqBVhcD-J1fQqSbI--s-pHzBVvMJEaN8KxaTA8lRYznHXFFc26Kw6aVsS4GTRmosgnTmheqbOU2Ak

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34B2 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2737505451164506730&x=1&ct=76

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1562583/72689833/xbbe/creative/ Frame 34B2 257 KB
78 KB 47ms
46ms Script
application/javascript 63.33.177.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1562583/72689833/xbbe/creative/adj?p=APEucNXO1r05mu-PvPniOhmxWNgsqTi5eF5L8mCE1Bse-p5Bvrdk9YI&d=CokBAKAmf-BaD_UKM_HgMnVQC7FKsflSOVl56V-MU4OHqTQ5Z2oLnGPddT09mwVAI_H8kvCuNlHP7t4BOC-H0vNN4h6ls6jLwFNUU2CLd17h_h8flp-Hz_h68DBtoc6xtYJgt16p5DdDbS5dkJmGWN6SJmPMQ8G5QZmtmt3KjaulPmq2wcvWvjJ5Zq4SqRUAoCZ_4HSeir93Z2SAy2RPkuAgvmF8f0jwke0zFt83RkM6QT12Tj6cu41em7d927gKPOTwXKw7qhxQMYvlh7WLcU7tK3hS1eTzZKRpXP-aqYBkDYSGso9VujxxJVxTbPxD07qVydxO5NA_44hRNgqQbciklZKjRIq1QUzrV3RSrMYW_2oebVOaCoJF6yyO_jWBQ7HIckKmNmjcYexSWWxzvT-CJEyfc9T94CcGhJI6H0croZzf1_NCeaatqZc20UfaaZtqmTsohtTeFLLaxs4GcnfCLjkXFAK4_-IuRuigg0yjSZZoweRv_jZfH4lUryJEz_A1Mgrsbd4zgRsTRxCC6hYIRJxiBqHhFz-GkYye0Ud0Z2eJyeBY1JkhyAxGQ3bGAdZqw5-JITmQa1ULfH5UhDLFKLTqDEMRLGC3r1KZuUo-uWs7IbOXecVMmA7Sx7rgZywYUKMcqLaNFhRKEDb6yGND-BWRbrXbBj_wwNcEAcSiwWACkAZoyPYqNItMWy07Sg_AP-_yW1rxnwk7KFybkaeny4x42YEuKAcCHfzyLiTjNxNqquL3zDDyLRqmXGv-iPSbjnTy7ec4bCdbg1WsDR7dHnUox1eISABrlsv-XqN5ZMbBTw71wiKk2JiAlnVlvvoKkgc9GZTnLj-lOls1mDuKt0Yl1mdWo0HCSvIHZQyxXMUZmU9Q8nBT1_U6XW1cka82wlBlkWcCHFWyVHldQfhoKH8MJirpj1-GzyQvA1tGpiCRq4CAA4xoHWxMosx73hspSt9FcU7Km11u_PUom3ML5dK9rsKE80hy82bRceIoRrBYx8yR_QOhZA_noVuSutaEhPcRvBtjsmd8tlPlkW8J-cJPCpaLYKtSNbPfYy_oieKQjPBfvA9L3UH3ETiL2Y3GVIR_XgS6AXUaawoz47jYQ2GsiuAalXigpA3G_Z2hxwclc2SA5mAQWI9Zh-1-Kj-x8zchb9sFw1r5BOHh5uwOXqjf48AaaFO_0ThE5V57e3T1mFLjJdA7IfaydACjoD9-x6sS62c7zuGzNb4WkTbI0D5W618JlZWYS1orqw_uWJuF6qWFlLy1SK-tGw5ZoDjevveux1aqCXJ13pCfABaFBMcEW9BcMQ9XqUpGjF1Rmc-bJqtHzLaCA3n8fhEK8WDg8Ssq_H0JzdSb4iI2tNcqI7RUzQhh2OqgbcjcVHIgxnSpzvqGZ_7-uPvwQ1vtEze-zSM_A6jigYnvTwQ-y5k0Ewe2_a8_CUEgd-5-KiwKyS6D2gs46e8uPellhbHytXqf-hGnKXd6ja6q2Uemc-_SAs_Xxc7L2isVFJnShPMY_yvEo2TZhuXW9lrXvHwz-I08tBG_6fs7K5myJ7-Ds58-QHNHrtw6-cYRtIn0MFyE0R8eTKesoKomYzubfqNzWdziN6IZ0jk3CABu3ECEzXiTXKpunIMYA7wK4qpLx-GclH_mc97-82L5N7Gd0ugeRt7OuNI8T_kuY-Tzk-Pkj6WXazCnFaETsSpjUxX4b548FIHCPo-6A1z4DjylNAich8rwmXfGiRZPt6wjJyIJip720cQIUXXQeUTDD5JpLBD8h5wkoLyQLRD8epCLNw2s7EywUe_3PwlHiP-jFaVDy-7dJjGeVmkJSKDJW0m5RvXrCDiUP2Zs75H9phYSjRkBO4PRbXTg7mG5hW15gdtgSuRDR47cEWqzHnKVF1f9KjOQPtaCHygZON61apPg2KU8R5QkAU3wuvJLbKfMUaHxf_qM2qE5uZKZBbnXyTojGstdXQu2JGggu9VUWhNKO-3tMwf7Uj077NVfIYfFPEq969jECnJmFsO59urs88e0zZ4OQ7PpkgZFWNQ_YbQa7cwWNftN89UXa8kDMa4gs6vWwRxl3Lhi6vE5Ky9d8bTsgdTkGVhzgDIe1mMZIgMtrcDHr02y5vd6isscT1vkfBwZ382LJCJCjf-h79IFdVD4aNwQT218aX4sfbwJ53APrLxiiMTjXcZli7XGaiJ3kNE2DZJSKTjtzWXHWGIL7NoUdjYCEAzBd_ooo_MrChV2DxnkZSus3uUrtIBeRmGN2gMUEkwh-_ZtefRwD6hiVz5oPWXNIQjigjR-HbBCD5UeIahvfy862jQQFJAaH4YLSEOnH-ZfO64Ttv-ka2NeU5Vm-DXdw_Xfrwq97FrhQHsLoGn8zoxnpW0-Bp7TomNO9NquG6X3lBuDFVSaauMubq-t1q9ggJ2wAE5Ado6N_plp4-y3Hn3uxH0dIQphi2ijVoldm2b3Tb2g7AkXeGo5gpeyBB_E0ZsBw6WQrTMciRwSM2nBAxRI7pai7TdHjSifP7H9Zw-tXDPR9GJKiBI_NhTp6BGfU3iWe1_ZwRct_C2hCHwdKi7dMOf0YvcbYZWTY13LKFraix5nvaQatytkeeKBj96-X6zA0XAV524JNdhE6wbCXgINQ7hhdTRMto5vGCYGzNSJwyrgvVSat6IA_UKNbRr17L3JGIAIFIOUNGZEZVI0CEMtfBsW5bxEEUaV-MXkPdOOyi56iXkpvy_FlpIXV8MtsRMGSj9VcOj-O9OYrWtGg34wjo1m35Nkr0DCxRQsYTghofPvjBk1UVLrDRMAQOBVPozN-_FfW37kqY99NHJlePk53bwVeK7juEYEGgS000KKfWSBnGvMAwY1q7oc6UaT_U49m4gbnXWkjvL6VED21NbHilPx5HCYmTWrCrCvv1TZkvrTGDZMmVMBmANgdaIaRSRkc69b7QRm9KXopcR4OmsIZ_ssdGptyf8SBTlqdsI7Gyr7gSfQnB9M4H1l0BV2IWaxSXv3unoz1kguC0X7rQ-uRwX1F-R4lVill9EeAksmDsr14fOegO1UnHaBcIhcXLlf6PrTx0x3T7R0_anZ7ibD8k5kG_IiWgoxDPySZQh5oCFDeZ6FS3GNMKys6fdDDg71aurTv3JxxRlrAaX2ZJjnGniwv06_OofP4JzQp6VYdHpLbrra6p-ANiDdR2Ob10tXlLrHcty7ROgP-Ma_6EDdLEbWuKs8xvqJQEEf2l7Uw9XsuDQUcf9xuCtTPLcIVTWSn4V2oRB0PdycmUQFBF6MsTO5lrC8Fzmjgluv_gBlYzPqXfYgyKRzYn7C8a2paAi185BDUDW9s40FWCpB9UAzxviEz0zrTRc0yCXsjde-j-0KOrr6xSYUrBp9wXzEUuh4GuoK4n_Frn4jMoaruX1SrSDtnZv7CR89yvlqzkDAgUxNlv722g6GMhwHA4fBnMVbQPWc-ucjnXV4SLtH3LeQj2NX6M8FHfspMyAMvxryuYfhF-stiHTcnrqpZc9QqJg5p74kd9bjeXlHZV0zxtQST8EpvbjxOo5WLNCPWYtEDYt_9bXKmBmT9EDsoqa29ofjA6zSXA8XW3zMihSCOp8-uYwr2EOLx-YJseBwkJrdsbGTd7eypleZWZuRhsiKfv32ktmY_bGu0dIx6NNmlb_W5wq5taJJyQDPFEQpOM45J5g5euai-t5Q0VCMjm5fQivobtr8ihwIdEnDsOnmPJmwKXo3r4NdgpayVyLhULxGCxvSfOeimcXnZS8IfN_gywjtMHFKO_8-Ws9sRyfCd0fHbvTkRVE5A15whXumZXzf60_sFm0J4BWL_dEDO9zLV5kSuX2tCRpSCAQSTADICaaNOv7ZwbAgrgAN4pk8yo9QU9CEvY64XgOxMG4_qPqwydgXlDvCQDJCqbqeC218soX7Clxrm5Bu8lG4CQfgN0aCOTANILWcQmUYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013159638&ias_pubId=pub-2857128171615359&ias_chanId=1&ias_placementId=20358516230&bidurl=https://www.tuparada.com/g/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hBNSSgdLGxHiUqKlownGX0
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.177.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-177-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 79307c124b796fb168cba133a652c6e2a86951fe59f72560d1e86af85eadbc11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 34B2 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 34B2 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34B2 182 KB
57 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:22:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F9E 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bw155BOwRZebaI9nB9u8Pz7yx8AQAAAAAOAHgBAI&bg=!j4yljMPNAAYrDsWMCw47ADQBe5WfOAqu1Wu8wn367IsKd5GyeC2b2zVOSQDxynwSa6YmPkoKBC_-hOY_ZJhFASab8k9dAgAAASlSAAAABWgBBwoAX_QVBPufa2Dw2nzjG4ilDS6N9QcHXZsGZXThueLVWryvCl6mmmXckaQlCa-CPql6TlMo56SZRehGy10SnXsPk1gwUsANK9B980TIO2zM3HsZsVldju3RaG3T1EhqEnnAmQL-gzg-TZSxRF6LXhL26kZwfojXUfX_nhDomUX_75IS00vtGlPnB9S8kVyt2RFjA8007m5qEzvdLVotaEv6zhdz2LnNaOZF6WsEvcqkHkmZxgFk19mdyQKk0QAR8ZVvL4WstXHGoVJyksPm8dqcg8CRI7xzEQYdQgdT6LZMItiRcfZV-75i4BE47nbYym9XKyn49rU0fa5KVgZqtQHXy3WKJZGIbE1nxb319cAFDKRKkNLO05wh0S3IwDVcILF20DUpr2_BGoi8zpFNXe763vjaTpr13NHQQ9NcN1PgNxwBolhuOgsSpQnm12DNZHqjTNZepXXJhLfwIW-SNpOo32x1ViI8tvxvHWJk6JNUep7rrqOi9jvmtPu9DqAoFLpl7x32LDgCEfEfj4a3gBTfleAQr4GU99Me2fA1ZFTJVynDwKqUzvy5MbLstOghdOc7qChPtMKTMQYDLpiY8SfnM4qvJ6tXtkXRImInd8Twl6klC-aMeEAuUAEiIXefHzzSPyR2qHCU5JjYzioQfZutmXGe9S74AOQkpbNMlFVp36mh_3Ke_uLVDJVgHhTcO1hd4i_7M5VkRfd4LikMjafpge96flJav33QQ4jnUt3m_uhb6qB-YuHgUA5VjtyxywzRMKRTyvacM4KZT9mSKiHYggbm7-4PlKa_MKbks953F2Kk-0H4IWNC7FbcJXP5O67BrwA0azwofn4ezy4q_c4o083ChsBhfkWDiJtnTVoiTwCjIRO6B15QG1MDV9DJVZMkom6lSVpVQcygQltup9ux3l1IrnTXwrx0C-D1QL0dEqS0F-2eNVV5vPzLzTZ_IQzY0C7erp_6ZlGY6ed7DXSSaONI2P8ukQXUJ5j-gzUXw1QKogqUy1rnPXpwvQO9fYFdbcK59ixbylod2hH2SkSoJO2k0O1avAs-lidWDEz-cmc01vOsHJxS65cnjqTLPsC869MzjmVEvNQ1kcMSe4Nw-rvWXfb-_vswbBjQDjMk_zgqwF-sHKwg3K_AaogDCjGWUQ

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 0270 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:07:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:22:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0270 8 KB
6 KB 61ms
60ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ab6349eb8d3093ff7ccc9c12e720304d33cc6ab714e7cd46342ff865720e291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5819
x-xss-protection: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3A9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEhBbiwBJPSeuJyhp3gE2dE&google_cver=1

43 B
273 B

53ms
29ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEhBbiwBJPSeuJyhp3gE2dE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyXJRDn9OgBGJ_90PABMAE&v=APEucNXEwgwl_6S2ugySARYc6QqnSSlgYCSRZcSt53wxf6NfNAXPhkWoUc50oW8APvGbCzCdwVP1A3dfWSOKiJ7SMCfo-jjuEnb-GHqnoS7HZDxvc6pAhiXkYhm0OmfJPgc3a6jyH_4OkkF8kvGA5DpNfUgeTvDPyuJ5VNSUMUtEZjLA2QKVmcs
Protocol: H2
Server: 34.98.64.218 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEhBbiwBJPSeuJyhp3gE2dE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 3A9D 43 B
145 B 92ms
32ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyXJRDn9OgBGJ_90PABMAE&v=APEucNXEwgwl_6S2ugySARYc6QqnSSlgYCSRZcSt53wxf6NfNAXPhkWoUc50oW8APvGbCzCdwVP1A3dfWSOKiJ7SMCfo-jjuEnb-GHqnoS7HZDxvc6pAhiXkYhm0OmfJPgc3a6jyH_4OkkF8kvGA5DpNfUgeTvDPyuJ5VNSUMUtEZjLA2QKVmcs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 3A9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEG40kGUEth1EZimIIo9DD9I&google_cver=1

23 B
163 B

138ms
56ms

Image
image/gif

104.80.29.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEG40kGUEth1EZimIIo9DD9I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyXJRDn9OgBGJ_90PABMAE&v=APEucNXEwgwl_6S2ugySARYc6QqnSSlgYCSRZcSt53wxf6NfNAXPhkWoUc50oW8APvGbCzCdwVP1A3dfWSOKiJ7SMCfo-jjuEnb-GHqnoS7HZDxvc6pAhiXkYhm0OmfJPgc3a6jyH_4OkkF8kvGA5DpNfUgeTvDPyuJ5VNSUMUtEZjLA2QKVmcs
Protocol: H2
Server: 104.80.29.75 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-29-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Mon, 25 Sep 2023 20:22:29 GMT
pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEG40kGUEth1EZimIIo9DD9I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 3A9D 23 B
163 B 173ms
57ms Image
image/gif 104.80.29.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyXJRDn9OgBGJ_90PABMAE&v=APEucNXEwgwl_6S2ugySARYc6QqnSSlgYCSRZcSt53wxf6NfNAXPhkWoUc50oW8APvGbCzCdwVP1A3dfWSOKiJ7SMCfo-jjuEnb-GHqnoS7HZDxvc6pAhiXkYhm0OmfJPgc3a6jyH_4OkkF8kvGA5DpNfUgeTvDPyuJ5VNSUMUtEZjLA2QKVmcs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.29.75 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-29-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Mon, 25 Sep 2023 20:22:29 GMT
pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H3 200 970x250_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 0270 78 KB
19 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/970x250_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41eddfc251f7e426170c1b3f691e3b656868476a3f5e36ea0ae0330d30ffed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18954
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 08:01:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:25:25 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C607 43 B
215 B 173ms
113ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8ef9e214-4d94-eb57-b8f7-5f1782e0c247&tv=%7Bc:pgpcJ5,time:269,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D,gcd2:%7Bappl:1,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:214,n:0,pp:56,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B105~0%5D,as:%5B105~300.250%5D%7D%7D,%7Bsl:pp,t:112,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:52,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~50%5D,as:%5B56~300.250%5D%7D%7D,%7Bsl:o,t:168,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B102~0%5D,as:%5B102~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f*.990511-61634100%7C1f1%7C1f21%7C1f3%7C1g1%7C1g2%7C1g3,idMap:1f*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:25,sis:197%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0270 17 KB
6 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 20:22:29 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 0270 6 KB
2 KB 20ms
20ms Fetch
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/970x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2334
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 11:06:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:35:11 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 0270 5 KB
2 KB 21ms
20ms Fetch
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/970x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:27:02 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 0270 2 KB
1 KB 21ms
21ms Fetch
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/970x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:25:00 GMT

GET
H3 200 NH_D_NA_New-York-Best-Age_970x250.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 0270 193 KB
193 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_NA_New-York-Best-Age_970x250.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7d3bf60bb7285e447cced86d3356e7222bcdda9903612b383c794a337e2d2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:19:32 GMT
x-content-type-options: nosniff
age: 177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 197348
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:17:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:34:32 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D374 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGwemBOwRZbjnG8vAgQeB9YjYBgAAAAA4AeAEAg&bg=!XF-lXxDNAAYrDsWMCw47ADQBe5WfOPPspPh64wA7SV3fG-wb3CtJIu3tFfBE0dY448DBeXbYPMcobc6Al1UjrhTM0V8NAgAAAGJSAAAABWgBB5kDB1gkvsgr7iXoaor2Gg9wvQRBd6uLcGxfBlfOtGwTWGYVmJmcZTeia5miFSzKU17GSe1u_Ajg85YmpUFoaAhb4hGKUhkXWJPeJOPXZ0TuWlh8TplbgO8ZrCweMuev9dy0n3_zRr8duKkKWQ9vdSypnZW7oR92ywi7CPYxHfyGRRisTJEJsNi-UYNqrZPG-OsTLZRpWXOyXJDsLdWJxVP_MpkEiwJiSzmjwLtdQub5ds-Aad4KuF4Ma_Qpxl7NeyKgOsoQ6WIwHoQp8hwhXTV_-y-Nw3zIXBSZfIVBI7-nZsZ-A3oFGujLwRG2FRVI6vFIkJ4GTSIJYkar4hoqbgGoHGMCxw4VP533J0dBzjAi166GnPys3C0u4on8e1D1r4JV9_5AwVDjtFnsPOYBDdR6dybDe5M3jkdX0dVCOfAks_DTtHa10Wgsaid-j_7GygUEfA_YBHF7snDAtirGiSC0KEbRRmbsSMitqCYL4e_Seda3VNwh83Qm2LEa7abuvwpT0_EcZkogQS4l_jeBpwlA75Ya36-UA3di3vzVXI0LUKdiSOGAGOwhgB9YQJY3HSvgfvgmptfulBfWqKbS4UQ9H_ANPTRFpCWSctNf1iOwA3DN4lmIXRnE6bF92OEoXt6Rovj0oZLhZZCJ8K0R_sfBpxqI1jCW_-DYvCqxJWE4zRuZ7yhfC7pMC4D5mEvlH8kkvUDdlLquNAhhrPlB0lOOsTf0C7aY1VxNOaE3FmLuTO_YrFOmvu9PxZ-XMH2tJ72isGa_sWsLD362wPAWQrXOujCxdC2bJ96F1fcxaeQNVkYSbfTCO8HtsSDbxMxK-JbqCMUvlrBvS1dZYV_tdyh7z3jinXcFLfx4enP59m1RpI5gb9QmdXfYXPceUqKf2kPMIi4jPnGFTo1TY8xLoiM2sBL1lrC_Yc557rDK0iXQBnS-btQrzsh8MeStYPWcl7q-WA3suM3LOg_hzfomrDBTdorE1kFKAD4YzKB0Osicq-KyFKSB10To-PJsPmTmo0S0hO6sjo0CeNM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 0270 50 KB
50 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8414893630757870910/index.html?e=69&leftOffset=0&topOffset=0&c=WiPD06pZUB&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:14:52 GMT
x-content-type-options: nosniff
age: 457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 20:29:52 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34B2 0
20 B 53ms
52ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=819877925479&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34B2 0
20 B 52ms
52ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=819877925479&version=m202309120101&ct=76&x=1&cor=2737505451164506600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 34B2 16 KB
12 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcoDVgyBrkuG09FzJ3RMgt66Qf-9JKx1H5U1HzUyn6GiMvOOzW99CXfb-oviEhX0qG3p_t2kZN38L4yCBYIMH0KmIsVz106BWPHsWyMlpRKg32a3Un2KUTIi_RQM-rhAyX0CXDmG4scFp3VxbCgzDfV6wH2BAXF2m1q6Sa6EgCF4gFI_o&cry=1&dbm_d=AKAmf-DnYEC1dZy61a5fuB2PBlsLaHZiY5gsgiKW2SFSC1KzNq1XiELkOUnPVJ3owDgCDzTqeU-XO6HU8DAS5nPqvFrqSl0YdHJG2RAx2QIkovZ_RUb1xTNFxUtX5HK7mbwppW6W_zqs7HYi-Wos_A-Te5AEcxluKf_x8eEWOK2ICVqCSwE03kCi4hfKcRoRHVYOZudI8F-ppQnCIbfDv5IbFShfa6d8gdet8gIxq2wkIxWFpFZlDvDdbcGVqZMeuigwVeWcgbLilnAQDhFIQG3vtwU6kTAQhvihSonjcDO6-spSuk24BFtc_df9cA-kKWC9Veq7GR2QFUuHAt2GQYC7DqSv7E9aeDuniOnQmPJw9vy_4Ii1rUxLzfpNRrSfObwTrHVvbCZJnaKzZt4sMa34d2fNHtnIZ4cMImDxDrIShN6FaPcvtqpZufowm3-jVQJXY7hFIbTOINyN7hNlgD3gEljsX90JSYva5aFHg84LJATJbK2Net9WScXD3lCL2Ury7lhPqmP9S_8WhFvrqxgxQwkfcEOpUnop2vCa0x2gJMzjoudIq21MkhgIO5QB4m3f7hXF7icnxLT0wgrcvkH9QGsBunwZOaolGcHhcHdtitFICgX8vR_7-4FwhcqRKW6p8w_ls8R7BAsEpIAt6Ewqarp83pJlvs7fda8r6VTG2-D1mu1hXJlxEY5_haYVnbuKTcPi3S-S1xBiLNRIpTOZ-OCglybI1dyJ0xq9Pp2oWxrpdov9I-RPvCfig9zSVRW1bVqY2jb80sU9Tze4pRd1sbW4SOQRhZ5sx-wX0s7p9n-6EvU-Koj8aUFwqkrsemp3mbrOhq5YVUsQiIVsLGcKyTsoEkzEfEMJrm-OENA1Ald6yFpuGKMgZSe5ygOtRCMVcsgvJV7JaogqUnx9n_UjDL3_2f_HITZCPF-7Wwy_EPjANNKBV1R18Qw4byH7U3zMizh0MGQFYo4RJngbO40t_tonEsgDJcbaqpym5bVsx9LBQLkbQ2EvFSfv4sQbM7AGAZgzX-IyaMRCY5zHJ76NhoL10Qe-mPlUND5XjoPQU7fM3US7hYKTOscG9MoMZ_OKKA5gM05nheufPA3tZlSlameP5cjSW8npY7XX5_i6Qu2Owj38GZFChu2u7TgWixZArQS9C2mX7kiBiGX0JElRikl8z5lOAPX1x4iuaDNllXaJh4l0zOe--dKUjNnZQh69Fhi7XjBB67EidnqJdfW-qAq066EJ5zhqxQObESaDiYpaqO3xeodWpOaLAhuBD7Fdmb5n4IDGBXoUrUL-DyM3BYakQMfIAk0Ar6aTgmnDT1lfOlkF-xllrF5a0r5ilK0uuBdFgsL1t6610eh-bkmOJmLxZtbsG14765fOA7Dz-DKEA1mJ8QcRrUqOM7bXnhBWJCf3Hw7lW4qyRETTMDG_Rhv82FGpujKU-qSWzPwDnr1_UUWAeI35RZgJWtbajCUmSbv5gk9IkzgNBQMOlovE_dwn9OtFzOfFsKvGitH4pe9XaJn9zzNPhAamhwsYOQx0NZGjSViTZZY8hWIFeuKJLMuu9Su5lMf54nUhItqq0_46O361N9Uf9JfkdIFOdGzl0bBV0g-E4Rz5H0qelWwv5umfIMk_xa6wUBUEWfFC7z6b7aEOvBFiyO9Oaqiz-ztjcTqjlG7e9YKMMWlnMXcvXyshgSM2_9u1wwr9Hh6j3uW5DS0L3C9YPmgpY2TWiIu_djKoPPDgiMR7K0c8No9B-6M2HRTDKxE7zXqLh49zT6d5yDTTA9_eXSs9TBAryl0vIlQsl9kKPXk2_K50ZzSyTM6Ne0vvZ1qVJ8pBi_rpaxHm1zncjQrLlwW3O9YAPdgHFo81R_EzhS5KHfUzU4_ei4izCy0x8DxU8Wbz49UXpukO9MXFOoufJxwZYO3Oro-ZKQX562c5cmuWJ4NSAmstIWe-u-nQgR4zP9CZ3a0FUJIhlVrUd2i6m_Xj60YPqms2ohOj92dCxoz8dyseMYipeGiJ17X_O6bWB7mDmyg-ZW3MkkCcUXqnR9_0229RwavaaOt1WWCaLWRpyYxi1ktnkxdHzfTCmkOZf2TohMFzPgjEoP24mIJmhhMGt2xzGtyP65OC5cDvYtTnyZIoO_Rq4WSueCukzklzSvnaF1fYoOszRsJD2MKkT0my7j8YIEHu9oLY1bvmd1kZdtKLAPyeS-YpGI_m6B8tEIFRi9GGUUEVJS_zKyKra5eVXuJnQug-mIvN6SoPE_FuUXfYKxqwhwyUIhy04hrbTTBrte_a0ctAQfhhk161HCM1NkUdR085NRRWyA6tENCrI71RC3x_s3uy7W_HbMYGFgYaKWfRnNzo8vng7iG5CEbA3tPksCKg372xbif-6OWGONJWclLjoZ4fEA5anzbsD_C4JA-7r0Wiucmn1JfmX2OmAib3m0SzohldJdNiFF-iL9uf8S3kXNoKpM2ev6IHD6XmyfUEb6B5NH7LWwrayHWZy9w_NXGH0dpriINNhNwhjal1u5A1Sbx4Pc2O6dnaqqgktzl4JDdTpMCQAaSyzSknB1FZtbU0zlouIBKeU6FUCTngB4nHyPbPygXJib_X5jaOi1DN9enXnhZU8RCs6Hxyvv8g293oKtSiKG_IAEaMiJjnPSeEMypXmTxvCAh534IWd7r5tAmBHb0IWd6Mg0CwpuufrCJ3JoeQYLqVDNcbf-TZ-VKq_cvwn1MH6YN3eHZnS4fu8BnVPmz701nNsoDEHh-3DeSGoZZabe8Op5peUOYftFyOfBbyjfRMB5tFFjHXjsuWHpwaD7eCNVKHQyGsP-EhoQnWrTGfz_vTq2fFxzUQ6oJBQCSwUd8KZqkudJheFFRJxsr7rcoYW3jqzRxHnoowrl9e_QKTCqNyc3gMysq8PqW0DDndPBh8yJYum7NQMGAzchDmFxvocWndQs1RbvSArgc9LbK1vdKbWPTb6N4b416kY32Dt_zIteEHPYaGFw46A-NwC3Kx5gww-eJvGxqXRaVi5LWueHBDafGLwuxB9DYdMj3G-I4bhw&cid=CAQSTADICaaNOv7ZwbAgrgAN4pk8yo9QU9CEvY64XgOxMG4_qPqwydgXlDvCQDJCqbqeC218soX7Clxrm5Bu8lG4CQfgN0aCOTANILWcQmUYAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.tuparada.com%2F&ds=l&xdt=1&iif=1&cor=2737505451164506600&adk=792902355&idt=152&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbf03d19d638a650734ed6da9aa7c87ba534362b9eedbfc670b997784739cacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12238
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame E5DF 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 17:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 17:07:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 34B2 41 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcoDVgyBrkuG09FzJ3RMgt66Qf-9JKx1H5U1HzUyn6GiMvOOzW99CXfb-oviEhX0qG3p_t2kZN38L4yCBYIMH0KmIsVz106BWPHsWyMlpRKg32a3Un2KUTIi_RQM-rhAyX0CXDmG4scFp3VxbCgzDfV6wH2BAXF2m1q6Sa6EgCF4gFI_o&cry=1&dbm_d=AKAmf-DnYEC1dZy61a5fuB2PBlsLaHZiY5gsgiKW2SFSC1KzNq1XiELkOUnPVJ3owDgCDzTqeU-XO6HU8DAS5nPqvFrqSl0YdHJG2RAx2QIkovZ_RUb1xTNFxUtX5HK7mbwppW6W_zqs7HYi-Wos_A-Te5AEcxluKf_x8eEWOK2ICVqCSwE03kCi4hfKcRoRHVYOZudI8F-ppQnCIbfDv5IbFShfa6d8gdet8gIxq2wkIxWFpFZlDvDdbcGVqZMeuigwVeWcgbLilnAQDhFIQG3vtwU6kTAQhvihSonjcDO6-spSuk24BFtc_df9cA-kKWC9Veq7GR2QFUuHAt2GQYC7DqSv7E9aeDuniOnQmPJw9vy_4Ii1rUxLzfpNRrSfObwTrHVvbCZJnaKzZt4sMa34d2fNHtnIZ4cMImDxDrIShN6FaPcvtqpZufowm3-jVQJXY7hFIbTOINyN7hNlgD3gEljsX90JSYva5aFHg84LJATJbK2Net9WScXD3lCL2Ury7lhPqmP9S_8WhFvrqxgxQwkfcEOpUnop2vCa0x2gJMzjoudIq21MkhgIO5QB4m3f7hXF7icnxLT0wgrcvkH9QGsBunwZOaolGcHhcHdtitFICgX8vR_7-4FwhcqRKW6p8w_ls8R7BAsEpIAt6Ewqarp83pJlvs7fda8r6VTG2-D1mu1hXJlxEY5_haYVnbuKTcPi3S-S1xBiLNRIpTOZ-OCglybI1dyJ0xq9Pp2oWxrpdov9I-RPvCfig9zSVRW1bVqY2jb80sU9Tze4pRd1sbW4SOQRhZ5sx-wX0s7p9n-6EvU-Koj8aUFwqkrsemp3mbrOhq5YVUsQiIVsLGcKyTsoEkzEfEMJrm-OENA1Ald6yFpuGKMgZSe5ygOtRCMVcsgvJV7JaogqUnx9n_UjDL3_2f_HITZCPF-7Wwy_EPjANNKBV1R18Qw4byH7U3zMizh0MGQFYo4RJngbO40t_tonEsgDJcbaqpym5bVsx9LBQLkbQ2EvFSfv4sQbM7AGAZgzX-IyaMRCY5zHJ76NhoL10Qe-mPlUND5XjoPQU7fM3US7hYKTOscG9MoMZ_OKKA5gM05nheufPA3tZlSlameP5cjSW8npY7XX5_i6Qu2Owj38GZFChu2u7TgWixZArQS9C2mX7kiBiGX0JElRikl8z5lOAPX1x4iuaDNllXaJh4l0zOe--dKUjNnZQh69Fhi7XjBB67EidnqJdfW-qAq066EJ5zhqxQObESaDiYpaqO3xeodWpOaLAhuBD7Fdmb5n4IDGBXoUrUL-DyM3BYakQMfIAk0Ar6aTgmnDT1lfOlkF-xllrF5a0r5ilK0uuBdFgsL1t6610eh-bkmOJmLxZtbsG14765fOA7Dz-DKEA1mJ8QcRrUqOM7bXnhBWJCf3Hw7lW4qyRETTMDG_Rhv82FGpujKU-qSWzPwDnr1_UUWAeI35RZgJWtbajCUmSbv5gk9IkzgNBQMOlovE_dwn9OtFzOfFsKvGitH4pe9XaJn9zzNPhAamhwsYOQx0NZGjSViTZZY8hWIFeuKJLMuu9Su5lMf54nUhItqq0_46O361N9Uf9JfkdIFOdGzl0bBV0g-E4Rz5H0qelWwv5umfIMk_xa6wUBUEWfFC7z6b7aEOvBFiyO9Oaqiz-ztjcTqjlG7e9YKMMWlnMXcvXyshgSM2_9u1wwr9Hh6j3uW5DS0L3C9YPmgpY2TWiIu_djKoPPDgiMR7K0c8No9B-6M2HRTDKxE7zXqLh49zT6d5yDTTA9_eXSs9TBAryl0vIlQsl9kKPXk2_K50ZzSyTM6Ne0vvZ1qVJ8pBi_rpaxHm1zncjQrLlwW3O9YAPdgHFo81R_EzhS5KHfUzU4_ei4izCy0x8DxU8Wbz49UXpukO9MXFOoufJxwZYO3Oro-ZKQX562c5cmuWJ4NSAmstIWe-u-nQgR4zP9CZ3a0FUJIhlVrUd2i6m_Xj60YPqms2ohOj92dCxoz8dyseMYipeGiJ17X_O6bWB7mDmyg-ZW3MkkCcUXqnR9_0229RwavaaOt1WWCaLWRpyYxi1ktnkxdHzfTCmkOZf2TohMFzPgjEoP24mIJmhhMGt2xzGtyP65OC5cDvYtTnyZIoO_Rq4WSueCukzklzSvnaF1fYoOszRsJD2MKkT0my7j8YIEHu9oLY1bvmd1kZdtKLAPyeS-YpGI_m6B8tEIFRi9GGUUEVJS_zKyKra5eVXuJnQug-mIvN6SoPE_FuUXfYKxqwhwyUIhy04hrbTTBrte_a0ctAQfhhk161HCM1NkUdR085NRRWyA6tENCrI71RC3x_s3uy7W_HbMYGFgYaKWfRnNzo8vng7iG5CEbA3tPksCKg372xbif-6OWGONJWclLjoZ4fEA5anzbsD_C4JA-7r0Wiucmn1JfmX2OmAib3m0SzohldJdNiFF-iL9uf8S3kXNoKpM2ev6IHD6XmyfUEb6B5NH7LWwrayHWZy9w_NXGH0dpriINNhNwhjal1u5A1Sbx4Pc2O6dnaqqgktzl4JDdTpMCQAaSyzSknB1FZtbU0zlouIBKeU6FUCTngB4nHyPbPygXJib_X5jaOi1DN9enXnhZU8RCs6Hxyvv8g293oKtSiKG_IAEaMiJjnPSeEMypXmTxvCAh534IWd7r5tAmBHb0IWd6Mg0CwpuufrCJ3JoeQYLqVDNcbf-TZ-VKq_cvwn1MH6YN3eHZnS4fu8BnVPmz701nNsoDEHh-3DeSGoZZabe8Op5peUOYftFyOfBbyjfRMB5tFFjHXjsuWHpwaD7eCNVKHQyGsP-EhoQnWrTGfz_vTq2fFxzUQ6oJBQCSwUd8KZqkudJheFFRJxsr7rcoYW3jqzRxHnoowrl9e_QKTCqNyc3gMysq8PqW0DDndPBh8yJYum7NQMGAzchDmFxvocWndQs1RbvSArgc9LbK1vdKbWPTb6N4b416kY32Dt_zIteEHPYaGFw46A-NwC3Kx5gww-eJvGxqXRaVi5LWueHBDafGLwuxB9DYdMj3G-I4bhw&cid=CAQSTADICaaNOv7ZwbAgrgAN4pk8yo9QU9CEvY64XgOxMG4_qPqwydgXlDvCQDJCqbqeC218soX7Clxrm5Bu8lG4CQfgN0aCOTANILWcQmUYAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.tuparada.com%2F&ds=l&xdt=1&iif=1&cor=2737505451164506600&adk=792902355&idt=152&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 307445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 06:58:24 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 34B2
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1562583/72689833/xbbe/creative/adj?p=APEucNXO1r05mu-PvPniOhmxWNgsqTi5eF5L8mCE1Bse-p5Bvrdk9YI&d=CokBAKAmf-BaD_UKM_HgMnVQC7FKsflSOVl56V-MU4OHqTQ5Z2oLnGPddT09mwV...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXO1r05mu-PvPniOhmxWNgsqTi5eF5L8mCE1Bse-p5Bvrdk9YI&d=CokBAKAmf-BaD_UKM_HgMnVQC7FKsflSOVl56V-MU4OHqTQ5Z2oLnGPddT09mwVAI_H8kvCuNlHP7t4BOC-H0vNN4...

73 KB
25 KB

138ms
51ms

Script
text/javascript

64.233.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXO1r05mu-PvPniOhmxWNgsqTi5eF5L8mCE1Bse-p5Bvrdk9YI&d=CokBAKAmf-BaD_UKM_HgMnVQC7FKsflSOVl56V-MU4OHqTQ5Z2oLnGPddT09mwVAI_H8kvCuNlHP7t4BOC-H0vNN4h6ls6jLwFNUU2CLd17h_h8flp-Hz_h68DBtoc6xtYJgt16p5DdDbS5dkJmGWN6SJmPMQ8G5QZmtmt3KjaulPmq2wcvWvjJ5Zq4SqRUAoCZ_4HSeir93Z2SAy2RPkuAgvmF8f0jwke0zFt83RkM6QT12Tj6cu41em7d927gKPOTwXKw7qhxQMYvlh7WLcU7tK3hS1eTzZKRpXP-aqYBkDYSGso9VujxxJVxTbPxD07qVydxO5NA_44hRNgqQbciklZKjRIq1QUzrV3RSrMYW_2oebVOaCoJF6yyO_jWBQ7HIckKmNmjcYexSWWxzvT-CJEyfc9T94CcGhJI6H0croZzf1_NCeaatqZc20UfaaZtqmTsohtTeFLLaxs4GcnfCLjkXFAK4_-IuRuigg0yjSZZoweRv_jZfH4lUryJEz_A1Mgrsbd4zgRsTRxCC6hYIRJxiBqHhFz-GkYye0Ud0Z2eJyeBY1JkhyAxGQ3bGAdZqw5-JITmQa1ULfH5UhDLFKLTqDEMRLGC3r1KZuUo-uWs7IbOXecVMmA7Sx7rgZywYUKMcqLaNFhRKEDb6yGND-BWRbrXbBj_wwNcEAcSiwWACkAZoyPYqNItMWy07Sg_AP-_yW1rxnwk7KFybkaeny4x42YEuKAcCHfzyLiTjNxNqquL3zDDyLRqmXGv-iPSbjnTy7ec4bCdbg1WsDR7dHnUox1eISABrlsv-XqN5ZMbBTw71wiKk2JiAlnVlvvoKkgc9GZTnLj-lOls1mDuKt0Yl1mdWo0HCSvIHZQyxXMUZmU9Q8nBT1_U6XW1cka82wlBlkWcCHFWyVHldQfhoKH8MJirpj1-GzyQvA1tGpiCRq4CAA4xoHWxMosx73hspSt9FcU7Km11u_PUom3ML5dK9rsKE80hy82bRceIoRrBYx8yR_QOhZA_noVuSutaEhPcRvBtjsmd8tlPlkW8J-cJPCpaLYKtSNbPfYy_oieKQjPBfvA9L3UH3ETiL2Y3GVIR_XgS6AXUaawoz47jYQ2GsiuAalXigpA3G_Z2hxwclc2SA5mAQWI9Zh-1-Kj-x8zchb9sFw1r5BOHh5uwOXqjf48AaaFO_0ThE5V57e3T1mFLjJdA7IfaydACjoD9-x6sS62c7zuGzNb4WkTbI0D5W618JlZWYS1orqw_uWJuF6qWFlLy1SK-tGw5ZoDjevveux1aqCXJ13pCfABaFBMcEW9BcMQ9XqUpGjF1Rmc-bJqtHzLaCA3n8fhEK8WDg8Ssq_H0JzdSb4iI2tNcqI7RUzQhh2OqgbcjcVHIgxnSpzvqGZ_7-uPvwQ1vtEze-zSM_A6jigYnvTwQ-y5k0Ewe2_a8_CUEgd-5-KiwKyS6D2gs46e8uPellhbHytXqf-hGnKXd6ja6q2Uemc-_SAs_Xxc7L2isVFJnShPMY_yvEo2TZhuXW9lrXvHwz-I08tBG_6fs7K5myJ7-Ds58-QHNHrtw6-cYRtIn0MFyE0R8eTKesoKomYzubfqNzWdziN6IZ0jk3CABu3ECEzXiTXKpunIMYA7wK4qpLx-GclH_mc97-82L5N7Gd0ugeRt7OuNI8T_kuY-Tzk-Pkj6WXazCnFaETsSpjUxX4b548FIHCPo-6A1z4DjylNAich8rwmXfGiRZPt6wjJyIJip720cQIUXXQeUTDD5JpLBD8h5wkoLyQLRD8epCLNw2s7EywUe_3PwlHiP-jFaVDy-7dJjGeVmkJSKDJW0m5RvXrCDiUP2Zs75H9phYSjRkBO4PRbXTg7mG5hW15gdtgSuRDR47cEWqzHnKVF1f9KjOQPtaCHygZON61apPg2KU8R5QkAU3wuvJLbKfMUaHxf_qM2qE5uZKZBbnXyTojGstdXQu2JGggu9VUWhNKO-3tMwf7Uj077NVfIYfFPEq969jECnJmFsO59urs88e0zZ4OQ7PpkgZFWNQ_YbQa7cwWNftN89UXa8kDMa4gs6vWwRxl3Lhi6vE5Ky9d8bTsgdTkGVhzgDIe1mMZIgMtrcDHr02y5vd6isscT1vkfBwZ382LJCJCjf-h79IFdVD4aNwQT218aX4sfbwJ53APrLxiiMTjXcZli7XGaiJ3kNE2DZJSKTjtzWXHWGIL7NoUdjYCEAzBd_ooo_MrChV2DxnkZSus3uUrtIBeRmGN2gMUEkwh-_ZtefRwD6hiVz5oPWXNIQjigjR-HbBCD5UeIahvfy862jQQFJAaH4YLSEOnH-ZfO64Ttv-ka2NeU5Vm-DXdw_Xfrwq97FrhQHsLoGn8zoxnpW0-Bp7TomNO9NquG6X3lBuDFVSaauMubq-t1q9ggJ2wAE5Ado6N_plp4-y3Hn3uxH0dIQphi2ijVoldm2b3Tb2g7AkXeGo5gpeyBB_E0ZsBw6WQrTMciRwSM2nBAxRI7pai7TdHjSifP7H9Zw-tXDPR9GJKiBI_NhTp6BGfU3iWe1_ZwRct_C2hCHwdKi7dMOf0YvcbYZWTY13LKFraix5nvaQatytkeeKBj96-X6zA0XAV524JNdhE6wbCXgINQ7hhdTRMto5vGCYGzNSJwyrgvVSat6IA_UKNbRr17L3JGIAIFIOUNGZEZVI0CEMtfBsW5bxEEUaV-MXkPdOOyi56iXkpvy_FlpIXV8MtsRMGSj9VcOj-O9OYrWtGg34wjo1m35Nkr0DCxRQsYTghofPvjBk1UVLrDRMAQOBVPozN-_FfW37kqY99NHJlePk53bwVeK7juEYEGgS000KKfWSBnGvMAwY1q7oc6UaT_U49m4gbnXWkjvL6VED21NbHilPx5HCYmTWrCrCvv1TZkvrTGDZMmVMBmANgdaIaRSRkc69b7QRm9KXopcR4OmsIZ_ssdGptyf8SBTlqdsI7Gyr7gSfQnB9M4H1l0BV2IWaxSXv3unoz1kguC0X7rQ-uRwX1F-R4lVill9EeAksmDsr14fOegO1UnHaBcIhcXLlf6PrTx0x3T7R0_anZ7ibD8k5kG_IiWgoxDPySZQh5oCFDeZ6FS3GNMKys6fdDDg71aurTv3JxxRlrAaX2ZJjnGniwv06_OofP4JzQp6VYdHpLbrra6p-ANiDdR2Ob10tXlLrHcty7ROgP-Ma_6EDdLEbWuKs8xvqJQEEf2l7Uw9XsuDQUcf9xuCtTPLcIVTWSn4V2oRB0PdycmUQFBF6MsTO5lrC8Fzmjgluv_gBlYzPqXfYgyKRzYn7C8a2paAi185BDUDW9s40FWCpB9UAzxviEz0zrTRc0yCXsjde-j-0KOrr6xSYUrBp9wXzEUuh4GuoK4n_Frn4jMoaruX1SrSDtnZv7CR89yvlqzkDAgUxNlv722g6GMhwHA4fBnMVbQPWc-ucjnXV4SLtH3LeQj2NX6M8FHfspMyAMvxryuYfhF-stiHTcnrqpZc9QqJg5p74kd9bjeXlHZV0zxtQST8EpvbjxOo5WLNCPWYtEDYt_9bXKmBmT9EDsoqa29ofjA6zSXA8XW3zMihSCOp8-uYwr2EOLx-YJseBwkJrdsbGTd7eypleZWZuRhsiKfv32ktmY_bGu0dIx6NNmlb_W5wq5taJJyQDPFEQpOM45J5g5euai-t5Q0VCMjm5fQivobtr8ihwIdEnDsOnmPJmwKXo3r4NdgpayVyLhULxGCxvSfOeimcXnZS8IfN_gywjtMHFKO_8-Ws9sRyfCd0fHbvTkRVE5A15whXumZXzf60_sFm0J4BWL_dEDO9zLV5kSuX2tCRpSCAQSTADICaaNOv7ZwbAgrgAN4pk8yo9QU9CEvY64XgOxMG4_qPqwydgXlDvCQDJCqbqeC218soX7Clxrm5Bu8lG4CQfgN0aCOTANILWcQmUYAWAB&cry=1&bundleId=

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

64.233.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f156.1e100.net

Software

cafe /

Resource Hash

4970e1570b8604716eff6f6d33629be54158e630fe1b5f8c72ad9887762edadb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25001
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: nginx
x-server-name: app25.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXO1r05mu-PvPniOhmxWNgsqTi5eF5L8mCE1Bse-p5Bvrdk9YI&d=CokBAKAmf-BaD_UKM_HgMnVQC7FKsflSOVl56V-MU4OHqTQ5Z2oLnGPddT09mwVAI_H8kvCuNlHP7t4BOC-H0vNN4h6ls6jLwFNUU2CLd17h_h8flp-Hz_h68DBtoc6xtYJgt16p5DdDbS5dkJmGWN6SJmPMQ8G5QZmtmt3KjaulPmq2wcvWvjJ5Zq4SqRUAoCZ_4HSeir93Z2SAy2RPkuAgvmF8f0jwke0zFt83RkM6QT12Tj6cu41em7d927gKPOTwXKw7qhxQMYvlh7WLcU7tK3hS1eTzZKRpXP-aqYBkDYSGso9VujxxJVxTbPxD07qVydxO5NA_44hRNgqQbciklZKjRIq1QUzrV3RSrMYW_2oebVOaCoJF6yyO_jWBQ7HIckKmNmjcYexSWWxzvT-CJEyfc9T94CcGhJI6H0croZzf1_NCeaatqZc20UfaaZtqmTsohtTeFLLaxs4GcnfCLjkXFAK4_-IuRuigg0yjSZZoweRv_jZfH4lUryJEz_A1Mgrsbd4zgRsTRxCC6hYIRJxiBqHhFz-GkYye0Ud0Z2eJyeBY1JkhyAxGQ3bGAdZqw5-JITmQa1ULfH5UhDLFKLTqDEMRLGC3r1KZuUo-uWs7IbOXecVMmA7Sx7rgZywYUKMcqLaNFhRKEDb6yGND-BWRbrXbBj_wwNcEAcSiwWACkAZoyPYqNItMWy07Sg_AP-_yW1rxnwk7KFybkaeny4x42YEuKAcCHfzyLiTjNxNqquL3zDDyLRqmXGv-iPSbjnTy7ec4bCdbg1WsDR7dHnUox1eISABrlsv-XqN5ZMbBTw71wiKk2JiAlnVlvvoKkgc9GZTnLj-lOls1mDuKt0Yl1mdWo0HCSvIHZQyxXMUZmU9Q8nBT1_U6XW1cka82wlBlkWcCHFWyVHldQfhoKH8MJirpj1-GzyQvA1tGpiCRq4CAA4xoHWxMosx73hspSt9FcU7Km11u_PUom3ML5dK9rsKE80hy82bRceIoRrBYx8yR_QOhZA_noVuSutaEhPcRvBtjsmd8tlPlkW8J-cJPCpaLYKtSNbPfYy_oieKQjPBfvA9L3UH3ETiL2Y3GVIR_XgS6AXUaawoz47jYQ2GsiuAalXigpA3G_Z2hxwclc2SA5mAQWI9Zh-1-Kj-x8zchb9sFw1r5BOHh5uwOXqjf48AaaFO_0ThE5V57e3T1mFLjJdA7IfaydACjoD9-x6sS62c7zuGzNb4WkTbI0D5W618JlZWYS1orqw_uWJuF6qWFlLy1SK-tGw5ZoDjevveux1aqCXJ13pCfABaFBMcEW9BcMQ9XqUpGjF1Rmc-bJqtHzLaCA3n8fhEK8WDg8Ssq_H0JzdSb4iI2tNcqI7RUzQhh2OqgbcjcVHIgxnSpzvqGZ_7-uPvwQ1vtEze-zSM_A6jigYnvTwQ-y5k0Ewe2_a8_CUEgd-5-KiwKyS6D2gs46e8uPellhbHytXqf-hGnKXd6ja6q2Uemc-_SAs_Xxc7L2isVFJnShPMY_yvEo2TZhuXW9lrXvHwz-I08tBG_6fs7K5myJ7-Ds58-QHNHrtw6-cYRtIn0MFyE0R8eTKesoKomYzubfqNzWdziN6IZ0jk3CABu3ECEzXiTXKpunIMYA7wK4qpLx-GclH_mc97-82L5N7Gd0ugeRt7OuNI8T_kuY-Tzk-Pkj6WXazCnFaETsSpjUxX4b548FIHCPo-6A1z4DjylNAich8rwmXfGiRZPt6wjJyIJip720cQIUXXQeUTDD5JpLBD8h5wkoLyQLRD8epCLNw2s7EywUe_3PwlHiP-jFaVDy-7dJjGeVmkJSKDJW0m5RvXrCDiUP2Zs75H9phYSjRkBO4PRbXTg7mG5hW15gdtgSuRDR47cEWqzHnKVF1f9KjOQPtaCHygZON61apPg2KU8R5QkAU3wuvJLbKfMUaHxf_qM2qE5uZKZBbnXyTojGstdXQu2JGggu9VUWhNKO-3tMwf7Uj077NVfIYfFPEq969jECnJmFsO59urs88e0zZ4OQ7PpkgZFWNQ_YbQa7cwWNftN89UXa8kDMa4gs6vWwRxl3Lhi6vE5Ky9d8bTsgdTkGVhzgDIe1mMZIgMtrcDHr02y5vd6isscT1vkfBwZ382LJCJCjf-h79IFdVD4aNwQT218aX4sfbwJ53APrLxiiMTjXcZli7XGaiJ3kNE2DZJSKTjtzWXHWGIL7NoUdjYCEAzBd_ooo_MrChV2DxnkZSus3uUrtIBeRmGN2gMUEkwh-_ZtefRwD6hiVz5oPWXNIQjigjR-HbBCD5UeIahvfy862jQQFJAaH4YLSEOnH-ZfO64Ttv-ka2NeU5Vm-DXdw_Xfrwq97FrhQHsLoGn8zoxnpW0-Bp7TomNO9NquG6X3lBuDFVSaauMubq-t1q9ggJ2wAE5Ado6N_plp4-y3Hn3uxH0dIQphi2ijVoldm2b3Tb2g7AkXeGo5gpeyBB_E0ZsBw6WQrTMciRwSM2nBAxRI7pai7TdHjSifP7H9Zw-tXDPR9GJKiBI_NhTp6BGfU3iWe1_ZwRct_C2hCHwdKi7dMOf0YvcbYZWTY13LKFraix5nvaQatytkeeKBj96-X6zA0XAV524JNdhE6wbCXgINQ7hhdTRMto5vGCYGzNSJwyrgvVSat6IA_UKNbRr17L3JGIAIFIOUNGZEZVI0CEMtfBsW5bxEEUaV-MXkPdOOyi56iXkpvy_FlpIXV8MtsRMGSj9VcOj-O9OYrWtGg34wjo1m35Nkr0DCxRQsYTghofPvjBk1UVLrDRMAQOBVPozN-_FfW37kqY99NHJlePk53bwVeK7juEYEGgS000KKfWSBnGvMAwY1q7oc6UaT_U49m4gbnXWkjvL6VED21NbHilPx5HCYmTWrCrCvv1TZkvrTGDZMmVMBmANgdaIaRSRkc69b7QRm9KXopcR4OmsIZ_ssdGptyf8SBTlqdsI7Gyr7gSfQnB9M4H1l0BV2IWaxSXv3unoz1kguC0X7rQ-uRwX1F-R4lVill9EeAksmDsr14fOegO1UnHaBcIhcXLlf6PrTx0x3T7R0_anZ7ibD8k5kG_IiWgoxDPySZQh5oCFDeZ6FS3GNMKys6fdDDg71aurTv3JxxRlrAaX2ZJjnGniwv06_OofP4JzQp6VYdHpLbrra6p-ANiDdR2Ob10tXlLrHcty7ROgP-Ma_6EDdLEbWuKs8xvqJQEEf2l7Uw9XsuDQUcf9xuCtTPLcIVTWSn4V2oRB0PdycmUQFBF6MsTO5lrC8Fzmjgluv_gBlYzPqXfYgyKRzYn7C8a2paAi185BDUDW9s40FWCpB9UAzxviEz0zrTRc0yCXsjde-j-0KOrr6xSYUrBp9wXzEUuh4GuoK4n_Frn4jMoaruX1SrSDtnZv7CR89yvlqzkDAgUxNlv722g6GMhwHA4fBnMVbQPWc-ucjnXV4SLtH3LeQj2NX6M8FHfspMyAMvxryuYfhF-stiHTcnrqpZc9QqJg5p74kd9bjeXlHZV0zxtQST8EpvbjxOo5WLNCPWYtEDYt_9bXKmBmT9EDsoqa29ofjA6zSXA8XW3zMihSCOp8-uYwr2EOLx-YJseBwkJrdsbGTd7eypleZWZuRhsiKfv32ktmY_bGu0dIx6NNmlb_W5wq5taJJyQDPFEQpOM45J5g5euai-t5Q0VCMjm5fQivobtr8ihwIdEnDsOnmPJmwKXo3r4NdgpayVyLhULxGCxvSfOeimcXnZS8IfN_gywjtMHFKO_8-Ws9sRyfCd0fHbvTkRVE5A15whXumZXzf60_sFm0J4BWL_dEDO9zLV5kSuX2tCRpSCAQSTADICaaNOv7ZwbAgrgAN4pk8yo9QU9CEvY64XgOxMG4_qPqwydgXlDvCQDJCqbqeC218soX7Clxrm5Bu8lG4CQfgN0aCOTANILWcQmUYAWAB&cry=1&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0E1A 91 KB
23 KB 28ms
28ms Script
application/javascript 2600:9000:20ab:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 2463321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: _QjD95wgynbvY0Mp6RFPuZ-WE6QWf8T923if-rhyU0WBstcsN7ZVNw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 34B2 43 B
215 B 116ms
115ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1562583&asId=a847fb56-e944-866e-4a3a-5686ebe10711&tv=%7Bc:pgpcLF,pingTime:-3,time:44,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:44,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQU0zdR+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h*.1562583-72689833%7C1h1,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 34B2 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1562583&asId=a847fb56-e944-866e-4a3a-5686ebe10711&tv=%7Bc:pgpcLH,pingTime:-6,time:46,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:46,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQU0zdR+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h*.1562583-72689833%7C1h1,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&tpiLookup=ao:www.tuparada.com*&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 34B2 43 B
215 B 113ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1562583&asId=a847fb56-e944-866e-4a3a-5686ebe10711&tv=%7Bc:pgpcLM,pingTime:-2,time:51,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:282,beZ:283,mfA:285,cmA:286,inA:286,inZ:289,prA:290,prZ:297,si:302,poA:303,poZ:324,cmZ:324,mfZ:324,loA:328,loZ:330,ltA:333,ltZ:333%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f.990511-61634100%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h*.1562583-72689833%7C1h1,idMap:1h*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:20,sinceFw:29,readyFired:false%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C607 43 B
215 B 112ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8ef9e214-4d94-eb57-b8f7-5f1782e0c247&tv=%7Bc:pgpcMr,pingTime:-10,time:477,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC45MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1695673349507%7C%7C7b292b5e0bc4ae0bda8cb18eafbfc313%7C%7C199e3e9b25646aa537dd955449f85ae0%7C%7C95c75353548963c02736f62002e2af53%7C%7C0d6b1c149064ab471e323979af3d6f65%7C%7Cc527eee63c5eb5fa07127986dc365a3c%7C%7C4a8bebb38106ee308d0e3d0903ccfcf0%7C%7C0e68e174e60aadc1b916fb11e44a288c%7C%7C1663701684%7D
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 34B2 43 B
215 B 113ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1562583&asId=a847fb56-e944-866e-4a3a-5686ebe10711&tv=%7Bc:pgpcMy,time:99,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D,gcd2:%7Bappl:1,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:99,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B94~0%5D,as:%5B94~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f.990511-61634100%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h*.1562583-72689833%7C1h1,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 34B2 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1562583&asId=a847fb56-e944-866e-4a3a-5686ebe10711&tv=%7Bc:pgpcMP,pingTime:-10,time:116,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC45MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1695673349507%7C%7C7b292b5e0bc4ae0bda8cb18eafbfc313%7C%7C199e3e9b25646aa537dd955449f85ae0%7C%7C95c75353548963c02736f62002e2af53%7C%7C0d6b1c149064ab471e323979af3d6f65%7C%7Cc527eee63c5eb5fa07127986dc365a3c%7C%7C4a8bebb38106ee308d0e3d0903ccfcf0%7C%7C0e68e174e60aadc1b916fb11e44a288c%7C%7C1663701684,sca:%7Bspg:8ef9e214-4d94-eb57-b8f7-5f1782e0c247%7D%7D
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: nginx
x-server-name: dt31.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 66E7 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 93079
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:31:10 GMT
expires: Mon, 23 Sep 2024 18:31:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js Show response
pagead2.googlesyndication.com/bg/ Frame 66E7 38 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9203eef2e7058d05a6f6c3f022d1b7c460bd0bce1bfa33dc52dfde9c3dc5e8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 478919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:20:30 GMT

GET
H3 200 container.html Show response
76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A9CC 6 KB
3 KB 19ms
18ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tuparada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:27 GMT
expires: Tue, 24 Sep 2024 20:22:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A0BB 140 KB
47 KB 207ms
97ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRHsBQAFzXgK4GuSAAEMHYUlQ71MDp2bnK-0YQ&u=%7Coi%2FVmCrRyGUJD7%2BibH9XcMr4ScvQTmasxZaUlOuELG4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5I_gGZ0oWA1lbtxKvkwKRDpCIoFOcm45g2X5SRpPM25oj-YIz50UpGSyPCDM9is8V5bMPY88uu8N6bGv8lLeP_xtRP3LaRYC0gSK1E_DrRpzcTlEyT8oYvpoETcHwnz4p9A1NZMwI4KHarSRr7izF3w_QXIwm4fPPfpzvW5RUnkpNKbSTdypwXkMPQytUIRk9GG0YmhuA4iWd7zuSMeBdryJzsylnY17KVUuTH9tM9flzEuCFla66A5H4oAKkeTW8Htx8rrTnp_KdkXwOCkvXUtW_wkoBqoXup0LRHNmtyIGri0fVAJ6dZwx-1d6nQcCdtNG_leZNJ-9U_aB0BJhVeOz8j78MFb6XdFZ-a0VhyM5IhAos7V-8geUbrHhqGYui-wrLn0RgyKcO1fCHks62r0yUBCq8sD3q9Bkj7beCAv1C0K5xBLwjwNTv-zjzqydlIZzp2MfD9kyIACn1hxN0t0EG-iGnpBqcgJMkdhCsE21DFAURAOcNNpGrJCpyPVSd4AxwPmWMSelJ2vsuR5zzVBpeILQcf2YjOCBvxgfCyYiiqfSFrRoQhI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3L-QBewRZfiaF5LXgQedmIS4C8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjg1NzEyODE3MTYxNTM1OcgBCakCWqHfpLy_sT7gAgCoAwHIAwKqBIICT9AXtmLANv3yx7DKvx8mHkUo29hULecKU3G00Ck9aP7oOuDnqjZMu_v69o0hjuss7vAAYXyoPlfHCk33BJQ42vTc-3Y9SpCnalXOEXvEyHugFWpwLzhJ1tufZS1OEwpiMRhgTVMi7XEeUU8fGuKl6kGdMQDZXCcH89s1AWMKfn4G05h1vmgqevKtXPOy-74-H1B2Z-BM8Q6LrviBSmXnefmrwG6J2g1HcliWEn1lWmx2juFokxIvQ7D_MGHQMnS5HGG7uegJT326KEAypumuR5TuCy_3MycjsT0eIsZYV8e_XN0eYyo3-aWEelDQTSE8QurzEvUlScuHmnixZfmPsWAa4AQBgAbGxMuW6vDrpkSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3uumujWWpoHQnEpKbp7qvuWYBo2Q%26client%3Dca-pub-2857128171615359%26adurl%3D

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

974c3f70dcc3f6215a988e9ccc52716c03e2cb1861ced108c6efc18d636f1bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:29 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=iZDLf4I5hbidHMGjiY55e4b-uXO9WKkehmjTMNrhB1N0jLH94iWybQQ_9eF3J4tasYsu5zBRpMu6EBiORECWkGbOhfEtz5DL42qUBAkuqGfhGP6dwlOAVtZUi84SAlj93pAk0amdTmpX2j7iH3JR6FNwUHb93z3ayix9QlJIDsu5dc-xRQpoymup_jdsBaPUcWiA29eewJANPLp4pZd2X1a-XzeKER7dRuP3SQFsT73z-HD3l956eoyB1ZAZL2Xtk-W4cQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 55004856
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame A9CC 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame A9CC 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A9CC 24 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 308900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Sep 2024 06:34:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9CC 182 KB
57 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:22:29 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 34B2 111 KB
39 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
Origin: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 21:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 21:04:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230921/r20110914/elements/html/ Frame 34B2 11 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230921/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1562583/72689833/xbbe/creative/adj?p=APEucNXO1r05mu-PvPniOhmxWNgsqTi5eF5L8mCE1Bse-p5Bvrdk9YI&d=CokBAKAmf-BaD_UKM_HgMnVQC7FKsflSOVl56V-MU4OHqTQ5Z2oLnGPddT09mwVAI_H8kvCuNlHP7t4BOC-H0vNN4h6ls6jLwFNUU2CLd17h_h8flp-Hz_h68DBtoc6xtYJgt16p5DdDbS5dkJmGWN6SJmPMQ8G5QZmtmt3KjaulPmq2wcvWvjJ5Zq4SqRUAoCZ_4HSeir93Z2SAy2RPkuAgvmF8f0jwke0zFt83RkM6QT12Tj6cu41em7d927gKPOTwXKw7qhxQMYvlh7WLcU7tK3hS1eTzZKRpXP-aqYBkDYSGso9VujxxJVxTbPxD07qVydxO5NA_44hRNgqQbciklZKjRIq1QUzrV3RSrMYW_2oebVOaCoJF6yyO_jWBQ7HIckKmNmjcYexSWWxzvT-CJEyfc9T94CcGhJI6H0croZzf1_NCeaatqZc20UfaaZtqmTsohtTeFLLaxs4GcnfCLjkXFAK4_-IuRuigg0yjSZZoweRv_jZfH4lUryJEz_A1Mgrsbd4zgRsTRxCC6hYIRJxiBqHhFz-GkYye0Ud0Z2eJyeBY1JkhyAxGQ3bGAdZqw5-JITmQa1ULfH5UhDLFKLTqDEMRLGC3r1KZuUo-uWs7IbOXecVMmA7Sx7rgZywYUKMcqLaNFhRKEDb6yGND-BWRbrXbBj_wwNcEAcSiwWACkAZoyPYqNItMWy07Sg_AP-_yW1rxnwk7KFybkaeny4x42YEuKAcCHfzyLiTjNxNqquL3zDDyLRqmXGv-iPSbjnTy7ec4bCdbg1WsDR7dHnUox1eISABrlsv-XqN5ZMbBTw71wiKk2JiAlnVlvvoKkgc9GZTnLj-lOls1mDuKt0Yl1mdWo0HCSvIHZQyxXMUZmU9Q8nBT1_U6XW1cka82wlBlkWcCHFWyVHldQfhoKH8MJirpj1-GzyQvA1tGpiCRq4CAA4xoHWxMosx73hspSt9FcU7Km11u_PUom3ML5dK9rsKE80hy82bRceIoRrBYx8yR_QOhZA_noVuSutaEhPcRvBtjsmd8tlPlkW8J-cJPCpaLYKtSNbPfYy_oieKQjPBfvA9L3UH3ETiL2Y3GVIR_XgS6AXUaawoz47jYQ2GsiuAalXigpA3G_Z2hxwclc2SA5mAQWI9Zh-1-Kj-x8zchb9sFw1r5BOHh5uwOXqjf48AaaFO_0ThE5V57e3T1mFLjJdA7IfaydACjoD9-x6sS62c7zuGzNb4WkTbI0D5W618JlZWYS1orqw_uWJuF6qWFlLy1SK-tGw5ZoDjevveux1aqCXJ13pCfABaFBMcEW9BcMQ9XqUpGjF1Rmc-bJqtHzLaCA3n8fhEK8WDg8Ssq_H0JzdSb4iI2tNcqI7RUzQhh2OqgbcjcVHIgxnSpzvqGZ_7-uPvwQ1vtEze-zSM_A6jigYnvTwQ-y5k0Ewe2_a8_CUEgd-5-KiwKyS6D2gs46e8uPellhbHytXqf-hGnKXd6ja6q2Uemc-_SAs_Xxc7L2isVFJnShPMY_yvEo2TZhuXW9lrXvHwz-I08tBG_6fs7K5myJ7-Ds58-QHNHrtw6-cYRtIn0MFyE0R8eTKesoKomYzubfqNzWdziN6IZ0jk3CABu3ECEzXiTXKpunIMYA7wK4qpLx-GclH_mc97-82L5N7Gd0ugeRt7OuNI8T_kuY-Tzk-Pkj6WXazCnFaETsSpjUxX4b548FIHCPo-6A1z4DjylNAich8rwmXfGiRZPt6wjJyIJip720cQIUXXQeUTDD5JpLBD8h5wkoLyQLRD8epCLNw2s7EywUe_3PwlHiP-jFaVDy-7dJjGeVmkJSKDJW0m5RvXrCDiUP2Zs75H9phYSjRkBO4PRbXTg7mG5hW15gdtgSuRDR47cEWqzHnKVF1f9KjOQPtaCHygZON61apPg2KU8R5QkAU3wuvJLbKfMUaHxf_qM2qE5uZKZBbnXyTojGstdXQu2JGggu9VUWhNKO-3tMwf7Uj077NVfIYfFPEq969jECnJmFsO59urs88e0zZ4OQ7PpkgZFWNQ_YbQa7cwWNftN89UXa8kDMa4gs6vWwRxl3Lhi6vE5Ky9d8bTsgdTkGVhzgDIe1mMZIgMtrcDHr02y5vd6isscT1vkfBwZ382LJCJCjf-h79IFdVD4aNwQT218aX4sfbwJ53APrLxiiMTjXcZli7XGaiJ3kNE2DZJSKTjtzWXHWGIL7NoUdjYCEAzBd_ooo_MrChV2DxnkZSus3uUrtIBeRmGN2gMUEkwh-_ZtefRwD6hiVz5oPWXNIQjigjR-HbBCD5UeIahvfy862jQQFJAaH4YLSEOnH-ZfO64Ttv-ka2NeU5Vm-DXdw_Xfrwq97FrhQHsLoGn8zoxnpW0-Bp7TomNO9NquG6X3lBuDFVSaauMubq-t1q9ggJ2wAE5Ado6N_plp4-y3Hn3uxH0dIQphi2ijVoldm2b3Tb2g7AkXeGo5gpeyBB_E0ZsBw6WQrTMciRwSM2nBAxRI7pai7TdHjSifP7H9Zw-tXDPR9GJKiBI_NhTp6BGfU3iWe1_ZwRct_C2hCHwdKi7dMOf0YvcbYZWTY13LKFraix5nvaQatytkeeKBj96-X6zA0XAV524JNdhE6wbCXgINQ7hhdTRMto5vGCYGzNSJwyrgvVSat6IA_UKNbRr17L3JGIAIFIOUNGZEZVI0CEMtfBsW5bxEEUaV-MXkPdOOyi56iXkpvy_FlpIXV8MtsRMGSj9VcOj-O9OYrWtGg34wjo1m35Nkr0DCxRQsYTghofPvjBk1UVLrDRMAQOBVPozN-_FfW37kqY99NHJlePk53bwVeK7juEYEGgS000KKfWSBnGvMAwY1q7oc6UaT_U49m4gbnXWkjvL6VED21NbHilPx5HCYmTWrCrCvv1TZkvrTGDZMmVMBmANgdaIaRSRkc69b7QRm9KXopcR4OmsIZ_ssdGptyf8SBTlqdsI7Gyr7gSfQnB9M4H1l0BV2IWaxSXv3unoz1kguC0X7rQ-uRwX1F-R4lVill9EeAksmDsr14fOegO1UnHaBcIhcXLlf6PrTx0x3T7R0_anZ7ibD8k5kG_IiWgoxDPySZQh5oCFDeZ6FS3GNMKys6fdDDg71aurTv3JxxRlrAaX2ZJjnGniwv06_OofP4JzQp6VYdHpLbrra6p-ANiDdR2Ob10tXlLrHcty7ROgP-Ma_6EDdLEbWuKs8xvqJQEEf2l7Uw9XsuDQUcf9xuCtTPLcIVTWSn4V2oRB0PdycmUQFBF6MsTO5lrC8Fzmjgluv_gBlYzPqXfYgyKRzYn7C8a2paAi185BDUDW9s40FWCpB9UAzxviEz0zrTRc0yCXsjde-j-0KOrr6xSYUrBp9wXzEUuh4GuoK4n_Frn4jMoaruX1SrSDtnZv7CR89yvlqzkDAgUxNlv722g6GMhwHA4fBnMVbQPWc-ucjnXV4SLtH3LeQj2NX6M8FHfspMyAMvxryuYfhF-stiHTcnrqpZc9QqJg5p74kd9bjeXlHZV0zxtQST8EpvbjxOo5WLNCPWYtEDYt_9bXKmBmT9EDsoqa29ofjA6zSXA8XW3zMihSCOp8-uYwr2EOLx-YJseBwkJrdsbGTd7eypleZWZuRhsiKfv32ktmY_bGu0dIx6NNmlb_W5wq5taJJyQDPFEQpOM45J5g5euai-t5Q0VCMjm5fQivobtr8ihwIdEnDsOnmPJmwKXo3r4NdgpayVyLhULxGCxvSfOeimcXnZS8IfN_gywjtMHFKO_8-Ws9sRyfCd0fHbvTkRVE5A15whXumZXzf60_sFm0J4BWL_dEDO9zLV5kSuX2tCRpSCAQSTADICaaNOv7ZwbAgrgAN4pk8yo9QU9CEvY64XgOxMG4_qPqwydgXlDvCQDJCqbqeC218soX7Clxrm5Bu8lG4CQfgN0aCOTANILWcQmUYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013159638&ias_pubId=pub-2857128171615359&ias_chanId=1&ias_placementId=20358516230&bidurl=https://www.tuparada.com/g/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hBNSSgdLGxHiUqKlownGX0&adsafe_url=https%3A%2F%2Fwww.tuparada.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.tuparada.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:a847fb56-e944-866e-4a3a-5686ebe10711,c:pgpcLg,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-gj8v6,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tQU0zdR+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h*.1562583-72689833%7C1h1,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:3fda8a08-5be1-11ee-8805-8ecc6a6213de,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:33:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230921/r20110914/ Frame 34B2 30 KB
11 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230921/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
server: cafe
etag: 192838463742493612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:41:43 GMT

GET
DATA 200
OK truncated
/ Frame 34B2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 974689869c0e433dac5fa380be3e673b2466d041108906302d938c133a9a960c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A9CC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fa51aa16a601fff98e0449c882f19bbc8a24c8d2ad8409be75ddb57bbe4bfdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A9CC 0
0 63ms
62ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COO-aBewRZfiaF5LXgQedmIS4C8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjg1NzEyODE3MTYxNTM1OcgBCakCWqHfpLy_sT7gAgCoAwHIAwKqBP8BT9AXtmLANv3yx7DKvx8mHkUo29hULecKU3G00Ck9aP7oOuDnqjZMu_v69o0hjuss7vAAYXyoPlfHCk33BJQ42vTc-3Y9SpCnalXOEXvEyHugFWpwLzhJ1tufZS1OEwpiMRhgTVMi7XEeUU8fGuKl6kGdMQDZXCcH89s1AWMKfn4G05h1vmgqevKtXPOy-74-H1B2Z-BM8Q6LrviBSmXnefmrwG6J2g1HcliWEn1lWmx2juFokxIvQ7D_MGHQMnS5HGG7uegJT326KEAypumuR5TuCy_3MycjsX8cA1TYxBeC-g05uaYXEAGKXVpmRw8kwF47L1PX9tWrguB78dlm4AQBgAbGxMuW6vDrpkSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjg1NzEyODE3MTYxNTM1ORigvAc&sigh=SvEO_E13Rl0&uach_m=[UACH]&cid=CAQSSwBpAlJWzv2221Uj5uVvBFBWx5CvfFf1z1VfuHxGFxgQE0tPKijW1PiBEgfpHP0lJzBAgcuZ6TdqZao0eGLwkYvgl02PbGNek16wvBgB&cbvp=2&vis=1
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame A9CC 0
126 B 117ms
33ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ksrrFLikCdACmAKdg2ICAgAAAB0Ygey0n_CAWt897hAF7BFl_1Ji6HnwbUXGZAAAEgAACgpBUVVEQVFFUEFR&wp=ZRHsBQAFzXgK4GuSAAEMHYUlQ71MDp2bnK-0YQ&cbvp=2

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:28 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 158445
server: Kestrel
content-length: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/ Frame 42E6 5 KB
2 KB 19ms
19ms Document
text/html 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46f61b2154133852bb26e398c98a66f048854cf286418684843f3a59f56e920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1783
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 18:50:38 GMT
expires: Tue, 24 Sep 2024 18:50:38 GMT
last-modified: Thu, 13 Jul 2023 11:52:35 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 34B2 0
0 57ms
57ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4qHw7lvYt5hWMx1Ud6cvi1W5hdujtJYpsBLVX6IXFznH7L8le_IdMyCDq6zVa7ZmugKoNKUQvB-htY0bEalD4EdxTxSkS18pBrCSYNa3cijgHkh2Yx3X5WiwnABFyRWJhxAoVElimcEk43kyNLoz4m9YoMIaO_WJIec4SSn4783O0S6Mc3q--zzxfHo8kkazJKl6LIyP7TF73wKQ6l7B6&sai=AMfl-YQ6VfBLZwj09WNVVioWFgJntx-4mqVDkUBw8rg2JiX2VbE8E5LHb0u4xyh-x1q3Ti3CGVWODBBFl3kmzwnzjjh6ostOwO3sgirW_U7DRNXxR7upPfSovtKB6GSctv816BuxuWPvwWauj9R3w66tkAQQ-64&sig=Cg0ArKJSzIgZp_rtqmmAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=87&cbvp=1&cstd=85&cisv=r20230921.92639&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66E7 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnHLFBewRZcTpFumRjuwP9c2euAUAAAAAOAHgBAI&bg=!o6CloO_NAAbbC4-Z-ws7ADQBe5WfOJL6OS1po7zuzbmt-jzejBvJ-B4-s85j0_jfcfIT8lBjDKKNsfhAJ9ibcadfv-_0AgAAAIlSAAAABWgBB5kDBVW3ccZTdV4RlAUu_t-pu8gD6XsLlYRAHzlWHfDHWlg6vdzPmr9c3WGwMNIm6wO21tJZ6ZvLKxjVQjseqhnJPsH4ZWU2RmM5r0vQvMvy1mLN-3cS-DARdXWbCYBHLE_nbpt62T3gjwkOu7fVsc8wR5mZUVacl8gOvyf7uzyKptPad7otsdLsba6xw9QkZz1erHvcyc5KF0vqFQZN5jRIGWC3MRFjQDiu2pqnDef9abmKgYdp6-9xnBJooewj1i2J-SPLXvTA5cd0GengZSJuKy7ZaPAGxUtNTK04ORGL9NQn4j1K_WdlM5xrEUNSDUAzEsQmEuqNqG_MggG_0lKaVp-TOGjuOZhKipq-RlbbeC9UmrGPkr5j9Nx_4xc6A9tIWzbpXlp4ZqAMfiIneZUfZ0RzjHjrp6X7qMZmkLSTDVsORhNHhTGicZ0KGz2PdLK7ye7F8j1OFG-SAqiC8_1QF7_zeAezUlCBLRFNVefIlEj9zSY1NN-BeSsyzRKYilYyuf38uIyJhAMCQNasdnYVCdmVTDDoSzrxPKFFD2yEU4yLUM0AMGs3E6B3_Amzteuj8MhvuxYCNLlp3qEjdgrKAIV0Rl3WgBUYYEJR8gpvEsqAGjwhwm1oNeRucR_tLJvboPmG2Ke2LkTrst_vCv2_SAIPrWy9nzVKULnZq8oM7CLK8z4YsRSw63l-vFvqXEsY0kfZm5Q4ImXHE81jyQI7DEXzz9k2HT1-1Vlz3xw2GECZVn4I-K4bZhM3_5BTxa3peawWFrogFbXrT9GuU0K2IQWQJ09cd-r67-QmjyBYMC6-dmSchZjYQ7dog0ODNG_CifFKLYtxMXxGdLC3ECZd4xaoi-Z2K0vsEFoi-T0IfHhxZqKiihoGjAsjOpOMdZYCF0ivFv3PgDMsMEj1c2-CW6SHYHp8uja9A_MOCL5oh4NFd7S8sm194KqscugzDKl6oPgvRqXZC72cVIVk0U9zRnEtkpZAYT5p1cLhkS1oFEVtmYz_ApGht7L-8Oz8Hym5fbV3WICo

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/ Frame 42E6 5 KB
2 KB 20ms
19ms Stylesheet
text/css 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9853d8631b072885f363ae93548a4ac3b5958ebe7d2852378f6c99352ae17575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 10:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35048
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1505
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 11:52:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Sep 2024 10:38:21 GMT

GET
H3 200 160x600_Frame_4.jpg
s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/images/ Frame 42E6 290 KB
290 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/images/160x600_Frame_4.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b2f370227ef6f5e62558c5963c0064787cc67603d6c108d3532101a67c4632e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 04:14:58 GMT
x-content-type-options: nosniff
age: 576451
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296712
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 11:52:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Sep 2024 04:14:58 GMT

GET
H3 200 160x600_Frame_3.jpg
s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/images/ Frame 42E6 133 KB
133 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/images/160x600_Frame_3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff736946ba768763f8d231bbdc095a93f762e4338ad875df7a95907a576fd3b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 13:43:18 GMT
x-content-type-options: nosniff
age: 283151
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135715
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 11:52:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Sep 2024 13:43:18 GMT

GET
H3 200 160x600_Frame_2.jpg
s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/images/ Frame 42E6 172 KB
172 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/images/160x600_Frame_2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffb3f2bebbc46efc1ef1e01bf529b49b2c39901973101d6f90ebd477a42077b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 08:31:48 GMT
x-content-type-options: nosniff
age: 561041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175746
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 11:52:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Sep 2024 08:31:48 GMT

GET
H3 200 160x600_Frame_1.jpg
s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/images/ Frame 42E6 113 KB
113 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/images/160x600_Frame_1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47f2eff01623f8e8a99d6f92a77702a2b6a38bb82c3c94d1919d8396beaeb522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 04:21:34 GMT
x-content-type-options: nosniff
age: 576055
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116036
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 11:52:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Sep 2024 04:21:34 GMT

GET
H3 200 Hilton_Logo.svg
s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/images/ Frame 42E6 7 KB
3 KB 26ms
25ms Image
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/images/Hilton_Logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

896c52ddaa15b33d0d2da5a28a47bf71768aaf8e0fb8670270dba6b2e6da8f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 10:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294541
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2761
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 11:52:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Sep 2024 10:33:28 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/ Frame 42E6 110 KB
32 KB 93ms
31ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 879785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 32828
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1b8f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FT51ktz8T8xFw51awWZKlCQfRqx4VdRnxasY91sLbwos%2Bh%2B44VteCCUxSR3su8qopZliZW%2BYmEn2gCTLLFEb%2BDr2Pz2vld5CeONClO1vEkS8NpNWyj8e7v0qL2uCAcRWjcqA7p7kkEdDDc3dWWCGXmi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80c5fac4ec6735ff-FRA
expires: Sat, 14 Sep 2024 20:22:29 GMT

GET
H2 200 zepto.min.js Show response
cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/ Frame 42E6 25 KB
9 KB 82ms
24ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/zepto.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27f6c0723a8c90ef39d2894d0058897f4d95586c19b78567a5fd374f76540756

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 870444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8433
last-modified: Mon, 04 May 2020 16:18:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04043-6233"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QsQnik3%2F%2FmsbHyygBhrBk2XXFTXU8mXgGpBFVxDVC7tG0mY%2FE2FHlYVleuVyH1LSdLvp%2FnAjS1NY42XNMhlfn1zBnU4BwDE8hPTBONLJf50WqxOQvvfc7ULKH8L%2FDE1%2BBdRlD0gSnZL%2F2HnFXo%2F4em7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80c5fac4ec6935ff-FRA
expires: Sat, 14 Sep 2024 20:22:29 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/ Frame 42E6 4 KB
1 KB 20ms
19ms Script
application/x-javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d09a238bfa3b5ac248afcda24d7e075f317e6e3e5af9ec4b4e97853935e937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5510
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1008
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 11:52:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Sep 2024 18:50:39 GMT

GET
H3 200 Loew-ExtraBold.woff
s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/fonts/ Frame 42E6 67 KB
67 KB 20ms
19ms Font
font/woff 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/fonts/Loew-ExtraBold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3354d5d431eb1c6ee087273647f03467ce310e888a90bff81f08d0d70fc983f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 13:43:18 GMT
x-content-type-options: nosniff
age: 283151
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68128
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 11:52:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Sep 2024 13:43:18 GMT

GET
H3 200 Loew-Regular.woff
s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/fonts/ Frame 42E6 17 KB
17 KB 21ms
21ms Font
font/woff 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/fonts/Loew-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8652f4c60ef1d343912fba83e28b24c700a8fa0f8ddcdc66f519e7904a23919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8139189918941248930/Hilton_TR_City_DE_160x600-EN/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 04:19:49 GMT
x-content-type-options: nosniff
age: 576160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17228
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 11:52:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Sep 2024 04:19:49 GMT

GET
H3 200 container.html Show response
76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0166 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tuparada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 20:22:27 GMT
expires: Tue, 24 Sep 2024 20:22:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A0BB 2 KB
1 KB 105ms
34ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRHsBQAFzXgK4GuSAAEMHYUlQ71MDp2bnK-0YQ&u=%7Coi%2FVmCrRyGUJD7%2BibH9XcMr4ScvQTmasxZaUlOuELG4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5I_gGZ0oWA1lbtxKvkwKRDpCIoFOcm45g2X5SRpPM25oj-YIz50UpGSyPCDM9is8V5bMPY88uu8N6bGv8lLeP_xtRP3LaRYC0gSK1E_DrRpzcTlEyT8oYvpoETcHwnz4p9A1NZMwI4KHarSRr7izF3w_QXIwm4fPPfpzvW5RUnkpNKbSTdypwXkMPQytUIRk9GG0YmhuA4iWd7zuSMeBdryJzsylnY17KVUuTH9tM9flzEuCFla66A5H4oAKkeTW8Htx8rrTnp_KdkXwOCkvXUtW_wkoBqoXup0LRHNmtyIGri0fVAJ6dZwx-1d6nQcCdtNG_leZNJ-9U_aB0BJhVeOz8j78MFb6XdFZ-a0VhyM5IhAos7V-8geUbrHhqGYui-wrLn0RgyKcO1fCHks62r0yUBCq8sD3q9Bkj7beCAv1C0K5xBLwjwNTv-zjzqydlIZzp2MfD9kyIACn1hxN0t0EG-iGnpBqcgJMkdhCsE21DFAURAOcNNpGrJCpyPVSd4AxwPmWMSelJ2vsuR5zzVBpeILQcf2YjOCBvxgfCyYiiqfSFrRoQhI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3L-QBewRZfiaF5LXgQedmIS4C8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjg1NzEyODE3MTYxNTM1OcgBCakCWqHfpLy_sT7gAgCoAwHIAwKqBIICT9AXtmLANv3yx7DKvx8mHkUo29hULecKU3G00Ck9aP7oOuDnqjZMu_v69o0hjuss7vAAYXyoPlfHCk33BJQ42vTc-3Y9SpCnalXOEXvEyHugFWpwLzhJ1tufZS1OEwpiMRhgTVMi7XEeUU8fGuKl6kGdMQDZXCcH89s1AWMKfn4G05h1vmgqevKtXPOy-74-H1B2Z-BM8Q6LrviBSmXnefmrwG6J2g1HcliWEn1lWmx2juFokxIvQ7D_MGHQMnS5HGG7uegJT326KEAypumuR5TuCy_3MycjsT0eIsZYV8e_XN0eYyo3-aWEelDQTSE8QurzEvUlScuHmnixZfmPsWAa4AQBgAbGxMuW6vDrpkSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3uumujWWpoHQnEpKbp7qvuWYBo2Q%26client%3Dca-pub-2857128171615359%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 20:22:29 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A0BB 2 KB
1 KB 134ms
64ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 20:22:30 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A0BB 308 B
636 B 98ms
37ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 19 Sep 2024 20:22:29 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A0BB 293 B
621 B 97ms
36ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 19 Sep 2024 20:22:29 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A0BB 43 B
348 B 128ms
28ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=9NIZTzoG89cYe_fzhI_jsLmTlpbDDZqci6GN2J9gTL8p7UfftFfsabmqMw4rZs6UCeIOZ9dQbKnVeNwPijxu20rsaoGN9KYzho0flSkKFK62cUk4GiWd3iyUvTcxjMWd8Pw8SKE0nePTjpnm6nuqz1xohggFtdWupqYGT2ix48YnpGFOlLeZWSTETUWn-FLHrhtFH4_E3vVYea1jR-CzS9b0sRnkpI1USOr7UvI8LGAxw9AE6LO6JEU15YReNwHGa2WYbjChrftMsYT9w7dcCV8_wQ94WRQ4Vc-99YqzNSwYZw3xVWAw5Rd4rtBLpRfUZ_iN-lFmN5jsEeWChdegnFgVdMWNCxwOlaw58HGmxr35saId8dGiBQJhr00qfFthVP3B4AUZ82C1PGFx21k2Pw-8SOP2RnTBA8ZugwGEgpNywnYTWn-imUnrEJyfmnVjjuamLQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1583214
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dcmads.js Show response
fw.adsafeprotected.com/rjss/www.googletagservices.com/1526752/72603768/dcm/ Frame 0166 250 KB
75 KB 46ms
45ms Script
application/javascript 63.33.177.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/1526752/72603768/dcm/dcmads.js?bundleId=www.tuparada.com&ias_dspID=9&ias_campId=bnzq4wb&ias_pubId=pub-2857128171615359&ias_chanId=google&ias_placementId=tcvdzeq&bidurl=www.tuparada.com%2fg&ias_dealId=&adsafe_par&ias_impId=v4~~2853e063-a820-4455-b0c7-7c9c78123ce2
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.177.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-177-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1736657a01faf8c13c6c93e4c6671de9c3c6c525b3b1d73224f5e1201785b44f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK google
de2-bid.adsrvr.org/bid/feedback/ Frame 0166 807 B
1 KB 101ms
20ms Image
image/gif 15.197.133.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de2-bid.adsrvr.org/bid/feedback/google?t=1&iid=2853e063-a820-4455-b0c7-7c9c78123ce2&crid=2qr757wv&wp=ZRHsBQAJl9gK4BTEAAQlJtrJqK9rW4u7iJ7f5A&aid=1&wpc=USD&sfe=17496c05&puid=&tdid=&pid=c3crbqj&ag=tcvdzeq&adv=tk3qp9q&sig=1uASSvh83wEe-lJqcbEIaX9-gA4yE7GPU0Nnmzbb0t94.&bp=2.13093532078567&cf=5343414&fq=0&td_s=www.tuparada.com&rcats=&mste=&mfld=3&mssi=&mfsi=&uhow=46&agsa=&rgz=85098&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=es&mlang=&svpid=pub-2857128171615359&did=&rcxt=Other&lat=48.790000&lon=11.500000&tmpc=13.080000000000041&daid=&vp=0&osi=&osv=&bx=70&bffi=41&c=CgdHZXJtYW55EgdCYXZhcmlhGgAiDEdyb3NzbWVocmluZzgBUAGAAQCIAQGQAQKwAQC6AQQIARgEwAHIoAPAAaKfA9AByKAD2AK0EOACrAL4AgE.&dur=CjYKHWNoYXJnZS1hbGxJbnRlZ3JhbFZpZXdhYmlsaXR5IhUI-P__________ARIIaW50ZWdyYWwKNgodY2hhcmdlLWFsbEludGVncmFsQnJhbmRTYWZldHkiFQj5__________8BEghpbnRlZ3JhbAo9CiRjaGFyZ2UtYWxsSW50ZWdyYWxTdXNwaWNpb3VzQWN0aXZpdHkiFQj1__________8BEghpbnRlZ3JhbAo3Ch1jaGFyZ2UtbWF4R3JhcGVzaG90Q2F0ZWdvcmllcyIWCKz__________wESCWdyYXBlc2hvdAowCgxjaGFyZ2UtYWxsLTEiIAj___________8BEhN0dGRfZGF0YV9leGNsdXNpb25zCkcKJ2NoYXJnZS1hbGxJYXNEaXNwbGF5Vmlld2FiaWxpdHlUcmFja2luZyIcCKb__________wESDWlhcy1yZXBvcnRpbmcqAA..&durs=A6dqOm&crrelr=&fpa=128&pcm=3&grdc=CAEYASABKAFAAUgC&vc=5&said=h1%2FD%2F6%2Fms6sqybsEFj4Scw%3D%3D&auct=1&im=1&mc=e48672f7-b5af-47ff-86ff-904f42c3f594&abr=8a111021-ebce-411e-905e-ac2418399ab9&tail=1
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 15.197.133.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a4b61a47cf5978487.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:29 GMT
server: Kestrel
transfer-encoding: chunked
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type: image/gif
cache-control: must-revalidate, no-cache
x-connection: close

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 0166 70 B
149 B 147ms
45ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=tk3qp9q&ct=0:x85rlvi&fmt=4
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 ca Show response
choices.truste.com/ Frame 0166 27 KB
10 KB 110ms
28ms Script
text/javascript 18.165.183.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=bnzq4wb_tcvdzeq_2qr757wv&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.183.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-183-35.zrh55.r.cloudfront.net

Software

nginx /

Resource Hash

5eac3936eef91658c1695aa40ec16303c13b74949c60bbcfe39e61f564c66d90

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 2177a1d449a3e8dc7269040f15d81cb0.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: ZRH55-P1
cross-origin-embedder-policy: unsafe-none
age: 9790
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: uULyVY7fdTgWKmFUKHbynsmI-xK20H1pPmrN0C7G6HSTdNbZXBZCKw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 0166 47 KB
13 KB 616ms
205ms Script
application/javascript 54.203.213.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=923116&advId=tk3qp9q&campId=bnzq4wb&chanId=tcvdzeq&placementId=2qr757wv&pubId=&bidurl=www.tuparada.com&uId=null&impId=2853e063-a820-4455-b0c7-7c9c78123ce2&planId=google&adsafe_par
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.203.213.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-203-213-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 894b9c618732113e84c706039b058e82c57811fc87dc78e972620513ca8a44b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 0166 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 0166 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0166 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 308900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Sep 2024 06:34:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0166 182 KB
57 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:22:29 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A0BB 12 KB
5 KB 26ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 871608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zs1Au%2BP1NjbFMQm6NUNzWrsYdPUviFLZ8xxcDJn%2FbRWCOIbbXUZweU1JthadKH3KM0Ci1ZR%2FnugU4xVesopraujurU06D1nmZsZLLfgaiLXI1jNb3rDX6mQvUAjZweUpb29tGvFx0rL2Wl%2BK0FYUqC%2FM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80c5fac53cd235ff-FRA
expires: Sat, 14 Sep 2024 20:22:29 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A0BB 12 KB
6 KB 55ms
35ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 20:22:29 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0BB 15 KB
15 KB 214ms
105ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=152&m=0&partner=100174&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F100174%2F230321%2F715cfb24b07149768139805a857af421_logo_1.png&v=3&w=668&s=uNS3MdzZwQf6t663EjatVsX_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e69828b3759712c469c08b1edb91b6e1c2638d24214e0d252cfeb4dd02872279

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/png
cache-control: public, max-age=31104000
content-length: 15292
expires: Sun, 01 Sep 2024 03:52:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0BB 26 KB
26 KB 223ms
114ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100174&q=80&r=2&u=https%3A%2F%2Fwww.devalk.nl%2Fimages%2Fthumbnails%2Fwebsite%2Fjohnson-42-807933_649944fec4fa1e.jpg&v=3&w=400&s=vvKPz8_2vskpxpp5L35tyOhz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5d916814a166015778c48d26f9abd4882310879b2a7d4f2aef612445e49d1b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=604800
content-length: 26274
expires: Tue, 26 Sep 2023 22:15:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0BB 38 KB
38 KB 237ms
128ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100174&q=80&r=2&u=https%3A%2F%2Fwww.devalk.nl%2Fimages%2Fthumbnails%2Fwebsite%2Ftullio-abbate-52-exception-204456_5f1954a6133e3e.jpg&v=3&w=400&s=Tlj1lmNFp86R_xow4rqXYudS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e172df69490747c928b678c9bf3e974e0fa3efaa525c4a825a904d82d7a13a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=604800
content-length: 38626
expires: Sun, 01 Oct 2023 01:08:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0BB 27 KB
27 KB 190ms
81ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100174&q=80&r=2&u=https%3A%2F%2Fwww.devalk.nl%2Fimages%2Fthumbnails%2Fwebsite%2Fcanados-1997-802121_610942f30c787e.jpg&v=3&w=400&s=8TwVNVUGquhRAN2khnpPSk60&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d1edd8e13a888f1ab2333235524039c7bc1265dee9c42a30737848f57b65756b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=604800
content-length: 27270
expires: Tue, 26 Sep 2023 01:03:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0BB 20 KB
21 KB 172ms
64ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100174&q=80&r=2&u=https%3A%2F%2Fwww.devalk.nl%2Fimages%2Fthumbnails%2Fwebsite%2Fqrooz-houseboat-805747_635bcdee03e7ae.jpg&v=3&w=400&s=9N06PT98Q7PVADTVrMnXCEfK&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3b924650664a443a6840633ff3019580022fb0abeed7400e258a32c3765c82d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=604800
content-length: 20882
expires: Tue, 26 Sep 2023 19:20:43 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A0BB 0
128 B 135ms
34ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=iZDLf4I5hbidHMGjiY55e4b-uXO9WKkehmjTMNrhB1N0jLH94iWybQQ_9eF3J4tasYsu5zBRpMu6EBiORECWkGbOhfEtz5DL42qUBAkuqGfhGP6dwlOAVtZUi84SAlj93pAk0amdTmpX2j7iH3JR6FNwUHb93z3ayix9QlJIDsu5dc-xRQpoymup_jdsBaPUcWiA29eewJANPLp4pZd2X1a-XzeKER7dRuP3SQFsT73z-HD3l956eoyB1ZAZL2Xtk-W4cQ&sds=2&rev=88356&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 25 Sep 2023 20:22:29 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A0BB 2 KB
1 KB 40ms
36ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 20:22:29 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A0BB 2 KB
1 KB 33ms
32ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 20:22:30 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 34B2 0
0 57ms
57ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4qHw7lvYt5hWMx1Ud6cvi1W5hdujtJYpsBLVX6IXFznH7L8le_IdMyCDq6zVa7ZmugKoNKUQvB-htY0bEalD4EdxTxSkS18pBrCSYNa3cijgHkh2Yx3X5WiwnABFyRWJhxAoVElimcEk43kyNLoz4m9YoMIaO_WJIec4SSn4783O0S6Mc3q--zzxfHo8kkazJKl6LIyP7TF73wKQ6l7B6&sai=AMfl-YQ6VfBLZwj09WNVVioWFgJntx-4mqVDkUBw8rg2JiX2VbE8E5LHb0u4xyh-x1q3Ti3CGVWODBBFl3kmzwnzjjh6ostOwO3sgirW_U7DRNXxR7upPfSovtKB6GSctv816BuxuWPvwWauj9R3w66tkAQQ-64&sig=Cg0ArKJSzIgZp_rtqmmAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=277&vt=11&dtpt=190&dett=3&cstd=85&cisv=r20230921.92639&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame A0BB 2 KB
899 B 61ms
59ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 20:22:30 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame A0BB 2 KB
900 B 34ms
32ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 20:22:30 GMT

GET
H3

200

dcmads.js Show response
www.googletagservices.com/dcm/ Frame 0166
Redirect Chain

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1526752/72603768/dcm/dcmads.js?bundleId=www.tuparada.com&ias_dspID=9&ias_campId=bnzq4wb&ias_pubId=pub-2857128171615359&ias_chanId=google...
https://www.googletagservices.com/dcm/dcmads.js?bundleId=www.tuparada.com

24 KB
10 KB

29ms
28ms

Script
text/javascript

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js?bundleId=www.tuparada.com

Requested by

Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9959
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:24:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 25 Sep 2023 21:22:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
server: nginx
x-server-name: app18.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://www.googletagservices.com/dcm/dcmads.js?bundleId=www.tuparada.com
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 1ED3 91 KB
23 KB 28ms
28ms Script
application/javascript 2600:9000:20ab:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 2463322
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: a2w_oGzYbiapoi63PTsoAKiUQMxFoQ5cQ2VxT9oHa2jMTmfvpu6Mkw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0166 43 B
215 B 112ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1526752&asId=b60f373a-32f6-18c1-59ae-417b9babb24c&tv=%7Bc:pgpcVC,pingTime:-3,time:61,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:61,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQU0znx+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1j*.1526752-72603768,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us.bi,siq:26%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0166 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1526752&asId=b60f373a-32f6-18c1-59ae-417b9babb24c&tv=%7Bc:pgpcVE,pingTime:-6,time:63,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:63,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B54~0%5D,as:%5B54~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQU0znx+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1j*.1526752-72603768,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us.bi,siq:26%7D&tpiLookup=ao:www.tuparada.com*&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
server: nginx
x-server-name: dt26.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 395A 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssV1O1tv2KQHeIqf-LAKD2qBizwLNg_E1pEX_K-PQ5u75sIRNcnfSSMX7MV6R3srcg1kmMuygyZzQFIsMz7xkKZCbZfXNyQwTiw_iUSjjaYBSXPQ-AVZkAcE32cskV9mh7IENUGKHn62MrCqx2WKWY3lhFKYMJzWggjehTDsMmB8bjH1zt2mjBtB9PUqldabpU8zfFbEhQGqRou-1uKyW5I3I8c3OguH-bwKu75oiYDRNrQIDPhwqRb2rA4mjtmfpezKLKMPdx20nPjwgmOJPVaEZD-qdpIqNpZwPpxTHFyxumvhKZD_xpR9KzqjEoZRv4f2WcotE81xnlZ9s2x4jQflxMPaUUEjxPR1Hj8Hz373imF8JC50WtMFPs1KVL5dx-ioW28UZeniGEy1QlUORdJR2qOV5rtVw&sai=AMfl-YTWRDr2IvJFHC-KKePWvkV_6phFdZvAwrcFe3M49CxF4kZk2H6gFlbcMylH8jIDI_bKKHCgA7cP6lyxyP7S_XfT69cQfmQwWlpwCrPtyOcWQHetIBIoNXCjvh_egvw29zykQOVH_t73VnEvhEFM&sig=Cg0ArKJSzCPYlu_FisqwEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/ Frame 395A 23 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 395A 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 395A 182 KB
57 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:22:30 GMT

GET
H3 200 1562295941925841503
tpc.googlesyndication.com/simgad/ Frame 395A 34 KB
34 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1562295941925841503

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c407d3bedbf2b4d8956e44e6d4e321859866abae2220d0454a8c6fad3a180feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 06:01:43 GMT
x-content-type-options: nosniff
age: 224447
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34698
x-xss-protection: 0
last-modified: Mon, 27 Nov 2017 14:39:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Sep 2024 06:01:43 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2A8D 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4BTcGmiEXIt_kwMjiRrbfcJ87wWqM-v2SVm-veSVqXdcSjA8UCMFanE_9vZVBbCIK_LSO_oIVgzFRhEYF6oMxFanvuzmqDuILVbA-ikAy01PMY71HM96qjLXaWgjhozoC2JJqTBKCiC9IQLs1meNDymVznWQ-XtKwyP0YDzSB_wHymwOtYSLx0PqeG67NRxfzk84C2r8KBLKdrhOf5gDundUt51-lWOz2QxOiCdhKw22H_HxjF2WXwIIFrOoGmZr71WihIwTGtdOw5MjWPGaTNqALzJUqJ9K523yn8AlUTmqFdChg8Cu91cO29LvMDFuwhKkCp3jyauAV1GYimx0NcNeQ3UVD1N99tElDDtC_7NbdCtCarVbNC33M9NmRE1EhQJP4CQbbqPaq28jfOAZ-1QIVag&sai=AMfl-YRwmX2f3wb92zf68CGcwY6dg-8Am1p-676raq8E57a61gSzBSaKQj0-u7_5ZWHKpx2tHupubM187FYGAB5LU4h-iMJnb6Xpx76Bex0lU4UWHESTwgZyPCHV3emaj21hAqhJqBfPiHL1X-lIHkM&sig=Cg0ArKJSzHhsv48VgiV9EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.tuparada.com
URL: https://www.tuparada.com/g/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/ Frame 2A8D 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 2A8D 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A8D 182 KB
57 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:22:30 GMT

GET
H3 200 8744774981567588624
tpc.googlesyndication.com/simgad/ Frame 2A8D 46 KB
46 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8744774981567588624

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a27f23f4afc078d98cad160c53804855359326d5f1e05d14d31f4ea56ab5eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 02:21:38 GMT
x-content-type-options: nosniff
age: 410452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47372
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 12:34:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Sep 2024 02:21:38 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 34B2 43 B
215 B 114ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1562583&asId=a847fb56-e944-866e-4a3a-5686ebe10711&tv=%7Bc:pgpcWp,time:710,type:e,im:%7Bpci:%7Btdr:518%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:710,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B705~0%5D,as:%5B705~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:114,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f.990511-61634100%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h*.1562583-72689833%7C1h1%7C1j.1526752-72603768,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:20,sis:293%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame 395A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 493308519026cfa3d8384b1b59a275d3b5df832a51fcdd0a03b4b0512b9a84fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2A8D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b6100050fc76cf02ac1e67238ea9bb6c1799f5a0d140dfbba90f87a1b4aec26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0166 43 B
215 B 113ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1526752&asId=b60f373a-32f6-18c1-59ae-417b9babb24c&tv=%7Bc:pgpcWx,pingTime:-2,time:118,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:127,beZ:128,mfA:131,cmA:132,inA:133,inZ:138,prA:138,prZ:147,si:152,poA:153,poZ:175,cmZ:175,mfZ:175,loA:189,loZ:191,ltA:244,ltZ:244%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:ins%7D%7D,env:%7Bgca:false,cca:true,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:118,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f.990511-61634100%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h.1562583-72689833%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1j*.1526752-72603768,idMap:1j*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us.bi,siq:26,sinceFw:91,readyFired:false%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 73E1 42 B
64 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBVBBMmqhmvhqFWTB-Z_g9Y5Mn-sbKMA8H4PdhKNeKN7nupGTA8Tc0QsOuzXE3J07HbIwGAFju-N-PGaOxJkAcmuW95TTpb_t0GuhgLZwTMUHmagB9m_yleSxAP7uGgttGkT4lmYS3OBBS&sai=AMfl-YSyzHma61-UVJyQF1nNW5hRa3yMxIeuD1hWGH5WRJnOeUziibRJJLIW-FSwprHd5Gc3XMboMM0Lf_GbTtkG3Rj6okFs0XmT8wavy12YEfS7DsA87n7MS2-ajBFfJ1dxmcuC_6J3n0kRZwg-&sig=Cg0ArKJSzGpSqjwxmRyPEAE&cid=CAQSSwBpAlJWVMFrkNwOABd7rh1OwxkvRfPgwaxTxLNsu1ERPbA_6iLjheLd4bUfpz_UpQSWl-gSDG5R9ncOGmgJKAvrD4RnfkZyFnrlEhgB&id=lidar2&mcvt=1050&p=116,315,366,1285&mtos=1050,1050,1050,1050,1050&tos=1050,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4267403520&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695673348808&rpt=206&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame A0BB 16 KB
17 KB 127ms
62ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 20:22:30 GMT

GET
H2 200 opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame A0BB 16 KB
16 KB 126ms
76ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-3ff4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 20:22:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 395A 0
0 98ms
58ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssK0T15astDfCpaPBXw62OmGRQEtAiv_kyYZhM773o5GDHgx1STquTKkRPt80pxnSNWLi_WDLgUTpHsXdTdT2p_xkwAQ3juutReL2OzrirFDR72nhDdbsBXn78mKuQVFUtPQNfFIQIEu2TmpncgpdCio2CXNyI5h2mWjNgCnN2uWlRRvj1ubpDmESKYUOv8sN3EEIQav3unaD1Mj1XAuJFYI9i2toMVCHn1B66of4EdaYbnsX1z5JqePXsJ3cMYPPECENz8f3U5Dgslnt70nhiQBWPSHjVlWZ1Ek0ZyFAiD0qis0MDhd0j0meQ_OJFw1W5h7414Bw9hTA8K9_D6DYI7wuEOEHuJcLh1BEmZ7-7SXBFvwWyRYrBGDOQIztXyq0LoIuQ0jXwok7Zcdc&sai=AMfl-YQrMKNJdnpa66WKnR8fY6saJEoRzC03ATZnob6mIS2YziBxEHeLtUcafKAjqm7OaAqzbcyVb3zy3nFAUvBgSgv1u3gpbaToufP4wopLiVTrq8muF63I5teqO26mi-a1Grk6qOYn-KiTFckWtLJQ&sig=Cg0ArKJSzLeEeQtORuaXEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 20:22:30 GMT

GET
H3 200 impl_v97.js Show response
www.googletagservices.com/dcm/ Frame 0166 57 KB
23 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v97.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1526752/72603768/dcm/dcmads.js?bundleId=www.tuparada.com&ias_dspID=9&ias_campId=bnzq4wb&ias_pubId=pub-2857128171615359&ias_chanId=google&ias_placementId=tcvdzeq&bidurl=www.tuparada.com%2fg&ias_dealId=&adsafe_par&ias_impId=v4~~2853e063-a820-4455-b0c7-7c9c78123ce2&adsafe_url=https%3A%2F%2Fwww.tuparada.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.tuparada.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:b60f373a-32f6-18c1-59ae-417b9babb24c,c:pgpcV2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-j24k2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:5,mot:0,app:0,maw:0,fm:tQU0znx+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1j*.1526752-72603768,idMap:1j*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us.bi,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:26,oid:404d494d-5be1-11ee-8739-ea8889c9152f,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 18:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23166
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 13:28:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Sep 2024 18:19:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2A8D 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1k-Jb2K3UpJ8tto9plJiSrMJUX8wGjhG4G_V7NZOM6yTJ1jUQrlDJ_kG-LhB-shZJRrN-7wkfnUG111PUZ_-LrbrPd-fXD6Yqqqm4XWUmaF-4tL3EfBu62XzhkB_aqEIMaC0U2DbGjPwlDajKJtCqk44xJdgIsRAF6YEwXkzgVk3vjSLvyGdHXpPosaXfcQH6SehrkbTVWaeCher5g8l-GM1oDWwXqlGVELhfYsdOf0RCPOa2XRJEdV4IanmjKRxbRghXGgFSn3CX020qL9w371RStRHtBr2_GL45qYrT_xIY1ru_iUXYvikU_1dzCrSEFPsgZAjX3ehEGcHy7TEcsdw-OMENVJQe6OBhO3IEeeLQArzKFU5qA9-3WrtSys_S-7rEDNsrq8k&sai=AMfl-YScBTbvQ4154yBSJam74HpdjoWm8viuFmFM6oy8d4Wom8gXTKIyxg6Y9X9swrnkpetFs0qr79q6XA6DUTha8KvXiwzzhRWt1_xEPOfVqj3tH1c-MQkSbg-AzsE9rfGxeUOHgNYNzfYPmZJZJPg&sig=Cg0ArKJSzMT55jaoA19fEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuparada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 20:22:30 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0166 43 B
215 B 112ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1526752&asId=b60f373a-32f6-18c1-59ae-417b9babb24c&tv=%7Bc:pgpcZ4,time:276,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D,gcd2:%7Bappl:1,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:276,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B267~0%5D,as:%5B267~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:136,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f.990511-61634100%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h.1562583-72689833%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1j*.1526752-72603768,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us.bi,siq:26,sis:202%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C607 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6385715469970&version=m202309120101&ct=76&x=1&cor=9101015457627575000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.19.8.439.js Show response
static.adsafeprotected.com/ Frame 0166 207 KB
65 KB 30ms
29ms Script
application/javascript 2600:9000:20ab:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.439.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=923116&advId=tk3qp9q&campId=bnzq4wb&chanId=tcvdzeq&placementId=2qr757wv&pubId=&bidurl=www.tuparada.com&uId=null&impId=2853e063-a820-4455-b0c7-7c9c78123ce2&planId=google&adsafe_par
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id: jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding: gzip
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 4084774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:42 GMT
server: AmazonS3
etag: W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: dnzLo7_b3mSoYXLS7XnyHXjeDjoYPoOks_zee2nYLxNluO6LF5Iimw==

GET
DATA 200
OK truncated
/ Frame 0166 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fce2bae16aee680e100aeab6d53738985eeb712c0c2f4843fb8c3439db41469f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 34B2 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstr2C-FV1xDsF9wfUynx4bYF88ZC_HXeSULB3TKu0QrVxtFeH4CSgvPfPG4Yujkxl8TtBu9WqXHXDxQ5_3s-Qb82FVxHpaJePyYNCIUeKGYO4ABf0CVCAafGcfdsPvVAOPZJCkFhvnjbKIK&sai=AMfl-YS1NRydR3fgTnBbNzUo4KnllL47L03dSy6Q7qbaQb1fu4xLGchVdLcWzh3lQ72hTf4kuEgfXq0OqygdrEFtAmSjxDw2r3euevUb5mKZl5i4qt4aZBgeRkATcHJ0KW3KFk4gSMFbmtR1vtNtcw&sig=Cg0ArKJSzMwSu_WbuJnBEAE&cid=CAQSTADICaaNOv7ZwbAgrgAN4pk8yo9QU9CEvY64XgOxMG4_qPqwydgXlDvCQDJCqbqeC218soX7Clxrm5Bu8lG4CQfgN0aCOTANILWcQmUYAQ&id=lidar2&mcvt=1008&p=490,1326,530,1367&mtos=0,1008,1008,1008,1008&tos=0,1008,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=3645640441&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695673349133&rpt=594&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0166 0
0 63ms
63ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaAHLBewRZdivJsSpgAemypCAAaSjibdc58KD3O0FwI23ARABIABglYKAgJgHggEXY2EtcHViLTI4NTcxMjgxNzE2MTUzNTnIAQngAgCoAwHIAwKqBOcBT9CuLMC5p2ueKEq3vJmnJxj7Fnfeel9ZSth3QFHVEJZBGkSS9mFy2iRXtFFyvJegWbIwrinT4AHx1GXxMIAQWUO11iQ15QDhaEiCSzIMlK7cxcgUBS-atAXrqCJi6Sn0V9cTVSxXPetCWwiH1bGOBKsPmtYNSABLXvMI8yicZiurtiXuyUJP9GchSviu6l346HQiHi8woqXbj7uAKe_XeUITXGBAfoLvnxOA8JJNEF4I-dqRid7Ifnl_kZrvR2BB5KdugxkM0h3rz9LdQnQFex1pUkc8hXpuDJGuC69sSSQd_kFtPdEh4AQBgAbpuMmm19O3pyegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjg1NzEyODE3MTYxNTM1ORigvAc&sigh=1LSViUNHiDY&uach_m=[UACH]&cid=CAQSSwDICaaN6dRNXLdsk0sj000la_mhB-ytnbQtvc4IxvzQyIx2Lp1uz0MH18cHZlbqY4oOqj7zvqfbNqx_BHNGAD0U8yWik1jsMzIb4BgB&cbvp=2&vis=1
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame C16A 91 KB
23 KB 30ms
30ms Script
application/javascript 2600:9000:20ab:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 2463322
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: VQIDHFox5SgHqV67xiMIE1mD-yHzKL1VwIJJH5OcUzEEg5OigMkTzg==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 0166 43 B
216 B 232ms
230ms Image
image/gif 54.203.213.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=923116&advId=tk3qp9q&campId=bnzq4wb&chanId=tcvdzeq&placementId=2qr757wv&pubId=&bidurl=www.tuparada.com&uId=null&impId=2853e063-a820-4455-b0c7-7c9c78123ce2&planId=google&adsafe_par&adsafe_url=https%3A%2F%2Fwww.tuparada.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.tuparada.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:54424c3f-65c0-1021-fd8c-25a178d67d48,c:pgpd88,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-6b48d84f75-52zlg,rg:or,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:66,mot:0,app:0,maw:0,fm:tQU0zzE+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1j*.923116%7C1j1%7C1k%7C1l,idMap:1j*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:86,oid:4098aa0b-5be1-11ee-ae1b-46fd04331620,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.203.213.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-203-213-254.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:31 GMT
server: nginx
x-server-name: app05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0166 43 B
215 B 115ms
115ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1526752&asId=b60f373a-32f6-18c1-59ae-417b9babb24c&tv=%7Bc:pgpd8s,pingTime:-2.1,time:857,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:857,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B848~0%5D,as:%5B848~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:115,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f.990511-61634100%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h.1562583-72689833%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1j*.1526752-72603768,idMap:1j.54424c3f-65c0-1021-fd8c-25a178d67d48.28_923116%7C1j*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:26,sinceFw:91,readyFired:false,sis:202%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
server: nginx
x-server-name: dt30.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0166 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=923116&asId=54424c3f-65c0-1021-fd8c-25a178d67d48&tv=%7Bc:pgpd8u,pingTime:-3,time:109,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:85%7D,%7Bpiv:0,vs:o,r:l,t:108%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:109,n:108,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:85,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1,0~0%5D,as:%5B39~728.90%5D%7D%7D,%7Bsl:o,t:108,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tQU0zzE+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1j*.923116%7C1j1%7C1k%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:86%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
server: nginx
x-server-name: dt31.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0166 43 B
215 B 114ms
114ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=923116&asId=54424c3f-65c0-1021-fd8c-25a178d67d48&tv=%7Bc:pgpd8w,pingTime:-6,time:110,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:110,n:108,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:85,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1,0~0%5D,as:%5B39~728.90%5D%7D%7D,%7Bsl:o,t:108,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tQU0zzE+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1j*.923116%7C1j1%7C1k%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:86%7D&tpiLookup=ao:www.tuparada.com*&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
server: nginx
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0166 43 B
215 B 113ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=923116&asId=54424c3f-65c0-1021-fd8c-25a178d67d48&tv=%7Bc:pgpd8F,pingTime:-2,time:119,type:a,im:%7Bsf:1,pom:1,prf:%7BbeA:877,beZ:881,mfA:943,cmA:944,inA:945,inZ:949,prA:949,prZ:958,si:963,poA:964,poZ:978,cmZ:978,mfZ:978,loA:987,loZ:991,ltA:996,ltZ:996,mdA:882,mdZ:927%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:ins%7D%7D,env:%7Bgca:false,cca:true,gca2:true%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:85%7D,%7Bpiv:0,vs:o,r:l,t:108%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:119,n:108,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:85,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1,0~0%5D,as:%5B39~728.90%5D%7D%7D,%7Bsl:o,t:108,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B11~0%5D,as:%5B11~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1j*.923116%7C1j1%7C1k%7C1l,idMap:1j.b60f373a-32f6-18c1-59ae-417b9babb24c.11_1526752-72603768%7C1j*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:86,sinceFw:32,readyFired:true%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0166 43 B
215 B 112ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=923116&asId=54424c3f-65c0-1021-fd8c-25a178d67d48&tv=%7Bc:pgpd9d,time:153,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D,gcd2:%7Bappl:1,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:153,n:108,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:85,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1,0~0%5D,as:%5B39~728.90%5D%7D%7D,%7Bsl:o,t:108,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1j*.923116%7C1j1%7C1k%7C1l,idMap:1j.b60f373a-32f6-18c1-59ae-417b9babb24c.11_1526752-72603768%7C1j*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:86%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:30 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34B2 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=819877925479&version=m202309120101&ct=76&x=1&cor=2737505451164506600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0166 43 B
215 B 115ms
115ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1526752&asId=b60f373a-32f6-18c1-59ae-417b9babb24c&tv=%7Bc:pgpdbR,time:1068,type:e,im:%7Bpci:%7Btdr:1009%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1068,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1059~0%5D,as:%5B1059~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:175,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f.990511-61634100%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h.1562583-72689833%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1j*.1526752-72603768,idMap:1j.54424c3f-65c0-1021-fd8c-25a178d67d48.28_923116%7C1j*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:26,sis:202%7D&br=c
Requested by: Host: 76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:31 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0166 43 B
215 B 112ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1526752&asId=b60f373a-32f6-18c1-59ae-417b9babb24c&tv=%7Bc:pgpdj8,pingTime:-10,time:1519,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC45MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1695673349507%7C%7C7b292b5e0bc4ae0bda8cb18eafbfc313%7C%7C199e3e9b25646aa537dd955449f85ae0%7C%7C95c75353548963c02736f62002e2af53%7C%7C0d6b1c149064ab471e323979af3d6f65%7C%7Cc527eee63c5eb5fa07127986dc365a3c%7C%7C4a8bebb38106ee308d0e3d0903ccfcf0%7C%7C0e68e174e60aadc1b916fb11e44a288c%7C%7C1663701684,sca:%7Bspg:8ef9e214-4d94-eb57-b8f7-5f1782e0c247%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:31 GMT
server: nginx
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

OPTIONS
H2 204 putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 0
0 615ms
201ms Preflight 35.162.185.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.185.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-185-61.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.tuparada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
date: Mon, 25 Sep 2023 20:22:32 GMT
x-amz-apigw-id: L1HRTEJtPHcEYAw=
x-amzn-requestid: bc4e37a4-f34b-48fe-94d3-a515036b7b55

POST
H2 200 putRecords Show response
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ 146 B
373 B 210ms
209ms Fetch
application/json 35.162.185.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.185.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-185-61.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 25001abf0a820990ac10029dbbc1a97f2b3f9c773edf4285e15aca4f969d82c1

Request headers

Referer: https://www.tuparada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
x-api-key: 79db72eb0b5c7255afa54a253df24fb4a5ac916bf40b51c730df8850aa5665ca
Content-Type: application/json

Response headers

date: Mon, 25 Sep 2023 20:22:32 GMT
x-amzn-trace-id: Root=1-6511ec08-61e423e25a8ef40d6fb3bcdc
x-amzn-requestid: 95519c71-486e-4f71-938a-0c324f8367bf
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: L1HRVFfuvHcFe3Q=
content-length: 146

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 34B2 43 B
215 B 112ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1562583&asId=a847fb56-e944-866e-4a3a-5686ebe10711&tv=%7Bc:pgpdoJ,pingTime:1,time:2466,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:19%7D,%7Bpiv:100,vs:i,r:,t:1465%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1465,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1461~0,0~100%5D,as:%5B1461~160.600%5D%7D%7D,%7Bsl:i,t:1465,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:140,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f.990511-61634100%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h*.1562583-72689833%7C1h1%7C1j.1526752-72603768,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:20,sis:293%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:31 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 34B2 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1562583&asId=a847fb56-e944-866e-4a3a-5686ebe10711&tv=%7Bc:pgpdoJ,pingTime:1,time:2466,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:19%7D,%7Bpiv:100,vs:i,r:,t:1465%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1465,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1461~0,0~100%5D,as:%5B1461~160.600%5D%7D%7D,%7Bsl:i,t:1465,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:140,fm:tQU0z7E+11%7C121%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f.990511-61634100%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1g31%7C1h*.1562583-72689833%7C1h1%7C1j.1526752-72603768,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:20,sis:293%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:31 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 0166 7 KB
3 KB 103ms
27ms Script
text/javascript 52.222.169.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=bnzq4wb_tcvdzeq_2qr757wv&w=728&h=90&c=tradedesk01cont1&js=pmw1&base=te-clr1-f2cf8344-3910-4f56-bbed-b3f14951696b&sid=0

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=bnzq4wb_tcvdzeq_2qr757wv&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.169.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-169-54.cdg52.r.cloudfront.net

Software

nginx /

Resource Hash

26d7f8a84d02024b55fa99a4805d82452f57fc679b6246709df78123bd4ef481

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 16a28c0e67da18fa2960e2e414084d76.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: CDG52-P2
cross-origin-embedder-policy: unsafe-none
age: 46256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2415
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: KEgdupOw85VMiFF4dZmQsACoMf4pygqc7VFeGqGVRrTl-YLs5i9r2A==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 0166 38 KB
12 KB 104ms
28ms Script
text/javascript 52.222.169.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=bnzq4wb_tcvdzeq_2qr757wv&w=728&h=90&c=tradedesk01cont1&js=pmw2

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=bnzq4wb_tcvdzeq_2qr757wv&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.169.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-169-54.cdg52.r.cloudfront.net

Software

nginx /

Resource Hash

e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 06:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 16a28c0e67da18fa2960e2e414084d76.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: CDG52-P2
cross-origin-embedder-policy: unsafe-none
age: 50549
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: dnVGekTHGKjyADwmRpQ9wRLmbVeHxZzCCvq8zI66zfToAJEK_8iTFw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 0166 43 B
1020 B 227ms
152ms Image
image/gif 52.222.169.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=bnzq4wb_tcvdzeq_2qr757wv&w=728&h=90&c=264e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.169.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-169-54.cdg52.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:22:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
via: 1.1 16a28c0e67da18fa2960e2e414084d76.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P2
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: qY8odGqOyQXcMlGMpnmNORAhWTo6avCLk6-9u3JTbS-YMR67EXN1tg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 0166 287 B
627 B 28ms
27ms Image
image/png 52.222.169.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-54.cdg52.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: public
date: Sun, 27 Aug 2023 23:35:42 GMT
via: 1.1 16a28c0e67da18fa2960e2e414084d76.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: CDG52-P2
age: 2494010
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 287
x-amz-cf-id: HAL1_UPpk9b1-PnyO7Q7C8XSnUmpykz1M4iew0IKJ3nR0re5aOKOAg==
expires: Tue, 26 Sep 2023 23:35:42 GMT

GET
H2 200 get
choices.trustarc.com/ Frame F927 287 B
627 B 28ms
28ms Image
image/png 52.222.169.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-54.cdg52.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: public
date: Sun, 27 Aug 2023 23:35:42 GMT
via: 1.1 16a28c0e67da18fa2960e2e414084d76.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: CDG52-P2
age: 2494010
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 287
x-amz-cf-id: fFR9-dR9imezb9VcoEe8bm2qKTvW0MoC82H3-kXY9VHGJxPZXFIGgw==
expires: Tue, 26 Sep 2023 23:35:42 GMT

GET
H2 200 get
choices.trustarc.com/ Frame F927 739 B
1 KB 29ms
29ms Image
image/png 52.222.169.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-54.cdg52.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: public
date: Sun, 17 Sep 2023 21:12:42 GMT
via: 1.1 16a28c0e67da18fa2960e2e414084d76.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: CDG52-P2
age: 688190
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: IpQwU1ltrw4QYfuz0AOAJmf1PW7fDlDT0QZQeJlL4ggS6ydeLt_zNQ==
expires: Tue, 17 Oct 2023 21:12:42 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 27ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8Z10T12ZTZ&gtm=45je39k2&_p=1854975860&cid=105045324.1695673347&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1695673346&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuparada.com%2Fg%2F&dt=Tarjetas%2C%20postales%2C%20fiestas%2C%20feliz%20d%C3%ADa%2C%20tarjetas%20para%20m%C3%B3viles&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8Z10T12ZTZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuparada.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuparada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0166 43 B
215 B 112ms
112ms Image
image/gif 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=923116&asId=54424c3f-65c0-1021-fd8c-25a178d67d48&tv=%7Bc:pgpdNg,pingTime:-10,time:2636,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC45MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1695673349507%7C%7C7b292b5e0bc4ae0bda8cb18eafbfc313%7C%7C199e3e9b25646aa537dd955449f85ae0%7C%7C95c75353548963c02736f62002e2af53%7C%7C0d6b1c149064ab471e323979af3d6f65%7C%7Cc527eee63c5eb5fa07127986dc365a3c%7C%7C4a8bebb38106ee308d0e3d0903ccfcf0%7C%7C0e68e174e60aadc1b916fb11e44a288c%7C%7C1663701684,sca:%7Bspg:8ef9e214-4d94-eb57-b8f7-5f1782e0c247%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2964:38bf:f03a:f6a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 20:22:33 GMT
server: nginx
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tuparada.com/	1969-12-31 23:59:59	Name: idcurrency Value: 6
www.tuparada.com/	1969-12-31 23:59:59	Name: useragent Value: 0
.tuparada.com/	1970-01-21 00:37:13	Name: _ga Value: GA1.2.105045324.1695673347
.tuparada.com/	1970-01-20 15:02:39	Name: _gid Value: GA1.2.805737017.1695673347
.tuparada.com/	1970-01-20 15:01:13	Name: _gat_gtag_UA_2090009_1 Value: 1
.doubleclick.net/	1970-01-21 00:22:49	Name: IDE Value: AHWqTUkeeY5AKduoxccRgwMUa8OCUZdya5u9eQPZZ7PJNqRYTYv-XNiy6Gu-TfLn
.casalemedia.com/	1970-01-20 23:46:49	Name: CMID Value: ZRHsBFe2foZVV0R7gnCt8AAA
.casalemedia.com/	1970-01-20 17:10:49	Name: CMPS Value: 2228
.casalemedia.com/	1970-01-20 17:10:49	Name: CMPRO Value: 2228
.doubleclick.net/	1970-01-20 19:20:25	Name: APC Value: AfxxVi52oFj3L7i_681KhQELNINJtuELf2DHl4lz71Z0eeTw6zZ6VQ
.adnxs.com/	1970-01-20 17:10:49	Name: uuid2 Value: 8004824041289539598
m.exactag.com/	1970-01-20 17:10:49	Name: exactag_new_gk Value: 528fa514b0344ac199924943caad6006%7C24.11.2023%2020%3A22%3A28
m.exactag.com/	1970-01-20 19:20:25	Name: exactag_new_uk Value: d176271fd02d445aadf8f66909e941de%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: f279d8478fba4d41ba5b4a82
.adnxs.com/	1970-01-20 17:10:49	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb7Y(U@y!2!_YPupfp68r?FfxLLEpWnlUruyUh-mUJHqB)JdDmFYsTnaFQ+Gf%_o:nxB%(2K:$doS]%6lNH98AZG
.doubleclick.net/	1970-01-20 15:01:14	Name: test_cookie Value: CheckForPermission
.adsrvr.org/	1970-01-20 23:48:15	Name: TDID Value: f7669047-0223-4d41-baa8-54c143efcbc3
.adsrvr.org/	1970-01-20 23:48:15	Name: TDCPM Value: CAEYBTgBQgQiAggB
.tuparada.com/	1970-01-21 00:22:49	Name: __gads Value: ID=51864fe563ada3ef:T=1695673346:RT=1695673346:S=ALNI_MaHcYpwnzGNSxmDPceJqoNJ_Mu9ig
.tuparada.com/	1970-01-21 00:22:49	Name: __gpi Value: UID=00000c86fb01c020:T=1695673346:RT=1695673346:S=ALNI_Mb0yQJFks3rAe0oXQe4z7JK5jXVmA
.tuparada.com/	1970-01-21 00:37:13	Name: _ga_8Z10T12ZTZ Value: GS1.1.1695673346.1.0.1695673350.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
deprecation	warning	URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=bnzq4wb_tcvdzeq_2qr757wv&w=728&h=90&c=tradedesk01cont1&js=pmw2(Line 248) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

76cfd359cf504219fcf6b20674fba089.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ads.eu.criteo.com
ajax.googleapis.com
bid.g.doubleclick.net
c.amazon-adsystem.com
cardsimages.info-tuparada.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
choices.trustarc.com
choices.truste.com
clients1.google.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
cse.google.com
csm.eu.criteo.net
de2-bid.adsrvr.org
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imageproxy.eu.criteo.net
images.info-tuparada.com
insight.adsrvr.org
lh3.googleusercontent.com
m.exactag.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
platform.twitter.com
prod.tahoe-analytics.publishers.advertising.a2z.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync.teads.tv
syndication.twitter.com
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tuparada.com
104.18.26.193
104.244.42.72
104.80.29.75
108.138.7.23
142.250.185.130
142.250.186.98
15.197.133.55
178.250.1.6
18.165.183.35
18.238.243.129
18.239.16.130
18.239.64.29
185.89.210.101
2001:4860:4802:32::36
2001:4860:4802:38::178
2600:1f18:1aca:4282:2964:38bf:f03a:f6a1
2600:9000:20ab:6600:8:48e:53c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:180e
2a00:1450:4001:803::200a
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:400c:c07::9a
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::9
2a02:2638:d::2
2a03:2880:f083:9:face:b00c:0:3
3.33.220.150
34.232.82.202
34.98.64.218
35.162.185.61
52.222.169.54
52.222.236.123
54.203.213.254
63.33.177.221
64.233.167.156
85.14.248.71
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1736657a01faf8c13c6c93e4c6671de9c3c6c525b3b1d73224f5e1201785b44f
17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c
199f319a16283638c5a5ab897eda2c4120737b45109c5013a658afeaeefefc65
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
1fa51aa16a601fff98e0449c882f19bbc8a24c8d2ad8409be75ddb57bbe4bfdd
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
25001abf0a820990ac10029dbbc1a97f2b3f9c773edf4285e15aca4f969d82c1
26d7f8a84d02024b55fa99a4805d82452f57fc679b6246709df78123bd4ef481
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27b6bedfdd4260821bc189221a92cf79a9a35434a24b48b3cd966d4e9bce4e02
27f6c0723a8c90ef39d2894d0058897f4d95586c19b78567a5fd374f76540756
27f7e373c525cf7494c695a7a40eb85fc2b5482520ef90482cc4228bd946c82d
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
29663627685c689e9f6af033713e4684ec16fcab238068c914b9251c79bc949b
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
2b2f370227ef6f5e62558c5963c0064787cc67603d6c108d3532101a67c4632e
2cad1c8be3f8f84a05361f5b560fbd93895541c6da9de09b995ee742f0b4c6ea
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
307c66df79f9391f37f1a57764091775cccbbb93ac2ebe170a24c2382cebdd97
30c64f47498bf0f2a5aa2335b5d45d5e374f23c97dc87b0434a60127ad0cf87d
3114a2497ebc7e6183f2d4bf7562b933707802aefd7f9fba33d9818433257fcb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3354d5d431eb1c6ee087273647f03467ce310e888a90bff81f08d0d70fc983f6
33bb3637c12a17fbc18a9b93ceea2171d0506135347de1fe4a541be60f519453
3663b1b2e15570e1eb8d9126f275bea9f446106de3f90e5c9942f3db05d6f5ed
36cb84d4761fdaee0b7ce2bc57110dedaf05a54762ff59140cb1e0c9d26fe4d1
36f6bceda6d24ba3564911c4d5d05e320ae548b40741dea7e69374af30d725b8
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3b924650664a443a6840633ff3019580022fb0abeed7400e258a32c3765c82d2
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3fe3df1af14b467efdea7843340f3a9126a7d9534d1251dcd3850488e7c554bf
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
43aebbac9f9df27133ad9b502aea0664312269d0997835258d1fe0796605cf77
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471c079b3de1074c5ca4f52efab4bd97eaa947e842cb57792bd0296957854bd2
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47f2eff01623f8e8a99d6f92a77702a2b6a38bb82c3c94d1919d8396beaeb522
48dd6292b5052bbc9f5e30255c0e56ae6e8d4e641084f8485124384f5eabd897
493308519026cfa3d8384b1b59a275d3b5df832a51fcdd0a03b4b0512b9a84fd
4970e1570b8604716eff6f6d33629be54158e630fe1b5f8c72ad9887762edadb
4ab6349eb8d3093ff7ccc9c12e720304d33cc6ab714e7cd46342ff865720e291
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d68864cfeb2d5b353b7417efe9b8e08efbdfc71693d840f4c6adb89805a8af5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
50196ac4c0e105b7a06c64f4065a1a93bc3e8c90330eb792254cadfec480f7b6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
5a27f23f4afc078d98cad160c53804855359326d5f1e05d14d31f4ea56ab5eb8
5d916814a166015778c48d26f9abd4882310879b2a7d4f2aef612445e49d1b05
5eac3936eef91658c1695aa40ec16303c13b74949c60bbcfe39e61f564c66d90
6034e5ee0510f90b538cb59205702151396dda15fc431432b7fc95e4ecde8886
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6296ae462a1d265ba3ecbe45eb840c017b8fa9616a5d1ec51a2f9d77535092d6
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
6673bda617d623cb34b5325401660ab4b319a3305027dbb788ac20ea320d42ba
6713f5d8ad02be50dde6a3a9b63817409d81be94fbfcd47911aad23dabc76acf
68558426bd8a34e30200dd7af8f729b85f1262c5888e076f7ecc2b6edf924a4b
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54
6b3efff1e4e8cbb4b8e897acbcd24b48e71adaf593eeed8b6c9aea80b05337ce
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6db8bd4a23489ea80afba56b589d6857d0ed369655a9726be0cd8a2d190fe1d2
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73946e67ada8207577d53e15397f12a09a281a2fb68223cb6afef9ce3e4b364b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79307c124b796fb168cba133a652c6e2a86951fe59f72560d1e86af85eadbc11
7ad204625ce878839e0f095837614fbb4b709e54fb5612e118a3f03625e65688
7b79f1e2b4aaf1363e2003e23fd38287a1c9200b6cdc77dfd22313c632296eb4
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
7fbd08f34feadcf1f85de276a5826cca59b71b3703e33b6133d09ff1e0e7372c
80f810dc535dfb42a9b10b1aaca45b6145fab8c3ebfb9b6a5c134aed8354fada
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
829354af148cbfc5599d37cb6076ff4edf2379aa263b5726a75b5707547c6be5
82d09a238bfa3b5ac248afcda24d7e075f317e6e3e5af9ec4b4e97853935e937
8478191b654f6d73d151d24c2240564dedddcd5d4f2887574222fab96ab47591
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
87e800b0470bc833c0b5127362391a3cfd9ed10e7fa816af04c6cae9d1b1917c
894b9c618732113e84c706039b058e82c57811fc87dc78e972620513ca8a44b4
896c52ddaa15b33d0d2da5a28a47bf71768aaf8e0fb8670270dba6b2e6da8f6d
8b2c9cba24b22b753cb48f1d7aa04fbe77bf1e6e3d8270184fe8f2b7d12ae142
8b6100050fc76cf02ac1e67238ea9bb6c1799f5a0d140dfbba90f87a1b4aec26
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9203eef2e7058d05a6f6c3f022d1b7c460bd0bce1bfa33dc52dfde9c3dc5e8e2
92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531
974689869c0e433dac5fa380be3e673b2466d041108906302d938c133a9a960c
974c3f70dcc3f6215a988e9ccc52716c03e2cb1861ced108c6efc18d636f1bb6
9853d8631b072885f363ae93548a4ac3b5958ebe7d2852378f6c99352ae17575
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c6b247ba42d4b25c661fe98fae2bb47918c261237e984240eb041b66e391716
9dd7db54b532c521659bb7f82a4c29a0472adc0b6fff109787d806df0324b99a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a6341772407d0bfc4339a7e4f3f039f28d22c6d7d00f3d55d8c74c67597db0e4
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7fb964b751bb87481d19a41ce4dbd2456e564ee230860aa1bc27e9db45ca2e5
a8cbdf1718ed0b5092779bec6c462431a76b44ffcbb7a07ad79554abcb326c72
ab41654684873a8684f6767a2099516dd4f4b62a7543ec3f47da0721932505a2
acac5ecdb15a1aa3e5c1c13b57b868cd9a11551d8dd3b5b5bc6d5d72c00dd1ae
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d38f31cd91ab187ba3ea0f6a99cebb2af453b79185ded461a025aea419b46d
b3d96dc07b5f1b1902a33e493b3b8d6ec60b397ae85de324100dbca5f1f12826
b41eddfc251f7e426170c1b3f691e3b656868476a3f5e36ea0ae0330d30ffed1
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b52af2e1b56c9aa15115a27fd2f561388f5050d59c2469601c6d06c04e7ad24f
b8652f4c60ef1d343912fba83e28b24c700a8fa0f8ddcdc66f519e7904a23919
b8bb71a172a1fe93e899f253c0492d4e5161587509513238caa384a775f13fac
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
bfe33fe93a9e97d0a688943f73d2a257a771e7571187c562ebc9a14fa688e1fa
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c407d3bedbf2b4d8956e44e6d4e321859866abae2220d0454a8c6fad3a180feb
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382
c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925
c84a93bd9c5300c1d75a733958664acf817d565d2ed6a33857582ebc4702beb5
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
cc3c5fe1bf0261bb89e8b3457c925af47ade3fe547648a7c4d86bcf7bd9f4c71
cc8fafe61d36cb1017a8e4eb0415a00882accc25493760e066225eb1317e77a9
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0f30d9983904f424910651e423a74d065204b9e3ab7549c9e8167a6fad50c08
d1edd8e13a888f1ab2333235524039c7bc1265dee9c42a30737848f57b65756b
d46f61b2154133852bb26e398c98a66f048854cf286418684843f3a59f56e920
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d985c937f5850f04011968127d8fa65b2e22d5b0b754f89688003765cc982210
d99f4e6b7e02a840c14163faf29010f6eacb3aa3f6aa736f56120467254a0146
d9def04dc3bfe27be26fc2952951a37202208cbab34b83985108213e10f2bb7b
dae63a0efb7d118b798eedcbdea2061bd12353d21b1a5a135e24ad248a62995a
daeaa72cdd2874079fd566c7618e9ea47094015ef9a9c7670aaa80ec9ecbaf87
dbf03d19d638a650734ed6da9aa7c87ba534362b9eedbfc670b997784739cacf
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df477a4f62362b375d463d5ff1eb2335b81f01dae04eecda23bca05a081a1dfe
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e172df69490747c928b678c9bf3e974e0fa3efaa525c4a825a904d82d7a13a19
e2e31726decc6257e2805d12245f332a1761d5757d4aec270712943bf33560f4
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69828b3759712c469c08b1edb91b6e1c2638d24214e0d252cfeb4dd02872279
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02
efdf730ce29f25e9e0da2f6ecf02c71a5a856367cb5aa7ecc05a62af7555ebaa
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7574614ebc5bbce56884c092ec3947d0ce027881121478dc5b50facbb434acc
f7d3bf60bb7285e447cced86d3356e7222bcdda9903612b383c794a337e2d2b6
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fcd2770104538d9a72e4b531910cd21294f03ae69bcd03f05ec0f6a1c2888d98
fce2bae16aee680e100aeab6d53738985eeb712c0c2f4843fb8c3439db41469f
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe7b01b614fc55d5ca5d6c896e154f0e7d89622e482ce24bbed7f87d1f84f42b
ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720
ff736946ba768763f8d231bbdc095a93f762e4338ad875df7a95907a576fd3b5
ffb3f2bebbc46efc1ef1e01bf529b49b2c39901973101d6f90ebd477a42077b7

www.tuparada.com Open in urlscan Pro 34.232.82.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

294 Requests

96 %HTTPS

57 %IPv6

29 Domains

54 Subdomains

55 IPs

5 Countries

5605 kBTransfer

13745 kBSize

21 Cookies

9 Outgoing links

Redirected requests

294 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tuparada.com Open in urlscan Pro
34.232.82.202 Public Scan

Screenshot
Live screenshot

Full Image

294
Requests

96 %
HTTPS

57 %
IPv6

29
Domains

54
Subdomains

55
IPs

5
Countries

5605 kB
Transfer

13745 kB
Size

21
Cookies

294 HTTP transactions
7 data transactions