pelotainvernal.com Open in urlscan Pro
54.208.89.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pelotainvernal.com/
Submission: On December 18 via api (December 18th 2022, 4:09:18 am UTC) from DO — Scanned from DE

Summary HTTP 363 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 80 IPs in 11 countries across 69 domains to perform 363 HTTP transactions. The main IP is 54.208.89.30, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pelotainvernal.com. The Cisco Umbrella rank of the primary domain is 478236.
TLS certificate: Issued by Amazon on August 5th 2022. Valid for: a year.

This is the only time pelotainvernal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	54.208.89.30 54.208.89.30	14618 (AMAZON-AES) (AMAZON-AES)
4	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:179	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	52.217.195.192 52.217.195.192	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::ac43:b7f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	104.18.135.145 104.18.135.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.19.54.139 3.19.54.139	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1 32	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
2	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
2	99.86.4.124 99.86.4.124	16509 (AMAZON-02) (AMAZON-02)
3	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	92.122.244.32 92.122.244.32	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 4	3.65.71.95 3.65.71.95	16509 (AMAZON-02) (AMAZON-02)
2 2	52.58.191.156 52.58.191.156	16509 (AMAZON-02) (AMAZON-02)
2	3.66.71.88 3.66.71.88	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
8 9	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1	23.218.209.87 23.218.209.87	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:211... 2600:9000:211e:c600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	146.20.128.146 146.20.128.146	27357 (RACKSPACE) (RACKSPACE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
2	54.78.253.158 54.78.253.158	16509 (AMAZON-02) (AMAZON-02)
3 3	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
15	146.20.132.154 146.20.132.154	27357 (RACKSPACE) (RACKSPACE)
3 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4 4	35.174.181.179 35.174.181.179	14618 (AMAZON-AES) (AMAZON-AES)
2 8	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	35.241.34.106 35.241.34.106	15169 (GOOGLE) (GOOGLE)
21	146.20.128.182 146.20.128.182	27357 (RACKSPACE) (RACKSPACE)
36	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 26	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:5:8e0b:5ab8:71a4	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:9000:211... 2600:9000:211e:e200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	52.57.231.104 52.57.231.104	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.108 185.86.137.108	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.193.52.247 18.193.52.247	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
6	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:6ea0:f40... 2a02:6ea0:f400::4	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8 8	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
2	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
3 4	23.2.214.113 23.2.214.113	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	2602:803:c003... 2602:803:c003:200::77	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:d::1732:83d6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	99.86.4.3 99.86.4.3	16509 (AMAZON-02) (AMAZON-02)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
2	213.254.244.25 213.254.244.25	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	13.41.118.175 13.41.118.175	16509 (AMAZON-02) (AMAZON-02)
1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	65.9.66.11 65.9.66.11	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
2	18.170.123.253 18.170.123.253	16509 (AMAZON-02) (AMAZON-02)
363	80

6 54.208.89.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-89-30.compute-1.amazonaws.com

pelotainvernal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:179 (United States)

ASN13335 (CLOUDFLARENET, US)

flower-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.217.195.192 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:b7f8 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-conectate.kiskoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.135.145 (None, )

ASN13335 (CLOUDFLARENET, US)

t.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:400d:80a::2001 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-124.fra6.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creative.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.122.244.32 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-122-244-32.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.65.71.95 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-71-95.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.191.156 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-191-156.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.71.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-71-88.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.134 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-87.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:c600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.9.251 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.39 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.20.128.146 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.253.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

tag.escalated.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.223.115 (Groningen, Netherlands) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 146.20.132.154 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.174.181.179 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-181-179.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.34.106 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 106.34.241.35.bc.googleusercontent.com

c.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 146.20.128.182 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.154.237 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.18 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:5:8e0b:5ab8:71a4 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:e200:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.231.104 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-231-104.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.52.247 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-52-247.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:f400::4 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)

vast.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 84.200.5.215 (Germany) 8 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.2.214.113 (Amsterdam, Netherlands) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-214-113.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::77 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:d::1732:83d6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-3.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.25 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.41.118.175 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-118-175.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-11.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.170.123.253 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-123-253.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 ad.doubleclick.net — Cisco Umbrella Rank: 161 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	352 KB
58	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139	449 KB
48	lkqd.net ad.lkqd.net — Cisco Umbrella Rank: 22754 v.lkqd.net — Cisco Umbrella Rank: 11551 cs.lkqd.net — Cisco Umbrella Rank: 2756 t.lkqd.net — Cisco Umbrella Rank: 18312 creative.lkqd.net — Cisco Umbrella Rank: 167705	3 MB
42	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28664 ad4m.at — Cisco Umbrella Rank: 9760 assets.ad4m.at — Cisco Umbrella Rank: 37651	2 MB
21	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com	302 KB
15	amazonaws.com s3.amazonaws.com	145 KB
12	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	401 KB
7	casalemedia.com 5 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 482 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419 dsum.casalemedia.com — Cisco Umbrella Rank: 1324 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513	6 KB
7	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 394 mug.criteo.com — Cisco Umbrella Rank: 2835	9 KB
6	3lift.com 6 redirects eb2.3lift.com — Cisco Umbrella Rank: 335	3 KB
6	pelotainvernal.com pelotainvernal.com — Cisco Umbrella Rank: 478236	30 KB
5	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 690	1 KB
5	yahoo.com 5 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 279 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408	3 KB
5	4dex.io script.4dex.io — Cisco Umbrella Rank: 1884 mp.4dex.io — Cisco Umbrella Rank: 1980 c.4dex.io — Cisco Umbrella Rank: 5846	25 KB
5	vidoomy.com ads.vidoomy.com — Cisco Umbrella Rank: 22938 a.vidoomy.com — Cisco Umbrella Rank: 8039 vast.vidoomy.com — Cisco Umbrella Rank: 119203 Failed	7 KB
5	seedtag.com t.seedtag.com — Cisco Umbrella Rank: 13646 s.seedtag.com — Cisco Umbrella Rank: 5800	135 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	4 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 446 tps.doubleverify.com — Cisco Umbrella Rank: 474 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 13990	110 KB
4	awin1.com 3 redirects www.awin1.com — Cisco Umbrella Rank: 14058	3 KB
4	lead-alliance.net 4 redirects www.lead-alliance.net — Cisco Umbrella Rank: 71689	1 KB
4	telefonica-partner.de 4 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 73979	951 B
4	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 126078 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 89292	8 KB
4	stackadapt.com 4 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 651	2 KB
4	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 462 pixel.rubiconproject.com — Cisco Umbrella Rank: 309 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10001	12 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 282	2 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8549	1 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	50 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 17733 api.webgains.io — Cisco Umbrella Rank: 52070	31 KB
3	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 710	1 KB
3	loopme.me 3 redirects csync.loopme.me — Cisco Umbrella Rank: 752	623 B
3	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 581	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210 secure.adnxs.com — Cisco Umbrella Rank: 414	3 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 939 pixel.quantserve.com — Cisco Umbrella Rank: 666 cms.quantserve.com — Cisco Umbrella Rank: 639	11 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 154	527 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 566	1 KB
2	conrad.de www.conrad.de — Cisco Umbrella Rank: 59744	909 B
2	blau.de partner.blau.de — Cisco Umbrella Rank: 90883	2 KB
2	o2online.de partner.o2online.de — Cisco Umbrella Rank: 81505	3 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 958 id5-sync.com — Cisco Umbrella Rank: 413	17 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 688	2 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2234	790 B
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 655	889 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4459	653 B
2	escalated.io tag.escalated.io — Cisco Umbrella Rank: 37344	38 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1148 cs.media.net — Cisco Umbrella Rank: 1387	1015 B
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3857	1 KB
2	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 595	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 23217 cdn.firstimpression.io — Cisco Umbrella Rank: 23306	97 KB
2	kiskoo.com cdn-conectate.kiskoo.com — Cisco Umbrella Rank: 192086	3 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	36 KB
2	flower-ads.com flower-ads.com — Cisco Umbrella Rank: 861580	165 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 50569	19 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 41190	2 KB
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 84232	517 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 29316	607 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 315	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 759	711 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 637	13 KB
1	spotxchange.com search.spotxchange.com — Cisco Umbrella Rank: 490	1 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1782	173 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 761	75 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 977	356 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 868	1 KB
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1353	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	702 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	43 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 686	30 KB
363	69

	Domain	Requested by
29	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
26	cm.g.doubleclick.net	1 redirects pelotainvernal.com googleads.g.doubleclick.net a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
26	pagead2.googlesyndication.com	pelotainvernal.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com www.googletagservices.com a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com tpc.googlesyndication.com
21	t.lkqd.net	ad.lkqd.net
18	assets.ad4m.at	as.ad4m.at
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net pelotainvernal.com
15	cs.lkqd.net	ad.lkqd.net
15	s3.amazonaws.com	pelotainvernal.com
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
9	ad.doubleclick.net	8 redirects pelotainvernal.com
9	securepubads.g.doubleclick.net	www.googletagservices.com flower-ads.com securepubads.g.doubleclick.net pelotainvernal.com a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
9	www.googletagservices.com	pelotainvernal.com googleads.g.doubleclick.net a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
8	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
8	www.gstatic.com	googleads.g.doubleclick.net
7	ad.lkqd.net	pelotainvernal.com ad.lkqd.net
6	eb2.3lift.com	6 redirects
6	pelotainvernal.com	pelotainvernal.com
5	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
5	onetag-sys.com	2 redirects flower-ads.com pelotainvernal.com
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	pelotainvernal.com googleads.g.doubleclick.net
4	www.awin1.com	3 redirects as.ad4m.at
4	www.lead-alliance.net	4 redirects
4	www.telefonica-partner.de	4 redirects
4	ssum-sec.casalemedia.com	4 redirects
4	sync.srv.stackadapt.com	4 redirects
4	v.lkqd.net	ad.lkqd.net
4	x.bidswitch.net	4 redirects
4	gum.criteo.com	2 redirects static.criteo.net
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	cdn.jsdelivr.net	pelotainvernal.com securepubads.g.doubleclick.net a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
3	ad.turn.com	3 redirects
3	csync.loopme.me	3 redirects
3	ap.lijit.com	2 redirects flower-ads.com
3	ups.analytics.yahoo.com	3 redirects
3	mug.criteo.com	pelotainvernal.com
3	a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	t.seedtag.com	flower-ads.com t.seedtag.com
2	api.webgains.io	analytics.webgains.io
2	sb.scorecardresearch.com
2	cdn.doubleverify.com	ad.lkqd.net pelotainvernal.com
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	www.conrad.de	as.ad4m.at
2	partner.blau.de	as.ad4m.at
2	partner.o2online.de	as.ad4m.at
2	prod-rtb.ad4mat.net	pelotainvernal.com
2	static-de.ad4mat.net	as.ad4m.at
2	vast.vidoomy.com	ad.lkqd.net
2	secure.adnxs.com	2 redirects
2	pm.w55c.net	2 redirects
2	match.360yield.com	2 redirects
2	s.ad.smaato.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	d5p.de17a.com	2 redirects
2	c.4dex.io	pelotainvernal.com
2	tag.escalated.io	ecdn.firstimpression.io tag.escalated.io
2	fastlane.rubiconproject.com	flower-ads.com
2	a.vidoomy.com	pelotainvernal.com
2	ads.creative-serving.com	2 redirects
2	ads.stickyadstv.com	pelotainvernal.com ad.lkqd.net
2	script.4dex.io	flower-ads.com script.4dex.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s.seedtag.com	t.seedtag.com
2	cdn-conectate.kiskoo.com	pelotainvernal.com
2	cdnjs.cloudflare.com	pelotainvernal.com
2	flower-ads.com	pelotainvernal.com flower-ads.com
1	tpsc-frc.doubleverify.com	cdn.doubleverify.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	dsum-sec.casalemedia.com
1	dsum.casalemedia.com	1 redirects
1	cs.media.net
1	track.webgains.com	as.ad4m.at
1	tps.doubleverify.com	cdn.doubleverify.com
1	banner.congstar.de	as.ad4m.at
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
1	beacon-ams3.rubiconproject.com	pelotainvernal.com
1	creative.lkqd.net
1	id5-sync.com	cdn.id5-sync.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	search.spotxchange.com	ad.lkqd.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel.quantserve.com	pelotainvernal.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	prebid.media.net	flower-ads.com
1	htlb.casalemedia.com	flower-ads.com
1	mp.4dex.io	flower-ads.com
1	ib.adnxs.com	flower-ads.com
1	rules.quantcount.com	secure.quantserve.com
1	widgets.outbrain.com	pelotainvernal.com
1	secure.quantserve.com	t.seedtag.com
1	ecdn.firstimpression.io	pelotainvernal.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ads.vidoomy.com	flower-ads.com
1	www.googletagmanager.com	pelotainvernal.com
1	code.jquery.com	pelotainvernal.com
363	108

This site contains links to these domains. Also see Links.

Domain
www.conectate.com.do
emisorasdominicanasonline.com

Subject Issuer	Validity	Valid
pelotainvernal.com Amazon	`2022-08-05` - `2023-09-03`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-03`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-28` - `2023-04-28`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2022-11-27` - `2023-12-05`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
ad.lkqd.net R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-27` - `2023-07-18`	a year	crt.sh
*.escalated.io Go Daddy Secure Certificate Authority - G2	`2022-01-03` - `2023-02-04`	a year	crt.sh
c.4dex.io GTS CA 1D4	`2022-11-07` - `2023-02-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-29`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
creative.lkqd.net R3	`2022-11-18` - `2023-02-16`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 48 frames:

Primary Page: https://pelotainvernal.com/
Frame ID: 69D52D0FE68735269B61D04E4A2C9AB5
Requests: 108 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 13CAC298A8AAECADC50DFDBA52D51B26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671336549&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671336548702&bpp=5&bdt=227&idt=648&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=6182157099375&frm=20&pv=2&ga_vid=2044881066.1671336549&ga_sid=1671336549&ga_hid=526327406&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C44777948%2C44780792&oid=2&pvsid=418127904971085&tmod=578735001&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L4TCH1rjMZ&p=https%3A//pelotainvernal.com&dtd=676
Frame ID: 6601948E757E9E2B917E71085F135216
Requests: 13 HTTP requests in this frame

Frame: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6D0390D08A655B05DDA8EE72228CB99F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671336549&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671336548709&bpp=5&bdt=233&idt=744&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=6182157099375&frm=20&pv=1&ga_vid=2044881066.1671336549&ga_sid=1671336549&ga_hid=526327406&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C44777948%2C44780792&oid=2&pvsid=418127904971085&tmod=578735001&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vWLQG63vOc&p=https%3A//pelotainvernal.com&dtd=750
Frame ID: 394F7EBD7310DA80E9FF4EAA73D3BAD7
Requests: 11 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 18D1C994D6D23526E50515573EAA2675
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&adk=1812271804&adf=3025194257&lmt=1671336549&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fpelotainvernal.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671336549781&bpp=6&bdt=1305&idt=6&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6fb24eb131bbc96f%3AT%3D1671336549%3AS%3DALNI_MatR30gj4BD4-rhlEG2t0v1C_cRCg&gpic=UID%3D00000b93d6c9ca3f%3AT%3D1671336549%3ART%3D1671336549%3AS%3DALNI_MaXhHZjhrb6R4a7vbf70K6-mAdkYw&prev_fmts=1298x100%2C728x90&nras=1&correlator=6182157099375&frm=20&pv=1&ga_vid=2044881066.1671336549&ga_sid=1671336549&ga_hid=526327406&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C44777948%2C44780792&oid=2&pvsid=418127904971085&tmod=578735001&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=26
Frame ID: DCB86AAC102D81D12C9B716E54C82670
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: E5E22CF37B25A7D3EBBC5AAFAED02D92
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 9AE2447EA0BF6C0DDAD18A41DFDD271C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E542977B92662C1922B7B22104BA5FFB
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 51C425B0182E31C0C5928DF2CEB4DE21
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: D62412993BC2A8D0102B55F750778D48
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: 7E9E4C7F229EFD3412C4B1A1175A8917
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 181F73BBC78536AB8F942FCCC9F6B3C8
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 6CC554CF8ECA722E587AC241AD4B7441
Requests: 4 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 90AC5B2FD235BB70C23EE5F6AB4BD0A9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: 9C708545427BDEE92BDF90B9462C3CC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: E04C1A46855FDE135D73E4EEC629B366
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: E4B66F3C2406DD1E3EC6D485C3509A00
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5B707DC5B16FD4F0579AFAA2E2A72A2A
Requests: 18 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 0F1CB3F97E7EBAA421ECE88644BE4D4E
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gb1rfa1efdy0anddn1ggtwbnxr5tv5jj987fxjrpqs6fnb7rph3evsr2m3h1gtm6729x3ayf36bffeq1smd3tp345ytnxs86df0tny5jvkgqxqzfmzt4ya0zhwsmhwvakx760xkb09gp5jpj03wkv1jkxbta9xb4zrrvf7dywsn5sp41c6sv4khzrrx1pp9wszbmew5agry2m8pk5qkc1tpy0t0w4v1p5zrgtzs94b53tc7vg3awkb1xwg6tm0xcb51xe9c9fw7r5wrgf14rj53aqp5qmzfbj35nzy0pkzhpsnax1qe3t3s69zfysske146trx2fj0k47ywncscx1cd52jh4z0fawxsm9sp7cyzsza0www7gf5nts0tf7kbq61vjg458392xtv64xvzf93wssv0jtsr3wsdq59t5bcphf07q2mh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%26client%3Dca-pub-3139134883708761%26adurl%3D
Frame ID: C2698CE4C4350C7A48E6656779EE4CEA
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 12AF8B624C679E9C8F1783B9B99102A6
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jywgh6f7jyp4rqnnfyzsehh16m4rm54rcf228qqgrx929xaesvrxqa0vktf06scqbefyasbdayrw8pg4fta33pjddadfjvejwqdt3yv96q5pt2t9xb50j2g3brrm0ef406yesrahx4wc8q07kbc3kgr9kf37nrvbpdhwj68gxrtte0tmd7fx08y3kbhsffakadpd7qzxr3vnbsw22y3aeahpqpsm9tb5t5sf8w8rgz8c9yb7t8g6ke42y4fxzr4w2ektmqk7xc05s2b1b82ajevty2bg04y2tg9gcq9547rfahk78vve0p7wy4dwt73p2kvbbftyytnhfm7j5wzjzmepmqrg12b4krhfstheqmary276pba4vwksqgt9qtqagm9g24k5hdnpet1mm3hbk24nzsvwxq9x2z5qzxt3w1kdxt78vkzm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%26client%3Dca-pub-3139134883708761%26adurl%3D
Frame ID: 69D94BE6135343C6880BD747C7D9C08C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0CD5FFEF15DF1CFC7F9F991BF41657D4
Requests: 9 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 53A18D2C9555349C7EB9ADA074D6B779
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 564FF3246E16E016F8DEF1A17832AEAB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 507F7516181C4B85F97D3FFFB3E2A90E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: 889360786A40A5F136044FB9AB4DC934
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F00DD08291E20C44A83E245F36A41DCC
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: CF32022B61046B2A9C133CBDDD0D5E7D
Requests: 1 HTTP requests in this frame

Frame: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A6D46295EE592D24ACD8D1A548C5C3C2
Requests: 10 HTTP requests in this frame

Frame: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 931D98D4FA91F0E9383F9065D119E535
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=ba5e7d7edf55835fc6356a217a9cd93a%2F10823066702166494865&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551812&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwbv43sw1ztaam93fhx18kjdysmdnbfqnhzqvmqx07cz7cnep2xcd53g08fjnn9tcwewf24h1nvtvefr035n704wfzz8cwzkyfsmtk5yhg52egzyg1sqn8rvjmpfffnvzt8z88qk8trnwmtfjd9pnqsz7qrcsq745yj7tvhnvyjebyc0d32zn45dtx3s98eyjny8zt12skpy3mze4x10sm8ctbc0w6qfeks71xk16feagn397dtp82vs6zhqkyrjxmevhfhj38c7wne72fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Frame ID: E6D74DECFBBA126AE54E9D57BCC045F2
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=120&d=600&e=&g=fb53d5b6e7560729ac6b301b253d2b90%2F5748129953402504728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551817&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gz79rq8csqnwds2vy0bzek1k720ghstsqrxxp924tkr0ky2pk6brysbjv3m7r2vg36ac1dhhe7jzkm1hccwyv25enee9eb2qqgnb1vrshr4w3bdx16kvs4g0gqj3awr4hrba7nfdkersvdvrkf69ty22aw022mrzvksh9drhpn8qrb997yanc405knhkpeytavs40yaeaddd94s8fc2h2ebbk0qhm8gwbk9x6h7twh24e43cjjv2nz58xzhqx7t7x8py71yq7ttqd3p0nk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Frame ID: 1BF27D94998453EA6F81306D09C032FE
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 15EEB0CCE9A2211AB47CFE41C2A33A7F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 091B77BA2C159361A69772DBC3585CD4
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gpncggc5wee9j6ejqjvxpzmexrh01fep2nqmqxqbdcj3dcne0c5hdczp0ktvr7w200a392zj2kns1g4ac33xm7txhh177hq9rdk43nph3x119y3ecbyd83f6220w8k96g1wjsqm2g17etg9gg1cgx65jse534hfcmq778b9jvzkghedk18d6q8emnae13spktjc0x4w3t05nd931zze2npzmqw1r4cpf0vd52n9997chkaxz88s7ax0dn70mjrzggjdrwb0qwts3yz9bjgp3mg2e9mfhbk3azvt3j9tcns3bq6pewfje957be2tcr3c99pc8aeqcq2ae1baa03198ek79a4t2p9wfhhwb5s21hgm64hskhkct6ry40g5pe2mb9efts27cqpz4fpvmma2mftfv7ebwxnmv20s88j8b2h9btxfz80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%26client%3Dca-pub-7872228587460333%26adurl%3D
Frame ID: C94C83F15A9776B87564EC246DFCA696
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 12F29BBC16E864C9503600FCA91F9DA0
Requests: 8 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/ad.js
Frame ID: 810F9B2AC9C2879918989133CC22AB70
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pelotainvernal.com
Frame ID: 1C9FB1CDE2BFBC77CCED53D440ACD061
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2758585555&adsafe=medium&client=ca-pub-6579838053286784&format=300x600_as&ip=2001:ac8:20:3a00::&output=html&unviewed_position_start=1&url=https://pelotainvernal.com/&sub_client=bidder-447118&hl=de&aceid=MEZbNAGSYDQBmn80AV6ANAEZgTQBQIE0ASmCNAFLgjQBdYI0AZeCNAHZgjQB5YI0AemCNAHrgjQB94I0AQCDNAEHgzQBGIM0ASKDNAEjgzQBOYM0ATyDNAFEgzQBUIM0AVWDNAF6gzQBfoM0AX-DNAGfgzQBrIM0AUtzQQFTc0EBWB5cAjIfXAJ8H1wCF_yIAidCqgIoQqoCKUKqAg9WqgJfW6oCFWCqAi1hqgKAm6oCgZuqAoKbqgJNoKoC2qCqApmoqgKiqKoCM7uqAkW9qgKM3aoCyeKqAqDlqgJU8KoCdPKqAvT1qgJR-KoCJvuqAkL7qgJkB6sCSAyrAsQMqwL0DasCuxCrAq8XqwJjHKsChyWrAg0mqwLcJqsC8ierAlQoqwKxKKsC0yqrAvsrqwI-LqsC5y-rAn4wqwLXMKsC-zCrAikzqwKgOKsC_zirApY5qwJCOqsCDTyrAiM8qwJxPasCJj6rArM-qwK9PqsCyj6rAvc-qwIhQKsCTkGrApJBqwKoQasCF0OrAkBDqwLtQ6sCBkSrApVEqwKkRKsCtkSrAs5FqwKIRqsCpUarAnpIqwKXSasCb0urAn5MqwL4TKsCKe0FAwfafwgKqPsSzaz7Ei_J-xIh1vsSttb7EjPi-xIJ6PsS7PP7EoP4-xIn_vsSYwH8EvYH_BIjCfwScgn8EnkJ_BKJCfwSlwn8ErYJ_BK4CfwS7Ar8Eulb0BPEXNAT91ZrGsjLtS72P59M&awbid_c=AKAmf-Bt8-6RWJb7mbFXapVON7lGXUQO47yKp-Mlhnd-d9n9-ja2pCPUVL8zbTNC3rEX61O5LKOzxNlvwRly4crLZLheMFsydF0ngHKHcKl88DZLMMmpgZ_qf8uekQ9GQQx67YZbAd5J_Fc9aQ_FTB4dkl51ejeiiSLplnJ7gDOkyGIVPzMHiSbR2xfy_4u_RL9A_pStSRfFv5oZKPb61XVbnqOEp6vcVfd7HNmJgB8osHFkxvMfk7rAX16g7B_RwwOx58WWcHCuLRjBUX8h35G_AMcCPZa2AaubxZT9IN3PZ6Zo45BQcuE_nxVCw2dgrGa__QNUsRMJw4aC9gBbwzvrTmQXUFSbc0b0erjS9K086jG0h6tWzZZrZeYQSyebOgugnauCIT_IOFyydopNubrei_mTrelW583JuoUh8ttzixXvEXXynGBA7zZX1GvDzBl2tkyw9Kki0-zwHq5nM3BCxE2oq19trWuQqn2l0nsg8N3G9sLspeZbq4FSg9OFVY_r0n2u3xVBJEx2KpbB-VIbTqnGywSebnAupnnn4DumNZTuk5snq_bKRZgqV8hgb683zKLu7DOMjrta_VSnYi1dE4yGIlDXnJZG_3wihPwRwb99VT311OU&awbid_d=AKAmf-Awwp3y_EyWKPOruiQNvcF0L5cWgdhYQI14SOj2V_ROwlv37Y8LFbwL9-Lw8kBXwSJ6KEB2O2quA1YhILubxXI5do_-lkEeInToL3upv3iZji8LcnULmWz2ihC9GTQGMJ8_EokHXIR-uJNTMKwECWETiusqT6ISYY9L4-vNxoUvr3CCNl4hq2SpnMo7oBPv3K0zdADSe7XOsl8h4MJNhSPi28GWwA65e-SMeATo5PnycR_PGyNDhOYicUWzvH6h0bhliTL5Bn8wUAJ_mRBybFY3XWYwYZAWJHW1Fjwh6kO5X46ITYfdrbTD0-3i0dvs1uz_FjqxU2YTv870mKIgmazLHoxPSSnuZjSfooqSnOUuQAAG4jymwGllrCJ8CA-DRwDlzNKQVqNAJNwHhdMDo6lKTR2S2KYWt_6OO0XDbEbbZKLJmGf6fXATY4SN5J0qqQbwe2lvEYF4Hc8XtHdYsHxj-7Ap0jsqpLnipWI_nDalV-sA4x8b2B_wwTCXDLcobhFaWlzC2yrEp2GZp1p11svdYO_vJh74gqg6281539Ow3nIG4nX83pcXxepMlZj7LAMCYdUfZPY1HVKMKKP9lyifEg7JPtejC1qSfaG7limbTv5ng8L-WTM8Z16zu76kZoRAmdXqcRx2l_faXv5AMXr6JgsToXzjTdWJvDujZZrNBxGqEq5L3CCk5GlkrTdDmgJNv4IjVU0KkCWrIuOBekTUN0ZMP45bcZzbYkAmIoX6a2T-C7AJNqFltr6b-ybQbcOWiawZshOhvr1iPJElPUIfWjtaqGw5MZ45FaIkAJXSJh9HoCuM1qq1A7rppIw6LldBPoiORBWcFldGzRa0O0z5vr-u8FUk_AweDaG9CJ6GiVSAxZHL-J31tlqxGRHIMKvFAs_i-6_GlbjgXfA3jvlqJSzb9P0KhaCAKopQ7V2xfIj_b4bByzmgurZs-D2M4xLAAZDUi7hVhNpC2po6BrjqVbOuG2VqM-mvD4zVt1XN0_YhPymNn46qYH3ts-qN86CQdM9KhSYfQo_wsPXeRV6o6xBWKAlcrr2mz33LBShhx1eeVwjHjRDiRRDVwGz08cjmq6ChU2q6Wlzi8H4MOTt04ZTYn_eLeSo8lLqO4nAqfTc5-0gqUByVHVRUqkcDaoLs0nAPTvycsUai4aIFrajwpIouXSwpv4sHXOq6TpJFYt8o45wmkQNrPchuP5CMjsnn8wONvJwk1bO6OSVfaw8_ZOmEzw&cid=CAQSGwDq26N9N26JFLtXJ7B6W297ZHHgAoSZ11NjHxgBIAo&exk=1512204066&rfl=https%3A%2F%2Fpelotainvernal.com%2F&a_pr=8:3F9BE9E443540BEF
Frame ID: BC8B4F8C5C5D66630CA5ECB76F502F85
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: 01CC38D43F789EAFB4C1848951C45E9D
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 77E0FFD83E29BBCDB541135035C68A93
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dvtp_src.js?ctx=21728770&cmp=DV485761&sid=Verve&plc=Verve-IQM_20210404001_VidJS&adsrv=0&advid=3891363&dvtagver=6.1.src&ppid=302&DVP_PP_IMP_ID=153887582096497800&DVP_DV_TT=1&DVP_DV_CT=2&tagtype=video&DVP_C1=&DVP_C2=&DVP_PUB=430&DVP_SITE=1171093&DVP_CRT=1079652&DVP_PP_BUNDLE_ID=&DVP_PP_AUCTION_IP=&DVPX_PP_AUCTION_UA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F108.0.5359.124%20Safari%2F537.36&turl=https%3A%2F%2Fpelotainvernal.com%2F
Frame ID: 670004309A73AA77BB4A98A76FD195B2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3326.js
Frame ID: E862553485E7893A815F3303C7A451A8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: 337BC875BC09E2EA79B10E48C76471E6
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Frame ID: BB08F62FB1957E38FB44F44A8F5A85EC
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PelotaInvernal.com | Resultados, Calendarios y Posiciones

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

363
Requests

87 %
HTTPS

42 %
IPv6

69
Domains

108
Subdomains

80
IPs

11
Countries

7806 kB
Transfer

13495 kB
Size

67
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.conectate.com.do/articulo/campeones-beisbol-invernal-dominicano/?swcfpc=1
Title: campeón del torneo invernal Dominicano

Search URL Search Domain Scan URL

URL: https://emisorasdominicanasonline.com/
Title: EmisorasDominicanasOnline.com

Search URL Search Domain Scan URL

URL: https://www.conectate.com.do/articulo/estadio-quisqueya-santo-domingo-republica-dominicana/
Title: Estadio Quisqueya Juan Marichal de Santo Domingo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=y7hzlHxHNWFZNjAxL21nN2JVVFJIRnBOWlFxTTVQMy9QQmYrMDVzemx6Z296WDd6aDJXTkxSYUpiQndZd3VMZndKZDBGNjZRVjJNcWFTZXVSYUdOcU0vcDRKWUVlcmtMQTV3c0NocS9IMjJDM0R4WXZ4VkZzamlDWFNFbzNvdmZJS2pVRWgycnpjNUVwTS9KblF4WTVrNmdpVVdVR05qdWx0UEZLanAweGFHZ09IWFpFK040TUtvazFKSE0weDBIcFBaT2QvSHVJbzFjM3JOZkxhZGRvOFdjYW9QSFlRMWFZdlllRTlTVGxyRUg5VTdCZnBXSzJSRjN6OFk4WjB2T0N6d0tXfA&cppv=2

Request Chain 73

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=251720222.659479231458498264.96306354 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=251720222.659479231458498264.96306354 HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=086eb568-cd88-4474-9f53-23eec858e5be HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=086eb568-cd88-4474-9f53-23eec858e5be HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=0399231a-245f-4fd9-a5f7-3de45caa575b&ssp=vidoomy&expires=30&user_group=5&bsw_param=086eb568-cd88-4474-9f53-23eec858e5be HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=086eb568-cd88-4474-9f53-23eec858e5be

Request Chain 74

https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58610/occ?verify=true HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-J0iPcVVE2uFR6pOjX0AFa_9Sxpu.7tVtCSztfcM-~A

Request Chain 112

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b10f1f4b-8e05-46b6-956a-3f2b155bf3ab

Request Chain 115

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3008706098696186039

Request Chain 116

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=-2v7t0iNTtNwVA-078W-LtlAlx4

Request Chain 117

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=20222de1-3dba-4131-938d-480c282892a9

Request Chain 120

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2936648504658258103

Request Chain 121

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=lb-1XUmyQkRlz166Qg3689lAlx4

Request Chain 122

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 168

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=267ac5f0-dab4-4a9e-84a3-5840fb946cfc

Request Chain 171

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2936648504658258103

Request Chain 172

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=lb-1XUmyQkRlz166Qg3689lAlx4

Request Chain 186

https://d5p.de17a.com/cookies/google?google_gid=CAESEDu0vyZmvkwEMyMsviEpeWE&google_cver=1&google_push=AavPq0Md2Vj1GzJYlYmWdtpx7VyF1ZdoWtpow0ITpxKk1uNS6DTV7KEJYvoMTMNKFHs3aGfKtvnwYKdN0VaYEAqXbAaU-R0cTPn4hjk HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDu0vyZmvkwEMyMsviEpeWE&google_cver=1&google_push=AavPq0Md2Vj1GzJYlYmWdtpx7VyF1ZdoWtpow0ITpxKk1uNS6DTV7KEJYvoMTMNKFHs3aGfKtvnwYKdN0VaYEAqXbAaU-R0cTPn4hjk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Md2Vj1GzJYlYmWdtpx7VyF1ZdoWtpow0ITpxKk1uNS6DTV7KEJYvoMTMNKFHs3aGfKtvnwYKdN0VaYEAqXbAaU-R0cTPn4hjk

Request Chain 188

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPiMMeCx2DceZmPu8btoAGI&google_cver=1&google_push=AavPq0OF36d2nW8J1StUwk4C4X2COBQev8cI-QKM34icJnhELtxbvHtB567PP0LVgQEDKp9Xgl4ctsXRB2f7rEwGbaI_q2viHU85yOo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJTVU1OTUstMTgtSVpZOQ==&google_push=AavPq0OF36d2nW8J1StUwk4C4X2COBQev8cI-QKM34icJnhELtxbvHtB567PP0LVgQEDKp9Xgl4ctsXRB2f7rEwGbaI_q2viHU85yOo

Request Chain 189

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_cver=1&google_push=AavPq0PpqtIj3UnDiIXaek6spYPy4CIAwIqgqd2cztuud47yOmWnOP9cZWR3PNbnBM4H_UaBwO9MFZ-1hKrta9fuCE1iOxHG8SFbbEI HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_push=AavPq0PpqtIj3UnDiIXaek6spYPy4CIAwIqgqd2cztuud47yOmWnOP9cZWR3PNbnBM4H_UaBwO9MFZ-1hKrta9fuCE1iOxHG8SFbbEI&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_hm=Y56SZ2zB9pFp319T0YbHvwAABGUAAAIB&google_nid=index&google_push=AavPq0PpqtIj3UnDiIXaek6spYPy4CIAwIqgqd2cztuud47yOmWnOP9cZWR3PNbnBM4H_UaBwO9MFZ-1hKrta9fuCE1iOxHG8SFbbEI

Request Chain 190

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECvVty7zYWgA0g_om0fVuhI&google_cver=1&google_push=AavPq0OES9aYxDC6BBRM7M3io2wVHtNOcTeWn5yznnyoM9kBVM9jdYEvCuEmVQiTa-s2APaQvzMq9heOAoKpLj3qQDKFwvhqT-Zy5g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OES9aYxDC6BBRM7M3io2wVHtNOcTeWn5yznnyoM9kBVM9jdYEvCuEmVQiTa-s2APaQvzMq9heOAoKpLj3qQDKFwvhqT-Zy5g

Request Chain 191

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN2_PdmuUEE-yJnXf-U4hWU&google_cver=1&google_push=AavPq0N2Zsak7SJzbNGQyD0wRFhIPesTTxZP-IVkX2vr30P5wUZCk5W8vRXCTFds7w2mqttrRgZPmyyP5lC9nkmD6umLI0tkOt9-HQ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0N2Zsak7SJzbNGQyD0wRFhIPesTTxZP-IVkX2vr30P5wUZCk5W8vRXCTFds7w2mqttrRgZPmyyP5lC9nkmD6umLI0tkOt9-HQ&google_gid=CAESEN2_PdmuUEE-yJnXf-U4hWU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg0Mzk2NjMxNTgwMjQwMDM5MzU2NQ%3D%3D&google_push=AavPq0N2Zsak7SJzbNGQyD0wRFhIPesTTxZP-IVkX2vr30P5wUZCk5W8vRXCTFds7w2mqttrRgZPmyyP5lC9nkmD6umLI0tkOt9-HQ

Request Chain 192

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELgGvp8Uig0MIULwwZ4ebuY&google_cver=1&google_push=AavPq0Od2SmtUQWbbt16ercVC6-IUT9Jr1fklEmS7RU69lSg7R8sn0DQcn0S5PpGhat2PJ8YHNO3y6UqCcM7aUDJd6BSd_BsLIOi7E1u HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zV014QmtKRTJ1RWNmWUhXUjVLb0JCbEZOTFB6VmJtSH5B&google_push=AavPq0Od2SmtUQWbbt16ercVC6-IUT9Jr1fklEmS7RU69lSg7R8sn0DQcn0S5PpGhat2PJ8YHNO3y6UqCcM7aUDJd6BSd_BsLIOi7E1u

Request Chain 194

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHQnIgy-kNJKAXal3e9nQFU&google_cver=1&google_push=AavPq0PO8HRa5a7NdS0IgqhbMpirzx6clB4k_vk__z39ioi1BF34i8t_5uvnsybfYsr1gHghseQNtRsokkHlMKwo609Dih0m8JBVWbI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PO8HRa5a7NdS0IgqhbMpirzx6clB4k_vk__z39ioi1BF34i8t_5uvnsybfYsr1gHghseQNtRsokkHlMKwo609Dih0m8JBVWbI&google_hm=eS1GT28zUDdSRTJwRWRqNUkyS0JNNHh4MjlWZTFjU2M1QX5B

Request Chain 195

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_cver=1&google_push=AavPq0OChqXsI06YDKtOVXX0piBYAOl9mAWIqb704w6wLJaBlwQDHX5LDsIRsNhWBf7e_bPQ6c_6xmG-Yji0W96aRglarQfo8YBM-Kk HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_push=AavPq0OChqXsI06YDKtOVXX0piBYAOl9mAWIqb704w6wLJaBlwQDHX5LDsIRsNhWBf7e_bPQ6c_6xmG-Yji0W96aRglarQfo8YBM-Kk&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_hm=Y56SZ2zB9pFp319T0YbHvwAABGUAAAIB&google_nid=index&google_push=AavPq0OChqXsI06YDKtOVXX0piBYAOl9mAWIqb704w6wLJaBlwQDHX5LDsIRsNhWBf7e_bPQ6c_6xmG-Yji0W96aRglarQfo8YBM-Kk

Request Chain 196

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPIbR3AimkWvPEPB3S3HleA&google_cver=1&google_push=AavPq0N4fJR1lXVh1XKrlKLgFhIpWP7lO56NBa90ZXZa8TS0TVk4ItWqbfrLJYgWpL2szrZKtMFCJW5bSRlFbClhvJfFXQGri3IwVew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0N4fJR1lXVh1XKrlKLgFhIpWP7lO56NBa90ZXZa8TS0TVk4ItWqbfrLJYgWpL2szrZKtMFCJW5bSRlFbClhvJfFXQGri3IwVew

Request Chain 197

https://match.360yield.com/match/ebda?google_gid=CAESEPOeRkqubTS23gM2Gyd5Xfs&google_cver=1&google_push=AavPq0Nz8RUrt8Qd34e9yyQjQMmvRJJZDKw7kOqMB9-C9mc_45o146MkO9HNSp7nT1H1XHRiG9b110-evNuxoxNPVUCO6OyNqdvyCQ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPOeRkqubTS23gM2Gyd5Xfs&google_cver=1&google_push=AavPq0Nz8RUrt8Qd34e9yyQjQMmvRJJZDKw7kOqMB9-C9mc_45o146MkO9HNSp7nT1H1XHRiG9b110-evNuxoxNPVUCO6OyNqdvyCQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GdoBbBb-T3iI72BWtiIaxQ&google_push=AavPq0Nz8RUrt8Qd34e9yyQjQMmvRJJZDKw7kOqMB9-C9mc_45o146MkO9HNSp7nT1H1XHRiG9b110-evNuxoxNPVUCO6OyNqdvyCQ

Request Chain 198

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN2_PdmuUEE-yJnXf-U4hWU&google_cver=1&google_push=AavPq0P7VHmIAdrCtlFIY5bq20imI6ITw81z_lLDx5HBKzSN6RPEPg_wHze7AR9SlXZq5Uc9qTWlAypqOeAFQHYqqOp6-ZiEWdnpXtU HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0P7VHmIAdrCtlFIY5bq20imI6ITw81z_lLDx5HBKzSN6RPEPg_wHze7AR9SlXZq5Uc9qTWlAypqOeAFQHYqqOp6-ZiEWdnpXtU&google_gid=CAESEN2_PdmuUEE-yJnXf-U4hWU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg0Mzk2NjMxNTgwMjQwMDM5MzU2NQ%3D%3D&google_push=AavPq0P7VHmIAdrCtlFIY5bq20imI6ITw81z_lLDx5HBKzSN6RPEPg_wHze7AR9SlXZq5Uc9qTWlAypqOeAFQHYqqOp6-ZiEWdnpXtU

Request Chain 200

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECvVty7zYWgA0g_om0fVuhI&google_cver=1&google_push=AavPq0Mtdf5Umixk9vHiIbhFMpPtlKccH6Daioxncz3sSwjZUAy00gVkbLiF-PVD_2MbXTMrcLFoMnS3V0cf-t6NSHASR659MlzosVY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0Mtdf5Umixk9vHiIbhFMpPtlKccH6Daioxncz3sSwjZUAy00gVkbLiF-PVD_2MbXTMrcLFoMnS3V0cf-t6NSHASR659MlzosVY HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 202

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECY7CTFFhsprFGi5TOFMTMQ&google_cver=1&google_push=AavPq0Oj4NhegldKOejgauA4VgkSAonxnrqVw8JQ2NfzdysqIBL_Qw_ELuROwRb2DV4h_3DAtJ4KYr760yX5RVQD1reC9rHHjmpZKVM HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECY7CTFFhsprFGi5TOFMTMQ&google_cver=1&google_push=AavPq0Oj4NhegldKOejgauA4VgkSAonxnrqVw8JQ2NfzdysqIBL_Qw_ELuROwRb2DV4h_3DAtJ4KYr760yX5RVQD1reC9rHHjmpZKVM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q0hXeVFka0ExUDZLWjk1&google_gid=CAESECY7CTFFhsprFGi5TOFMTMQ&google_cver=1&google_push=AavPq0Oj4NhegldKOejgauA4VgkSAonxnrqVw8JQ2NfzdysqIBL_Qw_ELuROwRb2DV4h_3DAtJ4KYr760yX5RVQD1reC9rHHjmpZKVM

Request Chain 204

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEUSaF9cnpOatOfxy1yLeI4&google_cver=1&google_push=AavPq0NtwzCOntlgl79RmqwUtv_JptqbWWYaqSoBMBCLP5RK-snuUFZFSBwAzHaLj0WLwpaNcdJO7MyYVuKYti20gKSYUX1EFsw0tg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NtwzCOntlgl79RmqwUtv_JptqbWWYaqSoBMBCLP5RK-snuUFZFSBwAzHaLj0WLwpaNcdJO7MyYVuKYti20gKSYUX1EFsw0tg&google_hm=CG61aM2IRHSfUyPuyFjlvg==

Request Chain 205

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELka9b7w93hvbmoL-wh7Vd8&google_cver=1&google_push=AavPq0N3GBhGfHzwWbVEOsJqA8vpluj_KZ0LWw6_9sz-D5mkFbvDXIfwEZSQD7w_H7oHLfd_UaxEpUdz_xfOcVuoYp_uQpN3NWWUM5w HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELka9b7w93hvbmoL-wh7Vd8&google_cver=1&google_push=AavPq0N3GBhGfHzwWbVEOsJqA8vpluj_KZ0LWw6_9sz-D5mkFbvDXIfwEZSQD7w_H7oHLfd_UaxEpUdz_xfOcVuoYp_uQpN3NWWUM5w&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0N3GBhGfHzwWbVEOsJqA8vpluj_KZ0LWw6_9sz-D5mkFbvDXIfwEZSQD7w_H7oHLfd_UaxEpUdz_xfOcVuoYp_uQpN3NWWUM5w&google_hm=F1a5vGZHQ2_afuAIQISUn0hL

Request Chain 206

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPIbR3AimkWvPEPB3S3HleA&google_cver=1&google_push=AavPq0NVGWMg0I_tHkki6PQxuRbBFrfZVziTRLeMSYhB8HCtI5HTIIT_WI7m1PpC4bupLP7p7n0lKYd1JjDY6XgtBCeJxmOt09AaxqE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NVGWMg0I_tHkki6PQxuRbBFrfZVziTRLeMSYhB8HCtI5HTIIT_WI7m1PpC4bupLP7p7n0lKYd1JjDY6XgtBCeJxmOt09AaxqE

Request Chain 207

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN2_PdmuUEE-yJnXf-U4hWU&google_cver=1&google_push=AavPq0PE5YO6LfSLr9-5NUFbiJQpKxdqoEYHxdU99-QD8t2hZmQxc9_8LAXDI22iw5RdZBxCyrbDRIACrIqDy9UCsAu_wHYOwv6_Jo4 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PE5YO6LfSLr9-5NUFbiJQpKxdqoEYHxdU99-QD8t2hZmQxc9_8LAXDI22iw5RdZBxCyrbDRIACrIqDy9UCsAu_wHYOwv6_Jo4&google_gid=CAESEN2_PdmuUEE-yJnXf-U4hWU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg0Mzk2NjMxNTgwMjQwMDM5MzU2NQ%3D%3D&google_push=AavPq0PE5YO6LfSLr9-5NUFbiJQpKxdqoEYHxdU99-QD8t2hZmQxc9_8LAXDI22iw5RdZBxCyrbDRIACrIqDy9UCsAu_wHYOwv6_Jo4

Request Chain 208

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBeoA-tgaJSM-h3zKioEgaE&google_cver=1&google_push=AavPq0M9RizA9xSeUARKf1WGdFO6dCd-zAMor6cywHicPZa0EPZv7D29xd2jbgAbjk_KKX2xb6zL4IS1JolRahgOHQeLOzn4aPKgu_3G HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEBeoA-tgaJSM-h3zKioEgaE%26google_cver%3D1%26google_push%3DAavPq0M9RizA9xSeUARKf1WGdFO6dCd-zAMor6cywHicPZa0EPZv7D29xd2jbgAbjk_KKX2xb6zL4IS1JolRahgOHQeLOzn4aPKgu_3G HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njg5MTQ3MzY4NjI3MTU0MDg1&google_gid=CAESEBeoA-tgaJSM-h3zKioEgaE&google_cver=1&google_push=AavPq0M9RizA9xSeUARKf1WGdFO6dCd-zAMor6cywHicPZa0EPZv7D29xd2jbgAbjk_KKX2xb6zL4IS1JolRahgOHQeLOzn4aPKgu_3G

Request Chain 212

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 249

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJ--9eulgvwCFfOg_QcdgzkCrw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022121805091279606048099X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022121805091279606048099X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218

Request Chain 252

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CPa79eulgvwCFU1F4AodIjwGdQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022121805091279606048101X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

Request Chain 255

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1671336552_ba7f2ef0-7e89-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 268

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIy79eulgvwCFabtuwgdS34D8A;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022121805091279606048105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022121805091279606048105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218

Request Chain 271

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CJX29eulgvwCFY8y4Aody_MI4g;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022121805091279606048103X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0

Request Chain 274

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1671336552_ba7fa420-7e89-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 299

https://gum.criteo.com/sid/json?origin=publishertagids&domain=pelotainvernal.com&sn=ChromeSyncframe&so=3&topUrl=pelotainvernal.com&bundle=t_D5V19PZSUyRjZ1RmVwc3U0JTJCM2FoOUFuWDZIRGttV3pnYk8yeVRZRW10RVNUUUZDJTJGdFRKSjZIUkFiTnQ3YiUyQmdReWhRJTJCeThGM096SERWNnV3WXZmYk4yV0ZhSUVJJTJGU1ZXc2lTU21aayUyQjQ2aGpnNG5LcXBJNG1VZHZOZGVXZ1AlMkJ5czNic3o&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=6biHqnxFbUlNcldzMnNjbHdIVzl6cTJ5ZkV0TEFRaWtYOW1WU2lOWENwM0Z0eno1aEQ2S1ZrVWdqS1BXZTR0SG1zVVBYREhTVXcwM1pBdGNSZnBkZEU5cURScWtpVTcrNkhSSFRDYW14Ymxaa3RyOUx5cmx5bVJZTjlIRFM2OUgwL0I5UnRFVG12T05ZVW1CMTlORHcwaTMxZnRQNzVpWGJMZmlZdkYxMTZCN0RPU1VWRkNtbUlHSUp4Nk15TE5tUEFlQ3RIai9sMnJCd09VM0dqdmp2cjBJL2ZqZGVmYVZCYmY1YWpsbk85NEMyVC9hS0hhOGJ0VGdrL2Vjc1dhVkFaYmlFenQxdnFEZWgvTmU5Ulk5MjRvVmhZRURpc09vOXBHVUUwVzg5RlpQYnlXOD18&cppv=2

Request Chain 301

https://um.simpli.fi/gp_match?google_gid=CAESELZKKkuXPRqJ4xj-SuD0Zbg&google_cver=1&google_push=AavPq0PX6_BCop9E7qsWkSRRw0j3JE9ROxfl26kwV0_QiTp3f_u7Oli0VMxD23fOuuQp_i2lQ3TTmlXU7HgDn49qIytuzNPC4sg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B4868C7756542A9A29CC97072E476AC&google_push=AavPq0PX6_BCop9E7qsWkSRRw0j3JE9ROxfl26kwV0_QiTp3f_u7Oli0VMxD23fOuuQp_i2lQ3TTmlXU7HgDn49qIytuzNPC4sg

Request Chain 303

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEB5BtOLhvb73fiL4TRtxO1U&google_cver=1&google_push=AavPq0Pujp6FZdaZeZT3Yech554QFtC3SZZ19z1MofCOKlnsO8Bc833eTq_30sp4jCSzXuwWWI73-PL_Ez-gtI2ZpjFXEy_NTDa2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pujp6FZdaZeZT3Yech554QFtC3SZZ19z1MofCOKlnsO8Bc833eTq_30sp4jCSzXuwWWI73-PL_Ez-gtI2ZpjFXEy_NTDa2&google_hm=qKTWFLeOQCepENom2q5nPB4

Request Chain 304

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHQnIgy-kNJKAXal3e9nQFU&google_cver=1&google_push=AavPq0NC6rdhLS75Cqu-V4DwcU55QsSBDWB6-IkW4Lkn5Nnlw9QResaluXC9jdTiTnQEGDhApjpyxfrThLOqAwGk-_gJLOdPHm4R HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NC6rdhLS75Cqu-V4DwcU55QsSBDWB6-IkW4Lkn5Nnlw9QResaluXC9jdTiTnQEGDhApjpyxfrThLOqAwGk-_gJLOdPHm4R&google_hm=eS1GT28zUDdSRTJwRWRqNUkyS0JNNHh4MjlWZTFjU2M1QX5B

Request Chain 305

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELITdWzf1vRmWlOmlUMkyeg&google_cver=1&google_push=AavPq0OcS7IEDQQ6El0xx0UufASnXegiZJtVIIANm5bOM9N0uj0bjgQAvE8kIvSVd8ywz1-omO5xNf_FcwP2B7OYpYKWeSm1gWp9 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELITdWzf1vRmWlOmlUMkyeg&google_cver=1&google_push=AavPq0OcS7IEDQQ6El0xx0UufASnXegiZJtVIIANm5bOM9N0uj0bjgQAvE8kIvSVd8ywz1-omO5xNf_FcwP2B7OYpYKWeSm1gWp9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg1NDY0NDQ5NjY5NTQwNTUx&google_push=AavPq0OcS7IEDQQ6El0xx0UufASnXegiZJtVIIANm5bOM9N0uj0bjgQAvE8kIvSVd8ywz1-omO5xNf_FcwP2B7OYpYKWeSm1gWp9

Request Chain 330

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbxsi7jQEQ6AIY6AIyCFR5nIyM6Xl- HTTP 301
https://tpc.googlesyndication.com/simgad/1855790038366648222

Request Chain 352

https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1671336553_bb1b47e0-7e89-11ed-9792-223985e9a9b7

Request Chain 364

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.srv.stackadapt.com/sync?nid=68&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=lb-1XUmyQkRlz166Qg3689lAlx4

363 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pelotainvernal.com/ 81 KB
16 KB 429ms
215ms Document
text/html 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8650923badeeb32b03adecf301daf73c691bbdf491c5ad1a74c56f07ef325221

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 18 Dec 2022 04:09:08 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/ 160 KB
24 KB 25ms
8ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/bootstrap.min.css

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bd558b6b0fa8256504d6f1796203c55c540013d7d4021f79241476f3ac49dac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 18 Dec 2022 04:09:08 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1039891
x-jsd-version: 5.1.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23945
x-served-by: cache-fra-eddf8230024-FRA, cache-hhn-etou8220027-HHN
x-jsd-version-type: version
etag: W/"28033-Lut6yvcPnqX8AiDhXoU9TgvRAp8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 responsiveslides.css
pelotainvernal.com/vendor/slider/ 490 B
421 B 102ms
100ms Stylesheet
text/css 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/vendor/slider/responsiveslides.css
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2017 10:38:14 GMT
server: nginx
etag: W/"59dca316-1ea"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 site.css
pelotainvernal.com/css/ 18 KB
4 KB 102ms
101ms Stylesheet
text/css 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/css/site.css?v=2.50
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d74835ebc144bb92d18a970ca79cae0840c356a5967bb1d1d9428c32c183cdb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: gzip
last-modified: Sun, 26 Dec 2021 10:53:15 GMT
server: nginx
etag: W/"61c8499b-4711"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 105ms
42ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Dec 2022 03:00:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Dec 2022 04:09:08 GMT

GET
H2 200 smart-app-banner.css
pelotainvernal.com/js/smartapp/ 6 KB
1 KB 103ms
102ms Stylesheet
text/css 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/js/smartapp/smart-app-banner.css
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 43ed01782a52f74351b31f996f02f0761540c3af7cdbd0693891a3e5abcfa3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 12:50:23 GMT
server: nginx
etag: W/"5bc8818f-17b9"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 136ms
74ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0c800eb323c1ce828b85ac0ee2c3b96019740de8a54c26e8d5d2466100ee9d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49463
x-xss-protection: 0
server: cafe
etag: 114094129853849212
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 04:09:08 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 48ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27542
x-xss-protection: 0
server: sffe
etag: "1424 / 792 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 18 Dec 2022 04:09:08 GMT

GET
H2 200 pelotainvernal.js Show response
flower-ads.com/tag/pelotainvernal/ 231 KB
68 KB 66ms
27ms Script
application/x-javascript 2606:4700:20::681a:179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3620d28357207cd4b8092fe728bed5a606c78c07d4043ed225b7c3e8e58fa731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 111
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 30 Nov 2022 14:17:03 GMT
server: cloudflare
etag: W/"39a62-638765df-0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKdce%2FPvKhunt9Q0nH1KNxk%2FHQ8GtXaCUjWR9WErLLF5z4ZLLBVareIlsmWrHFCphWkogZ6VRRMUQtN6%2B3756OWIUcMPndoNkv9QuKFr9NnqdTbbbeLc%2BsY27Wcm9oCHgwnB%2F%2FqNC7ZY5wav"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=300
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 77b50a958c8f9295-FRA
expires: Sun, 18 Dec 2022 04:08:22 GMT

GET
H/1.1 200
OK 7902d366eeaba88fdaf00c9aad70217a.png
s3.amazonaws.com/cdn.baseball-new.com/ 4 KB
5 KB 349ms
117ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/7902d366eeaba88fdaf00c9aad70217a.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ffe1619d0cddcd71c73eb41dcf1bf9219646f36b90667b3746c8a6771375fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:09 GMT
Last-Modified: Sun, 22 Nov 2020 13:46:40 GMT
Server: AmazonS3
x-amz-request-id: 4CX6S3AVDTGKRFQ1
ETag: "883334535bb63d443032135b065e0884"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 4585
x-amz-id-2: ekBvgz4L8YgQbE32EDsG28nanY3VM6X48+EIsHzVHaLySfzhzxI3sNu/crGumKm6UkkL1tiOhAw=

GET
H/1.1 200
OK f0fb0b8bc2a38afca24fa01fd5f74635.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
12 KB 349ms
117ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/f0fb0b8bc2a38afca24fa01fd5f74635.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 87ec184cd9b3cfb5ccbf631c766fc0d6b01d8811184a5f6f49f2ec528429dad4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:09 GMT
Last-Modified: Sat, 14 Nov 2020 22:58:57 GMT
Server: AmazonS3
x-amz-request-id: 4CXADQYQKFCQA9HH
ETag: "c8fac8558e3e9e13ca76375e6b1e95fa"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 11566
x-amz-id-2: E9D4QfnrHhr3vNy1Fmf/Gyy9biDfn8dL8iCiwiQ2sVs9peI8YIMsjfagWqDZg5O8UD3GZy2bx/E=

GET
H/1.1 200
OK bc83c5669a23ea41ef5f755bfbd50ebd.png
s3.amazonaws.com/cdn.baseball-new.com/ 12 KB
13 KB 352ms
119ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/bc83c5669a23ea41ef5f755bfbd50ebd.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 19737707017ce7f188707e1e6fbae40088945cb235a8c37971b507b97d771a4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:09 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:20 GMT
Server: AmazonS3
x-amz-request-id: 4CX80MGEC519EA3S
ETag: "97c26d2ba9057f036660b0f2c8b181ab"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 12564
x-amz-id-2: CikLcTu3Up9ReWcw2z6zT75L5qc1ni/vRvuYUMjUGZQfR9JZ4wC2n5qk+ULzXkjoUtxuEQs2Pew=

GET
H/1.1 200
OK 0d180431331e93a791f23a77d4b94122.png
s3.amazonaws.com/cdn.baseball-new.com/ 12 KB
12 KB 349ms
117ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/0d180431331e93a791f23a77d4b94122.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a67612c801d54b2817687d2155b63f849b671d96ffd423cb77b36b0b66fa2192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:09 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:14 GMT
Server: AmazonS3
x-amz-request-id: 4CXC9YW96ZYXRF81
ETag: "1fc02092dc83a776e055b8df83f64b50"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 11790
x-amz-id-2: 2K5G/4/29ZThoaIrk6Xg+wXSeGmBWGKlLbP/8fIMHA+t9beC6eYtJDtaZmeUxIAQbhbnsIyo8S0=

GET
H/1.1 200
OK 3657a463e594aec7d83697355ad2e541.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
11 KB 350ms
122ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/3657a463e594aec7d83697355ad2e541.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 09778ab5d08d1983b0ba1d423603b1b0f2214947ed465534dcc9ac047bf929ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:09 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:02 GMT
Server: AmazonS3
x-amz-request-id: 4CXA6W42NZGJP1S7
ETag: "1375b3cdbbeb3aa10a2abef1543beafd"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 11177
x-amz-id-2: q8w9075zwo96v1PM6ASMbuW/4OYU6LMMeOJStxyJgOsmTgROWIxiAwVm9NpgGAOUGkfN0cFGcLw=

GET
H/1.1 200
OK d8b8a0a312b685f33e63d453b0d2db83.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
11 KB 456ms
112ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/d8b8a0a312b685f33e63d453b0d2db83.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bac0705d11ffc896d765dc3507e2ad3abb961795b05bb857039ca92f649a0745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:10 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:09 GMT
Server: AmazonS3
x-amz-request-id: 4HN68V8PA9HF4A3A
ETag: "d00fe6039c67811cd9e76529a3d298df"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10968
x-amz-id-2: h3ecM18595F4xGx0agx7dnJiUIjQsU04m+9HHNVj6uD7iFPrOo4xqybkg0PwrIxSMZqOYwN2Uqo=

GET
H/1.1 200
OK 9888ecc384811ab5781b0310ae9401a9.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
11 KB 111ms
111ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/9888ecc384811ab5781b0310ae9401a9.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 36c2343f3359688c9948184e631420db683b3d1a105206fcf76f1354c106425e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:10 GMT
Last-Modified: Sat, 14 Nov 2020 22:58:50 GMT
Server: AmazonS3
x-amz-request-id: 4HNFSWJMRAG3B8BP
ETag: "25b21a978a769c711a8cc5c6fe2b22a9"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10966
x-amz-id-2: tsdSTZz2I/UOkA0E2y9VwJaBxqe3T/05/u5AWyDYCezzC+YJ465GK191roQyRM9z/PCdVxi/xjg=

GET
H/1.1 200
OK c7c5d314bd780195ca2739e007b04e63.png
s3.amazonaws.com/cdn.baseball-new.com/ 10 KB
10 KB 162ms
162ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/c7c5d314bd780195ca2739e007b04e63.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 47f719c1691461a5d778135c0512d51c87f8eea39be7ddad829830925902674b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:10 GMT
Last-Modified: Tue, 15 Dec 2020 13:21:55 GMT
Server: AmazonS3
x-amz-request-id: 4HNA2DXJYQFC7EH6
ETag: "344653c6dda80cd480444be1aef2a807"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10027
x-amz-id-2: +XwbSRsSAQolmNRCfpgaC8sy3BXl2hm7cyXGJ9tvgzf5L6m88+JEnKujVDn64ZuiYSy3WZyfNW0=

GET
H/1.1 200
OK 8f6f2a20b0b9cd88bcff3b93bdd9c615.png
s3.amazonaws.com/cdn.baseball-new.com/ 8 KB
8 KB 110ms
109ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/8f6f2a20b0b9cd88bcff3b93bdd9c615.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bdbbb447bf69f791cb6717a186852f2b9661ca900a74d8235d37ef9ed65ac0dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:10 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:04 GMT
Server: AmazonS3
x-amz-request-id: 4HNDRW2DM937MS8D
ETag: "f372c04545a398bbcfd0256f8e49d1ac"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 7971
x-amz-id-2: UuSxqkiAFuLZzLCdExalJapG1q3iUw0c7B3yO/Vu5G2UOJ4pyIQerAzfQROpc9SP+qLB929CqOw=

GET
H/1.1 200
OK fa5ccb26f0dc095843644942bde4b7cd.png
s3.amazonaws.com/cdn.baseball-new.com/ 10 KB
10 KB 112ms
110ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/fa5ccb26f0dc095843644942bde4b7cd.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3aa5cdd18374b285ddc76c94ee1735df8b3e518cb7202fa7feec77a3b13437a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:10 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:20 GMT
Server: AmazonS3
x-amz-request-id: 4HNBERKB8M5Z1HGP
ETag: "687caec8c60c4146282dc57feb116506"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 9897
x-amz-id-2: p22V+D2HifX9W5OlQsb5eS/M7waBu15MfzYyNQojIqyn1UFXF8JLy5gO5Wf/r8gp8vChCyvIOj4=

GET
H/1.1 200
OK 0ac73fe9baac5a44d5760cf8eca6394f.png
s3.amazonaws.com/cdn.baseball-new.com/ 10 KB
11 KB 219ms
109ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/0ac73fe9baac5a44d5760cf8eca6394f.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cd257ced5860b54b3c71dd2e1c9704a552f0c2be8e63ef42cdf47e05293da1bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:10 GMT
Last-Modified: Sat, 14 Nov 2020 22:57:44 GMT
Server: AmazonS3
x-amz-request-id: 4HNDZYWPPF05DYD9
ETag: "757f209841921bd84efe00e6415c5118"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10369
x-amz-id-2: aZOCQaQwoknpbPJjwK5P3xuS93WA9FZxhs3iFOOXCFlGc8UUyIPwl+fWGkMtB6MmaRAgVgIHdVE=

GET
H/1.1 200
OK 4a9533cbf5e05f2abc7515331906d891.png
s3.amazonaws.com/cdn.baseball-new.com/ 8 KB
8 KB 109ms
108ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/4a9533cbf5e05f2abc7515331906d891.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 52084175f1ddbd7e4168245880f4dd0c69cedbcac6096306ecae4e56181ad545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:10 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:12 GMT
Server: AmazonS3
x-amz-request-id: 4HN6B5ZR7V42Q3Q7
ETag: "aad87560e4512c4693466db607703d76"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 8155
x-amz-id-2: qqJ5vdWqPBB1rXZlXuz87l9JlwX2h7lGjxOJJzuHG6uR9a82AV7gdzpmKIOD15U1rDC/EgVUis4=

GET
H/1.1 200
OK 45017492450cd1f4a0003643f186f5a3.png
s3.amazonaws.com/cdn.baseball-new.com/ 6 KB
7 KB 110ms
109ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/45017492450cd1f4a0003643f186f5a3.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b59274b06fc793177aedbfa4b52d6d2571528266198414ae2b1795d7d87bff48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:10 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:30 GMT
Server: AmazonS3
x-amz-request-id: 4HN9X3GAEFNQ438Z
ETag: "d5e4057bad41787bb08c8c943e446a95"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 6654
x-amz-id-2: ydVP9Z4e74OYYfI57DexmoR5cRAq3IFRMSmTuqwvgfLHEeBDcLqUViEKYwh3djgD/uzRaooLN18=

GET
H/1.1 200
OK 0ac7c75550df48fba0d82e80f05a0e63.png
s3.amazonaws.com/cdn.baseball-new.com/ 7 KB
8 KB 111ms
111ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/0ac7c75550df48fba0d82e80f05a0e63.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 14fa937604e0fd3f7f1f8fa5daa5ab7e25052e1b1b826688b0109fac4251bf6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:10 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:47 GMT
Server: AmazonS3
x-amz-request-id: 4HN9M99ANB9SN20Z
ETag: "e5144af4c4398b7856b08750c111a29f"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 7432
x-amz-id-2: ycYX4UetmaLrhhFaAvn5ZugOx4yK3u2BvBgb3Ji4oqg+Gu7rouKjmmXRD2IiCoRV3V2u0VXr6gs=

GET
H/1.1 200
OK b91a8061b0b3557371fed15068f48586.png
s3.amazonaws.com/cdn.baseball-new.com/ 8 KB
8 KB 159ms
108ms Image
image/png 52.217.195.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/b91a8061b0b3557371fed15068f48586.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee735ad9351455e1417cd144ed24de18f6311c98a1284b55cd59fd0d25489d22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:10 GMT
Last-Modified: Fri, 28 Oct 2022 15:31:56 GMT
Server: AmazonS3
x-amz-request-id: 4HN24206JYQ9P2QM
ETag: "780b528b59b0bc2a422527bb6507da39"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 7952
x-amz-id-2: z7GUvLI+JShEyaV9yyd3s0f5GHhn9daK0Eat7OrsOha12OJ6PJJeGpkmrVuyK5rfomXdAQHGXOM=

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 33ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: gzip
x-sp-metadata: HS256.CPTA+pwGEp0BCiQ3ZjMwMzI5Yy0wZjlkLTRkNDYtOTBmYy03ZjEwNjVmZGExZTIQ+OiCoKvU+wIaBgjkpPqcBiIiMjAwMTphYzg6MjA6M2EwMDoxMDExOmM2Njo2NzA6MjlhZCjergIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGJiM2YyNjA0LTc3MTYtNGM0MC1iMzgwLWFjNjA5ZmE4NDhmYRit6wEiGAgCEhRjZHMxMzMuZnI4Lmh3Y2RuLm5ldA==.H6IDR1PALUolCSfym2FxAPpjHbh6Ninr4JaHCu3byLQ=
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15283"
vary: Accept-Encoding
x-hw: 1671336548.dop208.fr8.t,1671336548.cds283.fr8.hn,1671336548.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/ 58 KB
16 KB 9ms
8ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/bootstrap.min.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7e9276746ee6d70a75d8362ddd8e20aa1ce8a008c8e39c66a9e05b758f636d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 18 Dec 2022 04:09:08 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 4999759
x-jsd-version: 5.1.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16337
x-served-by: cache-fra-eddf8230063-FRA, cache-hhn-etou8220027-HHN
x-jsd-version-type: version
etag: W/"e753-WcAbHa+/9xO8ID8ILaCWP92iBPQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ 50 KB
16 KB 52ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/moment.min.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 460860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15476
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-c909"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCouGg5N3qCuLNjfwQMTEHA2nXEQcgviS%2BxTBv7p0zW7M6FkNBQ28KALRzlYeeNoHxB72N1Y2TEnUUk0QBim4ub3lL1j73NKk9k3e5Q1qrrXShF80k8vp%2FZQ3E7Xavlx9ZpLFIOKYkWF7xj2kDRrQmFq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77b50a954b9b927f-FRA
expires: Fri, 08 Dec 2023 04:09:08 GMT

GET
H2 200 knockout-min.js Show response
cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/ 59 KB
20 KB 46ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/knockout-min.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2795112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19879
last-modified: Mon, 04 May 2020 16:11:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ecf-ebc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngS7%2FnZF9gOxJ6mhHg3PuOW%2B0lxg%2FT0ajeY0MvxGLVR0qgA3er3tIyklNNwg80n6TYmCk5aI0Zp2Zmmw9TmL4%2F%2F5SiQifRXoc1hsFTJp3pbI%2BVz5IDVdJPwQLNkWbyz1IIDyuncjZO0CcMjSmrdqF4IV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77b50a954b9f927f-FRA
expires: Fri, 08 Dec 2023 04:09:08 GMT

GET
H2 200 knockout-switch-case.min.js Show response
cdn-conectate.kiskoo.com/web/js/ 3 KB
2 KB 50ms
14ms Script
application/javascript 2606:4700:3031::ac43:b7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-conectate.kiskoo.com/web/js/knockout-switch-case.min.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74df90f5f0e27dd5df2470215692754169878aa5443c25a3515e1768e3db03b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TP14HH5ZPD5TPCH1
age: 111
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: DJljPUlxfRicyCj0cZVprQm/ki3T7PegndOBuyOa1ngp++mKdsrkWUYqe3veH1rw6NXsAnJpPVQ=
last-modified: Sat, 13 Oct 2018 08:10:55 GMT
server: cloudflare
etag: W/"c6682e07d18a5a4b0209d9351134154e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mvFMS4XJmyIwtpc33x6rNOnTPpV13eVWNqa2ZUteRsl41rshJRQsjXTOqzTHZ9LkJ2UaHfN5Boq3hKO3S93yH%2FpUIwe1LC8HKTXW1ny6qRZow2fxLpUwp2H%2Fs%2BUxcHYPhabQBzikT269r2EzsfcV9AVZvAdY0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77b50a95897d9a11-FRA

GET
H2 200 game-socket.js Show response
cdn-conectate.kiskoo.com/modules/sport/frontend/assets/js/ 1 KB
907 B 50ms
14ms Script
application/javascript 2606:4700:3031::ac43:b7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-conectate.kiskoo.com/modules/sport/frontend/assets/js/game-socket.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 008be15ff7db879ddccb3bf415d1143924af4eca6d1dd5250726ac423624f9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CB2FN8G8MJ78S7YN
age: 4442
x-amz-storage-class: REDUCED_REDUNDANCY
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 8fzl8mmJfgHlwojtlvIspBTCLVK3HqtTKJuaTXPrNg4KeA5m30cCwpefh2GWuJJ8vv2FFNKh5ss=
last-modified: Wed, 24 Aug 2022 17:10:05 GMT
server: cloudflare
etag: W/"0b6216bc1faa63361b5940d7cea9db21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FssjaqW8EQ7bqT3iodb98fRJA7GrLwkHro6Yb91ymC5eN9SGqHfZJkwjTVpwu4ZA20cStPcLuUQqkhtmB%2BeJfQLgxC9Mb%2B7qWIvvgrK909%2FVE2rGBEcotTjCe0hFjvaKYqwcbhJ%2BoIwFoKMx40E9ntSGmHoYTxE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77b50a95897f9a11-FRA

GET
H2 200 responsiveslides.min.js Show response
pelotainvernal.com/vendor/slider/ 3 KB
2 KB 745ms
740ms Script
application/javascript 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/vendor/slider/responsiveslides.min.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2017 10:38:14 GMT
server: nginx
etag: W/"59dca316-d44"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 smart-app-banner.js Show response
pelotainvernal.com/js/smartapp/ 17 KB
7 KB 948ms
943ms Script
application/javascript 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/js/smartapp/smart-app-banner.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1e894e7cf7187c224f386656a508446013f4cd6edea742f5241ce57258db06c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 12:50:23 GMT
server: nginx
etag: W/"5bc8818f-444b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 52ms
24ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-19230497-1

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9fbf8104decb0113b2a26cd2bde3ac9650580902624681deeecd9d83ef5f54a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43582
x-xss-protection: 0
last-modified: Sun, 18 Dec 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Dec 2022 04:09:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 13CA 10 KB
5 KB 33ms
11ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 18:04:28 GMT
etag: 10353107486223812946
expires: Sat, 31 Dec 2022 18:04:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 199 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 99ms
29ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pelotainvernal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:33:00 GMT
x-content-type-options: nosniff
age: 290168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:33:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
117 KB 132ms
79ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

099f7bd7eeecadbaac06271857ca7ed29a0c4ab338b7ec6bc89170c506f4629d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119959
x-xss-protection: 0
server: cafe
etag: 7087561380695782875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 04:09:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 136ms
86ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pelotainvernal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:33:08 GMT
x-content-type-options: nosniff
age: 290160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:33:08 GMT

GET
H2 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 18:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 17 Dec 2023 18:21:38 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 127 B
719 B 43ms
14ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pelotainvernal.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c54527742912dc24ffdbc35d926d8d76f016b8258e9ebb94dfb50a729d6901df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84
x-xss-protection: 0
expires: Sun, 18 Dec 2022 04:09:08 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27544
x-xss-protection: 0
server: sffe
etag: "1424 / 340 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 18 Dec 2022 04:09:09 GMT

GET
H2 200 prebid7.25.0.pelotainvernal.js Show response
flower-ads.com/tag/pelotainvernal/ 316 KB
97 KB 21ms
21ms Script
application/x-javascript 2606:4700:20::681a:179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3521616fbd1415fd86988bfc9773f6044497f54354e0b924f7db878f91c1af83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
cf-polished: origSize=324455
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 18:22:14 GMT
server: cloudflare
etag: W/"4f367-6373d8d6-0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YH3ck%2BmHxX2AhEbxrlXSjFqSeR7uHw%2BW3TEa6KdcHe%2FdxoQARmpT9L4alW7oiuNZHImcqhAlYfeLJiHx5tSag4jyDUzXZQizalBfSSk2Uz%2BrMsuGaldKJfvwUaaK5nVjbaWKT0UcMWPYPU4J"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=300
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 77b50a989efc9295-FRA
expires: Sun, 18 Dec 2022 04:09:15 GMT

GET
H2 200 2717-2424-01.js Show response
t.seedtag.com/t/ 41 KB
13 KB 47ms
15ms Script
application/javascript 104.18.135.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/t/2717-2424-01.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.135.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f272fccfb3459a79bd48d562cd33cf5086280c5039268ab4d22e2f59b0981de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 49
etag: W/"a2e3-pDVF3zGkS6jY8wETUfSPira+w6s"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
cf-ray: 77b50a994ef3bb41-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 04:29:09 GMT

GET
H/1.1 200
OK pelotainvernal_21072.js Show response
ads.vidoomy.com/ 5 KB
5 KB 397ms
129ms Script
application/javascript 3.19.54.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/pelotainvernal_21072.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 0e63307deac3d8aeab68773529536e2d1d9ad4e09749326cbcdf6d9009b49551

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Dec 2022 04:09:09 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 4791

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
702 B 47ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pelotainvernal.com&callback=_gfp_s_&client=ca-pub-3139134883708761&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e6a0ba351b513818535c7ad400d7ffc937d0a7b42a2c44bedbdd15c808eaace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 118ms
52ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 115ms
52ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6601 116 KB
36 KB 477ms
460ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671336549&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671336548702&bpp=5&bdt=227&idt=648&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=6182157099375&frm=20&pv=2&ga_vid=2044881066.1671336549&ga_sid=1671336549&ga_hid=526327406&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C44777948%2C44780792&oid=2&pvsid=418127904971085&tmod=578735001&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L4TCH1rjMZ&p=https%3A//pelotainvernal.com&dtd=676

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

443f7cd7974328229181280cee948d0f344c1b7b269a7fe8f01ad2e25d98d1ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36514
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:09 GMT
expires: Sun, 18 Dec 2022 04:09:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 560 B
318 B 42ms
41ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418127904971085&correlator=1477057584862135&eid=31070233%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=40135427%2Cpelotainvernal_Video_Intext&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=1276542802&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1671336549432&lmt=1671336549&dlt=1671336548476&idt=916&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=1600x1200&msz=1x-1&fws=0&ohw=0&ga_vid=2044881066.1671336549&ga_sid=1671336549&ga_hid=526327406&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cbb005498c3f209f89019b181c9a8ec2c3d7813122e61a193e654940a4438c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D03 6 KB
3 KB 154ms
56ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:09 GMT
expires: Mon, 18 Dec 2023 04:09:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 394F 86 KB
31 KB 348ms
346ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671336549&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671336548709&bpp=5&bdt=233&idt=744&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=6182157099375&frm=20&pv=1&ga_vid=2044881066.1671336549&ga_sid=1671336549&ga_hid=526327406&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C44777948%2C44780792&oid=2&pvsid=418127904971085&tmod=578735001&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vWLQG63vOc&p=https%3A//pelotainvernal.com&dtd=750

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb358d17fb27d75f81b5bb460eb199c58f94fa28881352593b0bca456f51c456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32045
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:09 GMT
expires: Sun, 18 Dec 2022 04:09:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 st_3.a87c55e82f4e38c7c339.js Show response
t.seedtag.com/c/ 66 KB
21 KB 42ms
26ms Script
application/javascript 104.18.135.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_3.a87c55e82f4e38c7c339.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/2717-2424-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.135.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568264bc1c4cc59e47bc677e8f8133ea8b5c684ddb911913a5ffe2a91161faac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 37650
x-guploader-uploadid: ADPycduNZf12vdd9F1FjIAIX8HmH_D5CCWuwqdhGiqIT5_6rneBzjDv0ZGy3n-eSwMz_P7_akRujTyAPLBX9GXAHLrOMbQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Dec 2022 17:41:24 GMT
server: cloudflare
etag: W/"5b791030ad87e0d00e8d05462eb077f5"
vary: Accept-Encoding
x-goog-hash: crc32c=f3Cb9w==, md5=W3kQMK2H4NAOjQVGLrB39Q==
x-goog-generation: 1671126084511604
content-type: application/javascript
cache-control: public, max-age=5356800
x-goog-stored-content-length: 19733
cf-ray: 77b50a9a6e19996e-FRA
expires: Sat, 18 Feb 2023 04:09:09 GMT

GET
H3 200 st_2.9100ea3f41d5301dbd48.js Show response
t.seedtag.com/c/ 373 KB
100 KB 53ms
37ms Script
application/javascript 104.18.135.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_2.9100ea3f41d5301dbd48.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/2717-2424-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.135.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7382d2ae003d2c93657df0912f924975ba279a3f78743aa90ae0ef63502eb19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 37650
x-guploader-uploadid: ADPycdulLPDCTjuc1eY4tFTbUpXDNnBrLmxJkipUDPiU2fozc7C5fIgXFgPlincvin4PzWT4jhn0DouF6i2Rbx44QmXE4w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Dec 2022 17:41:24 GMT
server: cloudflare
etag: W/"52d53d7b494dbf7305f3f5e9e9171d69"
vary: Accept-Encoding
x-goog-hash: crc32c=c1u8/w==, md5=UtU9e0lNv3MF8/Xp6RcdaQ==
x-goog-generation: 1671126084634646
content-type: application/javascript
cache-control: public, max-age=5356800
x-goog-stored-content-length: 103323
cf-ray: 77b50a9a6e18996e-FRA
expires: Sat, 18 Feb 2023 04:09:09 GMT

GET
H2 200 pv Show response
s.seedtag.com/c/ 987 B
1 KB 43ms
20ms XHR
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/pv?token=2717-2424-01&device=desktop&fullUrl=https%3A%2F%2Fpelotainvernal.com%2F&cache=1671336549632&v=-&ft=true
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.9100ea3f41d5301dbd48.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: af9474e5a7a9093351569e5cb64b9b34596d02e5cd1ede8ead7acf41740f76cf

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
etag: W/"3db-d56IUQUr0/Vgjj1mzqd29BR6edI"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pelotainvernal.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 347 KB
92 KB 33ms
8ms Script
application/javascript 99.86.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-124.fra6.r.cloudfront.net

Software

nginx/1.20.0 / PHP/8.0.14

Resource Hash

e8ec3c176b12a03aebd44a1f69820e94326cf48693cda33f9fc63b97be95325a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 03:43:31 GMT
content-encoding: br
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
last-modified: Sun, 18 Dec 2022 03:43:31 UTC
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 1538
x-powered-by: PHP/8.0.14
etag: W/"f8b966bfd432ff419c7e7f9f5ad382bf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: W2iJZvoK6PwOYOLPLdt74_OVpa2jEaqNagCZXuAEANa99f8PGBiBiA==
x-xss-protection: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 18D1 25 KB
10 KB 61ms
6ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.9100ea3f41d5301dbd48.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
etag: "StHfV9prSwQMxjKWocWEFw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 25 Dec 2022 04:09:09 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 40ms
23ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 84ms
42ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
53ms Image
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpelotainvernal.com%2F&tn=NAV&id=w0&cls=navbar%20navbar-dark%20fixed-top%20bg-dark&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DCB8 214 KB
50 KB 453ms
452ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&adk=1812271804&adf=3025194257&lmt=1671336549&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fpelotainvernal.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671336549781&bpp=6&bdt=1305&idt=6&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6fb24eb131bbc96f%3AT%3D1671336549%3AS%3DALNI_MatR30gj4BD4-rhlEG2t0v1C_cRCg&gpic=UID%3D00000b93d6c9ca3f%3AT%3D1671336549%3ART%3D1671336549%3AS%3DALNI_MaXhHZjhrb6R4a7vbf70K6-mAdkYw&prev_fmts=1298x100%2C728x90&nras=1&correlator=6182157099375&frm=20&pv=1&ga_vid=2044881066.1671336549&ga_sid=1671336549&ga_hid=526327406&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C44777948%2C44780792&oid=2&pvsid=418127904971085&tmod=578735001&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b465194eb5043b81378bd5b49a2b6b99c9366f0a1efa925af210172e7713d690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 50915
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:10 GMT
expires: Sun, 18 Dec 2022 04:09:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
19ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-19230497-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Dec 2022 02:27:24 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6105
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 18 Dec 2022 04:27:24 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 72ms
21ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 18 Dec 2022 04:09:09 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 436141
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=y7hzlHxHNWFZNjAxL21nN2JVVFJIRnBOWlFxTTVQMy9QQmYrMDVzemx6Z296WDd6aDJXTkxSYUpiQndZd3VMZndKZDBGNjZRVjJNcWFTZXVSYUdOcU0vcDRKWUVlcmtMQTV3c0NocS9IMjJDM0R4WXZ4VkZzamlDWFNFbz...

375 B
673 B

49ms
16ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=y7hzlHxHNWFZNjAxL21nN2JVVFJIRnBOWlFxTTVQMy9QQmYrMDVzemx6Z296WDd6aDJXTkxSYUpiQndZd3VMZndKZDBGNjZRVjJNcWFTZXVSYUdOcU0vcDRKWUVlcmtMQTV3c0NocS9IMjJDM0R4WXZ4VkZzamlDWFNFbzNvdmZJS2pVRWgycnpjNUVwTS9KblF4WTVrNmdpVVdVR05qdWx0UEZLanAweGFHZ09IWFpFK040TUtvazFKSE0weDBIcFBaT2QvSHVJbzFjM3JOZkxhZGRvOFdjYW9QSFlRMWFZdlllRTlTVGxyRUg5VTdCZnBXSzJSRjN6OFk4WjB2T0N6d0tXfA&cppv=2

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

628e1ff1dc4353dafb32dc9a90a12069e447c866341654fab0ded52d92388b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1538265
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=y7hzlHxHNWFZNjAxL21nN2JVVFJIRnBOWlFxTTVQMy9QQmYrMDVzemx6Z296WDd6aDJXTkxSYUpiQndZd3VMZndKZDBGNjZRVjJNcWFTZXVSYUdOcU0vcDRKWUVlcmtMQTV3c0NocS9IMjJDM0R4WXZ4VkZzamlDWFNFbzNvdmZJS2pVRWgycnpjNUVwTS9KblF4WTVrNmdpVVdVR05qdWx0UEZLanAweGFHZ09IWFpFK040TUtvazFKSE0weDBIcFBaT2QvSHVJbzFjM3JOZkxhZGRvOFdjYW9QSFlRMWFZdlllRTlTVGxyRUg5VTdCZnBXSzJSRjN6OFk4WjB2T0N6d0tXfA&cppv=2
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 577261
content-length: 0
expires: 0

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1 KB 42ms
14ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:09 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2115478
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OufWYm4ktw%2BvClsA2lYOuG6h3JntozCSl31%2BUBBmM%2BnMbnq0Pqu%2FHb%2B%2FqT4bkuJpH7oGpID5brvJf7v4fnS7XZQYW7Tgt5QFYCUkee%2FA71WHRr1XClKDL1sP30ztuwr1YklcMKMv5QQgqUpX"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 77b50a9ccc4e9bfa-FRA

GET
H3 200 css
fonts.googleapis.com/ Frame 394F 8 KB
895 B 89ms
42ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671336549&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671336548709&bpp=5&bdt=233&idt=744&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=6182157099375&frm=20&pv=1&ga_vid=2044881066.1671336549&ga_sid=1671336549&ga_hid=526327406&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C44777948%2C44780792&oid=2&pvsid=418127904971085&tmod=578735001&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vWLQG63vOc&p=https%3A//pelotainvernal.com&dtd=750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Dec 2022 02:46:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Dec 2022 04:09:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 394F 2 KB
846 B 30ms
28ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 08:18:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 394F 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 394F 3 KB
1 KB 87ms
23ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 394F 18 KB
7 KB 25ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 08:19:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 394F 153 KB
47 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 04:09:09 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 394F 34 KB
14 KB 97ms
21ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 10:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 10:15:50 GMT

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame E5E2 118 KB
35 KB 108ms
39ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
x-sp-metadata: HS256.CPXA+pwGEogBCiQ5Y2Q5NjJkMi0zNDBjLTRmMjItYWRkNS1hNzRjMjRiM2Y4N2IQkKbXzNb5+wIaBgjlpPqcBiINMjE3LjY0LjE1MS4zMCj0oAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGVhY2IzMjBjLWIzNDItNGMxNi1hNmUwLWI1MWUwYWMxNWJhMxi1lwIiGAgCEhRjZHMwMzAubG80Lmh3Y2RuLm5ldA==./hh9YBY12BRz3lDWyFEnRBJNTKSpsYM82TL0MT9rKqc=
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1671336549.cds035.lo4.hn,1671336549.cds030.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 9AE2 118 KB
35 KB 116ms
59ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
x-sp-metadata: HS256.CPXA+pwGEogBCiQ4OGM1MTU4YS1lODBkLTQ1NjctODVkYS1kMDFhYmEyN2UzNzAQkKbXzNb5+wIaBgjlpPqcBiINMjE3LjY0LjE1MS4zMCj0oAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGYyM2FjZTg0LTA3ZDctNDBlOS1hNTk4LWRjZmMyZjY4NjJlMRi1lwIiGAgCEhRjZHMwMzAubG80Lmh3Y2RuLm5ldA==.TedWDsXAdmOralGbT/QG1ulvyIYrlzz/RvnHi6N3MGQ=
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1671336549.cds035.lo4.hn,1671336549.cds030.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
542 B 553ms
178ms Image
image/gif 92.122.244.32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.244.32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-122-244-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Dec 2022 04:09:10 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1671336550445005-574
Expires: Sun, 18 Dec 2022 04:09:10 GMT

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=251720222.659479231458498264.96306354
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=251720222.659479231458498264.96306354
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=086eb568-cd88-4474-9f53-23eec858e5be
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=086eb568-cd88-4474-9f53-23eec858e5be
https://x.bidswitch.net/sync?dsp_id=4&user_id=0399231a-245f-4fd9-a5f7-3de45caa575b&ssp=vidoomy&expires=30&user_group=5&bsw_param=086eb568-cd88-4474-9f53-23eec858e5be
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=086eb568-cd88-4474-9f53-23eec858e5be

43 B
356 B

7ms
6ms

Image
image/gif

3.66.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=086eb568-cd88-4474-9f53-23eec858e5be
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Server: 3.66.71.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-71-88.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=086eb568-cd88-4474-9f53-23eec858e5be
date: Sun, 18 Dec 2022 04:09:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58610/occ
https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-J0iPcVVE2uFR6pOjX0AFa_9Sxpu.7tVtCSztfcM-~A

43 B
357 B

37ms
7ms

Image
image/gif

3.66.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-J0iPcVVE2uFR6pOjX0AFa_9Sxpu.7tVtCSztfcM-~A
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Server: 3.66.71.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-71-88.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-J0iPcVVE2uFR6pOjX0AFa_9Sxpu.7tVtCSztfcM-~A
date: Sun, 18 Dec 2022 04:09:10 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 css
fonts.googleapis.com/ Frame 6601 8 KB
895 B 47ms
45ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671336549&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671336548702&bpp=5&bdt=227&idt=648&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=6182157099375&frm=20&pv=2&ga_vid=2044881066.1671336549&ga_sid=1671336549&ga_hid=526327406&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C44777948%2C44780792&oid=2&pvsid=418127904971085&tmod=578735001&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L4TCH1rjMZ&p=https%3A//pelotainvernal.com&dtd=676

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Dec 2022 02:58:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Dec 2022 04:09:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6601 2 KB
765 B 101ms
25ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 08:18:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 6601 23 KB
9 KB 102ms
26ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6601 3 KB
1 KB 61ms
23ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6601 18 KB
7 KB 113ms
37ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 08:19:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6601 153 KB
47 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 04:09:09 GMT

GET
H2 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 6601 34 KB
14 KB 71ms
25ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 01:18:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 394F 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cz5DiZZKeY5mfHsmV7_UPrLuZmAOqrqT6berXjqiPEZaCzYWIFhABIK2Q9B5gleKQgqAHoAHggfD4KMgBAakCzhuwEN3CsT6oAwHIA8sEqgTUAU_Qjl5JszAK9JcSjxmQTMmYzfm6vNb-KLUk9SjIndwJqO9CKtX0t-gznv4RS5B7W9H1EvLr411mkOVTOiE59-b-58WY72LTbuEBqPm5kuZVJpSdX7pZW_Z2Om6wjDXhYfYoHc-JJJtoew5FLNj9OavuzEIZqtX6CfWotnJ449XQHIGoLYfqQpXG6g-JdVphGggdMSBdyeLwIkNEcmXoQrl1BRmsUHAoXrRtSH-hkGKia9uDPCKvfbZYbgxg7zxxV-aD8uSCNJskTvozcBbNRxwWoh-uwATi8ZqjpASSBQQIBBgBkgUECAUYBIAH4LnA2AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCQNdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTMxMzkxMzQ4ODM3MDg3NjEYAA&sigh=FdGOuDT5Hb0&uach_m=[UACH]&cid=CAQSGwDq26N9hbOqnMy7ivYESe4RZTZ8WrWZ4kkRVxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671336549&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671336548709&bpp=5&bdt=233&idt=744&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=6182157099375&frm=20&pv=1&ga_vid=2044881066.1671336549&ga_sid=1671336549&ga_hid=526327406&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C44777948%2C44780792&oid=2&pvsid=418127904971085&tmod=578735001&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vWLQG63vOc&p=https%3A//pelotainvernal.com&dtd=750
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 18 Dec 2022 04:09:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 18 Dec 2022 04:09:09 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 101ms
7ms Image
image/x-icon 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 19:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Dec 2022 19:03:18 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 68ms
7ms Image
image/svg+xml 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Tue, 17 Jan 2023 04:09:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6601 0
0 54ms
54ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdxCbZZKeY_SvGfzI7_UPrsalkAODo9_8bNjHk4HXEIW26c_IAhABIK2Q9B5gleKQgqAHoAHT6dn8KMgBCakCzhuwEN3CsT6oAwHIA8sEqgTgAU_Q3dPwrPxkPIu_cVeS-S5_WdG9F2YP2lg_9lwnPNUwoEQjMEtzbDkiHTq257jiLrqhUpLlNFbrEZwf05BwOblztikIzFA-IRz9oAOWeNoq8C9I9W-tgfVsLzX3mFg3tKt_XoMsVeLJaeMW9b_Ob8aeo4Z1EfaNPwKn9jXvbZwVM7XNA6v1S0DA1-XVnIiem89DA1bKXc2BMKjVN4UvuieLARSOuP6AMLdBCy7g6bVKLWq0YnZCjRCxppCw7LCSV_FOX-0RQXBS-HWs0WxlHj1V1z3r6vOtde9e0cvr8XMcwATrram2kQSSBQQIBBgBkgUECAUYBKAGLoAH06Gq3AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC_nxDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItMzEzOTEzNDg4MzcwODc2MRgA&sigh=MaTZaya7u6U&uach_m=[UACH]&cid=CAQSGwDq26N9x10sMxUKHW4oqZVvChzRD9LahqcD7hgBIBM&template_id=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671336549&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671336548702&bpp=5&bdt=227&idt=648&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=6182157099375&frm=20&pv=2&ga_vid=2044881066.1671336549&ga_sid=1671336549&ga_hid=526327406&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C44777948%2C44780792&oid=2&pvsid=418127904971085&tmod=578735001&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=L4TCH1rjMZ&p=https%3A//pelotainvernal.com&dtd=676
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 18 Dec 2022 04:09:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 18 Dec 2022 04:09:10 GMT

GET
H2 200 rules-p-PFW5FesqXn206.js Show response
rules.quantcount.com/ Frame 18D1 1 KB
1 KB 81ms
6ms Script
application/javascript 2600:9000:211e:c600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 03:47:02 GMT
content-encoding: gzip
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 1329
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 15:36:52 GMT
server: AmazonS3
etag: W/"a521a7bf6d17b50bc9827eaad4be8ecc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: duMO73Nk70a4gHTLuPKim09R51jUgkJdn-gd2cgm1zApnPKkUHiP9A==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
828 B 45ms
12ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 18 Dec 2022 04:09:10 GMT
AN-X-Request-Uuid: b2060ef6-58dc-42cf-b88d-09a184bbe49e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.30; 217.64.151.30; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
451 B 59ms
26ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ba0d2593d2330d5e78b10912e1f10352b1574b02a7055feb62699ecd525e27

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:10 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 77b50a9e0e869a3f-FRA
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
574 B 55ms
25ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=910000
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9ab3f179c703b28a88e2d379df37f5fb9130b2281720e750af6c95ff1eb9e60

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9dScjb4hNLqagqq560%2FvpSsF5NPT7e5DfP516bTTJ1NpFmAeRiGD%2Fwt46%2FhmVNL5HIx8%2FRnv6%2FAI7y%2BC5Nt3M%2BII4CFgZVyJXIwbmPEMnXFibhU8GZq1f9LbX4ugFtVGTjq15VN"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77b50a9e0cae92b4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
366 B 46ms
19ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 9 KB
5 KB 229ms
128ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24930&site_id=447118&zone_id=2620778&size_id=10&rp_schain=1.0,1!flower-ads.com,fw0108,1,,,&eid_pubcid.org=75a8b4cb-d9d7-4c31-b359-5d79bb84ba48%5E1&rf=https%3A%2F%2Fpelotainvernal.com%2F&kw=pelotainvernal%2Cposicionespelotainvernal%2Ccalendariopelotainvernal&tg_i.page=https%3A%2F%2Fpelotainvernal.com%2F&tg_i.domain=pelotainvernal.com&tg_i.pbadslot=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&tk_flint=pbjs_lite_v7.25.0&x_source.tid=437e63a7-fe84-4ad6-8a93-c955a8b33c14&l_pb_bid_id=12f230165b0c0ba&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&slots=1&rand=0.0070031052692069995
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ca3af101364ec3316028fe02dfacc86355cfeac079897a33636e41d99fe83e66

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 9 KB
6 KB 225ms
125ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24930&site_id=447118&zone_id=2620778&size_id=2&rp_schain=1.0,1!flower-ads.com,fw0108,1,,,&eid_pubcid.org=75a8b4cb-d9d7-4c31-b359-5d79bb84ba48%5E1&rf=https%3A%2F%2Fpelotainvernal.com%2F&kw=pelotainvernal%2Cposicionespelotainvernal%2Ccalendariopelotainvernal&tg_i.page=https%3A%2F%2Fpelotainvernal.com%2F&tg_i.domain=pelotainvernal.com&tg_i.pbadslot=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&tk_flint=pbjs_lite_v7.25.0&x_source.tid=88e6ca3e-26f7-4b0b-95ae-73dc8a311604&l_pb_bid_id=13acbdc41eb5ca1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&slots=1&rand=0.26441097874235076
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3b1efaae19dcb7c525d27016287aa9fb6718eb311347056992bd3aec1e57c817

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
405 B 77ms
25ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.25.0
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 9550be4dbbc7a9eb3f70accd7ee908d1675a9f9924c0bf599b53c07f10a98743

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 18 Dec 2022 04:09:10 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://pelotainvernal.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
605 B 40ms
17ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU15JWV5
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 76e9ef12de421d3f6a5f9fb571391ce9c0cfa8276b09856490bb348cbf2cb8d4

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sun, 18 Dec 2022 04:09:10 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 86ms
23ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 18 Dec 2022 04:09:09 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 400569
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 6601 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 83ms
40ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=526327406&t=pageview&_s=1&dl=https%3A%2F%2Fpelotainvernal.com%2F&ul=en-us&de=UTF-8&dt=PelotaInvernal.com%20%7C%20Resultados%2C%20Calendarios%20y%20Posiciones&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=367402507&gjid=631033735&cid=2044881066.1671336549&tid=UA-19230497-1&_gid=2045169535.1671336550&_r=1&gtm=2oubu0&z=1747772478

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
24 KB 40ms
18ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:10 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4DTB9JJ2NTDF1YQK
Age: 2223615
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: w6Tib7TuwkFQhbY6jJVUrIfy8/ni00IrCXkH3qwf0IEzBgnLaQiLbE/eGAIn9gQJSi9KNdI0gjg=
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtXwKfbjnE9XLMrhYJxPMd79x5H3gqAADw%2F6ulzBLYAxYYrXz%2Flz%2BiiYFQMRmCPRez35UMb7zFtZyxuItzaf1AL4yFDthpMbAPNxZm3RW2c0SzkJsEzbF4ezAE7TYxl0QqA6ftKVrUs7ow8x"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY: 77b50a9e6b1d695d-FRA

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E542 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671336549&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671336548709&bpp=5&bdt=233&idt=744&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=6182157099375&frm=20&pv=1&ga_vid=2044881066.1671336549&ga_sid=1671336549&ga_hid=526327406&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C44777948%2C44780792&oid=2&pvsid=418127904971085&tmod=578735001&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vWLQG63vOc&p=https%3A//pelotainvernal.com&dtd=750
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 03:56:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 20 KB
5 KB 80ms
69ms XHR
application/json 99.86.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7293&url=%2F&charset=UTF-8&ch=4&ref=pelotainvernal.com&viewerId=null&referer=&_firid=40303684
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-124.fra6.r.cloudfront.net
Software: nginx/1.20.0 / PHP/8.0.14
Resource Hash: e8f40bccba1b20df36aecef44fbf3d446c60633ad3d0d1f8817aef4fca184d22

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: gzip
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: PHP/8.0.14
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: nginx/1.20.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: lTIyRJvHbL4z590_fRLemdLXsUQ3TLguD8r20KHP4XHbB5DR26OAoA==
expires: 0

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 51C4 4 KB
2 KB 22ms
22ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Sun, 18 Dec 2022 04:09:10 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671336550.cds035.lo4.hn,1671336550.cds074.lo4.c
x-sp-metadata: HS256.CPbA+pwGEogBCiRjMWUzZjFmYi1iY2U3LTQ3NTEtODRkOS1iNjhiMGQwODE1YWMQkKbXzNb5+wIaBgjmpPqcBiINMjE3LjY0LjE1MS4zMCj0oAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGE1N2ZlNzJhLTFhMmQtNGEwYS05MTY5LWNkNGJjY2Y3ZjZjZhjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.bfc1Aqte+ENrcQSnWftpISwf7KwQRysWnvsVfa+BFo0=

GET
H2 200 ad Show response
v.lkqd.net/ Frame E5E2 2 KB
2 KB 307ms
94ms XHR
application/xml 146.20.128.146
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=69113169&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 46fcba2d33ed0c6a8322aee403da08a72043db68a12425fd8520073be4b9a907

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1359

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame D624 4 KB
2 KB 23ms
22ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Sun, 18 Dec 2022 04:09:10 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671336550.cds035.lo4.hn,1671336550.cds074.lo4.c
x-sp-metadata: HS256.CPbA+pwGEogBCiRjZjUxYTJmMS1iMGMyLTRmMDYtYjUyNC0wNzdkYzVlMTk2YzUQkKbXzNb5+wIaBgjmpPqcBiINMjE3LjY0LjE1MS4zMCj0oAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDZmNWI1NjE5LTU2MjEtNDNlYi1hMjM5LTVjYjU3YTgxNTBmOBjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.lFp0T3PXQnM0kVOTsccZBZHYIj+9f4rrLQU0Q7vEBN8=

GET
H2 200 ad Show response
v.lkqd.net/ Frame 9AE2 180 B
356 B 280ms
98ms XHR
application/xml 146.20.128.146
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171094&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=46253307&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
DATA 200
OK truncated
/ Frame 6601 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46ad56f3866042bd7e339da79592dcd0a2beb286dd1b0a22ef6e4701c3bc401e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 394F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2b2b6d7202461df9702f00cb15dd87985d0b1e9a8318333d15e5787641badee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 80ms
26ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-19230497-1&cid=2044881066.1671336549&jid=367402507&gjid=631033735&_gid=2045169535.1671336550&_u=YAhAAUAAAAAAACAAI~&z=117964399

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 18 Dec 2022 04:09:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1518517389;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpelotainvernal.com%2F;ref=https%3A%2F%2Fpelotainvernal.com%2F;uht=2;fpan=1;fpa=P0-27100677-1671336550029;pbc=75a8b4cb-d9d7-...
pixel.quantserve.com/ Frame 18D1 35 B
372 B 26ms
8ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1518517389;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpelotainvernal.com%2F;ref=https%3A%2F%2Fpelotainvernal.com%2F;uht=2;fpan=1;fpa=P0-27100677-1671336550029;pbc=75a8b4cb-d9d7-4c31-b359-5d79bb84ba48;ns=1;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;d=pelotainvernal.com;dst=0;et=1671336550339;tzo=0;ogl=;ses=9e4cb3a9-0727-427d-88c2-740dea1b0733

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 6601 28 KB
28 KB 66ms
25ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:38:02 GMT
x-content-type-options: nosniff
age: 286268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:38:02 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 394F 28 KB
28 KB 61ms
23ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:38:02 GMT
x-content-type-options: nosniff
age: 286268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:38:02 GMT

GET
H/1.1 200
OK / Show response
tag.escalated.io/ 97 KB
37 KB 137ms
35ms Script
text/javascript 54.78.253.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/?i=KxxajmhPPCsT&d=pelotainvernal.com&type=display&cust=7293&sid=direct&c=&cust2=direct

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e5b12f0001d95ff505b926cb079a40f5b8af3595ff994ae7bd0080cf51505a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Dec 2022 18:15:38 GMT
Server: Apache
ETag: "183ac-5efcdb932c680"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 37947
X-XSS-Protection: 1; mode=block

GET
H2

200

cs
cs.lkqd.net/ Frame 51C4
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b10f1f4b-8e05-46b6-956a-3f2b155bf3ab

43 B
308 B

224ms
95ms

Image
image/gif

146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b10f1f4b-8e05-46b6-956a-3f2b155bf3ab
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b10f1f4b-8e05-46b6-956a-3f2b155bf3ab
date: Sun, 18 Dec 2022 04:09:10 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 51C4 43 B
309 B 292ms
94ms Image
image/gif 146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 51C4 43 B
308 B 293ms
96ms Image
image/gif 146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 51C4
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3008706098696186039

43 B
308 B

119ms
103ms

Image
image/gif

146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3008706098696186039
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3008706098696186039
pragma: no-cache
date: Sun, 18 Dec 2022 04:09:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 51C4
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=-2v7t0iNTtNwVA-078W-LtlAlx4

43 B
308 B

93ms
91ms

Image
image/gif

146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=-2v7t0iNTtNwVA-078W-LtlAlx4
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=-2v7t0iNTtNwVA-078W-LtlAlx4
Date: Sun, 18 Dec 2022 04:09:10 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

200

cs
cs.lkqd.net/ Frame D624
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=20222de1-3dba-4131-938d-480c282892a9

43 B
308 B

228ms
99ms

Image
image/gif

146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=20222de1-3dba-4131-938d-480c282892a9
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=20222de1-3dba-4131-938d-480c282892a9
date: Sun, 18 Dec 2022 04:09:10 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame D624 43 B
308 B 287ms
97ms Image
image/gif 146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame D624 43 B
308 B 288ms
98ms Image
image/gif 146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame D624
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2936648504658258103

43 B
308 B

116ms
100ms

Image
image/gif

146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2936648504658258103
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2936648504658258103
pragma: no-cache
date: Sun, 18 Dec 2022 04:09:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame D624
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=lb-1XUmyQkRlz166Qg3689lAlx4

43 B
308 B

92ms
92ms

Image
image/gif

146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=lb-1XUmyQkRlz166Qg3689lAlx4
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=lb-1XUmyQkRlz166Qg3689lAlx4
Date: Sun, 18 Dec 2022 04:09:10 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E542
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

14ms
14ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:10 GMT
expires: Sun, 18 Dec 2022 04:09:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 bids.gif Show response
c.4dex.io/ 0
254 B 37ms
13ms XHR
text/plain 35.241.34.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/bids.gif?adu_code=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&evt=init&ts=1671336550441&pv_id=ebb23846-5d47-433f-9c25-c85599902eab&amts=ban&asizes=728x90&url=undefined&auct_id=148a133e-775f-4fb8-b86b-fd0a1a13cfe7&auct_start=1671336550037&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1671336548044&partid=205204&bidders=appnexus%2Cadagio%2Cix%2Conetag%2Crubicon%2Csovrn%2Cmedianet&cpm=%2C%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C&cat=&dvc=&env=&org_id=1267&pgtyp=&plcmt=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&site=pelotainvernal-com&subcat=&os=&brwsr=&u_ts=1671336550&adgjsv=1.16.2
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H2 204 bids.gif Show response
c.4dex.io/ 0
44 B 37ms
14ms XHR
text/plain 35.241.34.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/bids.gif?adu_code=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&evt=init&ts=1671336550441&pv_id=ebb23846-5d47-433f-9c25-c85599902eab&amts=ban&asizes=300x600&url=undefined&auct_id=148a133e-775f-4fb8-b86b-fd0a1a13cfe7&auct_start=1671336550037&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1671336548044&partid=205204&bidders=adagio%2Conetag%2Crubicon%2Csovrn%2Cmedianet&cpm=%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C&cur=%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C&ttr=%2C%2C%2C%2C&bttr=%2C%2C%2C%2C&sts=%2C%2C%2C%2C&w=%2C%2C%2C%2C&h=%2C%2C%2C%2C&deal=%2C%2C%2C%2C&timeout=%2C%2C%2C%2C&won=%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C&mt=%2C%2C%2C%2C&cat=&dvc=&env=&org_id=1267&pgtyp=&plcmt=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&site=pelotainvernal-com&subcat=&os=&brwsr=&u_ts=1671336550&adgjsv=1.16.2
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 150 KB
51 KB 55ms
54ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95abe6c4dda654ee245ef9c5c97362c0c4586a4a9cad31e07fcae9cfed09d12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52353
x-xss-protection: 0
server: cafe
etag: 9857512762781752507
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 04:09:10 GMT

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E9E 36 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 20:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 20:48:37 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 304ms
96ms Preflight
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 181F 0
166 B 283ms
93ms XHR
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sun, 18 Dec 2022 04:09:11 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 6CC5 230 KB
61 KB 23ms
22ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1671336550.cds035.lo4.hn,1671336550.cds322.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 292ms
95ms Preflight
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx

POST t
t.lkqd.net/ Frame 90AC 0
0

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C70 36 KB
16 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 20:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 20:48:37 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 42ms
41ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame E04C 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 09:14:33 GMT
etag: 10353107486223812946
expires: Sat, 31 Dec 2022 09:14:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame E4B6 10 KB
4 KB 8ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 09:14:33 GMT
etag: 10353107486223812946
expires: Sat, 31 Dec 2022 09:14:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 5B70 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 09:14:33 GMT
etag: 10353107486223812946
expires: Sat, 31 Dec 2022 09:14:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 0F1C 4 KB
2 KB 22ms
21ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Sun, 18 Dec 2022 04:09:10 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671336550.cds035.lo4.hn,1671336550.cds074.lo4.c
x-sp-metadata: HS256.CPbA+pwGEogBCiQ3NTg0OGJlZC1kODI5LTQ2NzQtYTNjNS0wMDBlMTdjZmUxNGYQkKbXzNb5+wIaBgjmpPqcBiINMjE3LjY0LjE1MS4zMCj0oAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDdhNTllNDI5LTBjMTktNDdjNC1hMWIzLTZkMjEwODNjYzMyNRjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.JHI83P56/GHa9RxflbxWUHW/ZS73EyEi8ZD4uUM5aV4=

POST
H2 200 ad Show response
v.lkqd.net/ Frame 6CC5 56 KB
6 KB 200ms
200ms XHR
application/json 146.20.128.146
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=69113169&m=&rtv=1&thost=pelotainvernal.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: edac5953633f83d7093c5166cc12328e35e599bde27bc3fed90d32d914668804

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5674

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 485ms
290ms Preflight 146.20.128.146
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=69113169&m=&rtv=1&thost=pelotainvernal.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Sun, 18 Dec 2022 04:09:11 GMT
server: nginx

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK post Show response
tag.escalated.io/ 31 B
464 B 143ms
41ms Fetch
application/json 54.78.253.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/post

Requested by

Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=pelotainvernal.com&type=display&cust=7293&sid=direct&c=&cust2=direct

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4f4db957340b18ded839648a36bf4271d7edf963930b53aac7351b0a936a1408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 18 Dec 2022 04:09:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: close
Access-Control-Allow-Headers: content-type
Content-Length: 51
X-XSS-Protection: 1; mode=block

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame C269 2 KB
1 KB 57ms
22ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gb1rfa1efdy0anddn1ggtwbnxr5tv5jj987fxjrpqs6fnb7rph3evsr2m3h1gtm6729x3ayf36bffeq1smd3tp345ytnxs86df0tny5jvkgqxqzfmzt4ya0zhwsmhwvakx760xkb09gp5jpj03wkv1jkxbta9xb4zrrvf7dywsn5sp41c6sv4khzrrx1pp9wszbmew5agry2m8pk5qkc1tpy0t0w4v1p5zrgtzs94b53tc7vg3awkb1xwg6tm0xcb51xe9c9fw7r5wrgf14rj53aqp5qmzfbj35nzy0pkzhpsnax1qe3t3s69zfysske146trx2fj0k47ywncscx1cd52jh4z0fawxsm9sp7cyzsza0www7gf5nts0tf7kbq61vjg458392xtv64xvzf93wssv0jtsr3wsdq59t5bcphf07q2mh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%26client%3Dca-pub-3139134883708761%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d247b3e39042c0f82b95bae1d1eb94c3f03d66c1cf25ecc1555086fb8b84cb4f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77b50aa5582691ea-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E04C 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 12AF 1 KB
643 B 41ms
21ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 18 Dec 2022 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E04C 18 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 08:19:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E04C 0
0 316ms
14ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTBBpM32hGzPSBrduhCZwOEkskmMTSvnXDL2modmRLyRYqujH2Xkv2kJxzrTnfI_WYPYxuTyPBpoENpYPI7ISoBwyImpQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E04C 153 KB
47 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 04:09:10 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 69D9 2 KB
2 KB 54ms
21ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jywgh6f7jyp4rqnnfyzsehh16m4rm54rcf228qqgrx929xaesvrxqa0vktf06scqbefyasbdayrw8pg4fta33pjddadfjvejwqdt3yv96q5pt2t9xb50j2g3brrm0ef406yesrahx4wc8q07kbc3kgr9kf37nrvbpdhwj68gxrtte0tmd7fx08y3kbhsffakadpd7qzxr3vnbsw22y3aeahpqpsm9tb5t5sf8w8rgz8c9yb7t8g6ke42y4fxzr4w2ektmqk7xc05s2b1b82ajevty2bg04y2tg9gcq9547rfahk78vve0p7wy4dwt73p2kvbbftyytnhfm7j5wzjzmepmqrg12b4krhfstheqmary276pba4vwksqgt9qtqagm9g24k5hdnpet1mm3hbk24nzsvwxq9x2z5qzxt3w1kdxt78vkzm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%26client%3Dca-pub-3139134883708761%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82e537364f69e27918603dcf659dfe007ab68afab61ea270dd2e71f10ce60f5a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77b50aa5582791ea-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E4B6 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0CD5 1 KB
643 B 39ms
21ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 18 Dec 2022 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E4B6 18 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 08:19:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E4B6 0
0 315ms
14ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSA7IzzXvgxuOcqSdvzuNvQv3KUzhw7jPLqIV0gyBJ-Ka_b5yZkJbCMYYfZjyR0AEoGBWF5i5HXOReaBUd_-_IFoh5Qjw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4B6 153 KB
47 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 04:09:10 GMT

GET
H3 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame 5B70 9 KB
4 KB 78ms
20ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 01:19:26 GMT

GET
H3 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame 5B70 10 KB
4 KB 83ms
26ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 14:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 14:10:00 GMT

GET
H3 200 fe770b57936e5b6653f7939c920f5f10.js Show response
www.gstatic.com/mysidia/ Frame 5B70 18 KB
7 KB 87ms
30ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f348bb4ae0699b186e6055db2b1142d872a6a3377a1d1156a3f24451925a6793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7594
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 19:28:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5B70 8 KB
895 B 45ms
45ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Dec 2022 03:49:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Dec 2022 04:09:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5B70 2 KB
765 B 32ms
29ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 08:18:18 GMT

GET
H3 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame 5B70 5 KB
2 KB 81ms
26ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 23:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 23:20:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 5B70 23 KB
9 KB 33ms
30ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5B70 3 KB
1 KB 33ms
31ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5B70 18 KB
7 KB 32ms
30ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 08:19:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5B70 0
0 319ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaROP0v7kG8c4ZOo_OLY1t76G5domyV5LddK_W0c0m1cMCDYgrdP5HD_Fk-3IMLfCpCaAMMRyfaRpSN8cKHywpTPaLJ_qQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B70 153 KB
47 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 04:09:10 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 5B70 34 KB
14 KB 90ms
35ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 10:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 10:15:50 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame 0F1C
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=267ac5f0-dab4-4a9e-84a3-5840fb946cfc

43 B
308 B

97ms
91ms

Image
image/gif

146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=267ac5f0-dab4-4a9e-84a3-5840fb946cfc
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=267ac5f0-dab4-4a9e-84a3-5840fb946cfc
date: Sun, 18 Dec 2022 04:09:10 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 0F1C 43 B
308 B 92ms
91ms Image
image/gif 146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 0F1C 43 B
308 B 94ms
93ms Image
image/gif 146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 0F1C
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2936648504658258103

43 B
308 B

95ms
92ms

Image
image/gif

146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2936648504658258103
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2936648504658258103
pragma: no-cache
date: Sun, 18 Dec 2022 04:09:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 0F1C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=lb-1XUmyQkRlz166Qg3689lAlx4

43 B
308 B

91ms
91ms

Image
image/gif

146.20.132.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=lb-1XUmyQkRlz166Qg3689lAlx4
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=lb-1XUmyQkRlz166Qg3689lAlx4
Date: Sun, 18 Dec 2022 04:09:10 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 53A1 0
166 B 94ms
94ms XHR
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sun, 18 Dec 2022 04:09:11 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 18 Dec 2022 04:09:11 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B70 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEmJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDMKDRArIQAAAAAAgExAMAQKDRArIQAAAAAAAE1AMAEKDRADIQAAgMzMwIFAMAQSGkNLaWs2ZXFsZ3Z3Q0ZYMkJfUWNkWmRzSzhRIhZ0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0KAM=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5B70 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cnnj1ZZKeY-jdMv2C9u8P5bariA_J6fq0ZsuozoDjDqWwlpzDIhABIK2Q9B5gleKQgqAHoAGN7OTZAsgBAakCaPYbDEF-qD6oAwHIA8MEqgTTAU_QjgB4YUtZZOxYStyP5jjOapjuNG0jxt0sQAZriQbu23_H1ljsPj3_MfIW9zZDBAXZUtuEfImXXPxb9-eUtaM8jgHNpE9Kd7s8gMLv6ioHZUKHrdRzeRDahd9Dx6fJFeg0zOICcsS8KSN4ZYSP93_TXzts9crJ9AW173zCAQHu25D-Ek-Q3oH5YKqfdNqmQ959ealmI-n4VuFLsDYCevRz_ymHAUoDuWHu9bz4KSu7JBHjdnewQV2kND5fwaBYpojPKli_idMb5wXjxRIWKSDah0fABOTPpKbMA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAZRgAfbk5umAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOeeAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTMxMzkxMzQ4ODM3MDg3NjEYAA&sigh=yHQv9eaEB70&uach_m=[UACH]&cid=CAQSOwDq26N9AZq-wjDyt1YVH8T0TZOUAB5XRQNVhR5zFgGXy4EIm8hnHKCU5e7M-yomDQBCsK6kNcgSy5mAGAEgEw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 18 Dec 2022 04:09:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 564F 143 B
166 B 8ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 03:56:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 507F 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 18 Dec 2022 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 69D9 89 KB
11 KB 37ms
27ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jywgh6f7jyp4rqnnfyzsehh16m4rm54rcf228qqgrx929xaesvrxqa0vktf06scqbefyasbdayrw8pg4fta33pjddadfjvejwqdt3yv96q5pt2t9xb50j2g3brrm0ef406yesrahx4wc8q07kbc3kgr9kf37nrvbpdhwj68gxrtte0tmd7fx08y3kbhsffakadpd7qzxr3vnbsw22y3aeahpqpsm9tb5t5sf8w8rgz8c9yb7t8g6ke42y4fxzr4w2ektmqk7xc05s2b1b82ajevty2bg04y2tg9gcq9547rfahk78vve0p7wy4dwt73p2kvbbftyytnhfm7j5wzjzmepmqrg12b4krhfstheqmary276pba4vwksqgt9qtqagm9g24k5hdnpet1mm3hbk24nzsvwxq9x2z5qzxt3w1kdxt78vkzm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jywgh6f7jyp4rqnnfyzsehh16m4rm54rcf228qqgrx929xaesvrxqa0vktf06scqbefyasbdayrw8pg4fta33pjddadfjvejwqdt3yv96q5pt2t9xb50j2g3brrm0ef406yesrahx4wc8q07kbc3kgr9kf37nrvbpdhwj68gxrtte0tmd7fx08y3kbhsffakadpd7qzxr3vnbsw22y3aeahpqpsm9tb5t5sf8w8rgz8c9yb7t8g6ke42y4fxzr4w2ektmqk7xc05s2b1b82ajevty2bg04y2tg9gcq9547rfahk78vve0p7wy4dwt73p2kvbbftyytnhfm7j5wzjzmepmqrg12b4krhfstheqmary276pba4vwksqgt9qtqagm9g24k5hdnpet1mm3hbk24nzsvwxq9x2z5qzxt3w1kdxt78vkzm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%26client%3Dca-pub-3139134883708761%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 400917
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FkU%2BF3V%2BKSmMWNLHR5PZXgAoswtuYHoMc%2BajyPFV0t4lSwj1xZvWZb05Mx05jxrunk26jDxTIJRm0MqQzePQQJ4E5doEvPP0Rq24eskyZLfXB8WA46n6XsPet7hKKACsxUpdB8MDuE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77b50aa63b2b9156-FRA
expires: Sun, 18 Dec 2022 05:09:11 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 69D9 35 KB
12 KB 26ms
16ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jywgh6f7jyp4rqnnfyzsehh16m4rm54rcf228qqgrx929xaesvrxqa0vktf06scqbefyasbdayrw8pg4fta33pjddadfjvejwqdt3yv96q5pt2t9xb50j2g3brrm0ef406yesrahx4wc8q07kbc3kgr9kf37nrvbpdhwj68gxrtte0tmd7fx08y3kbhsffakadpd7qzxr3vnbsw22y3aeahpqpsm9tb5t5sf8w8rgz8c9yb7t8g6ke42y4fxzr4w2ektmqk7xc05s2b1b82ajevty2bg04y2tg9gcq9547rfahk78vve0p7wy4dwt73p2kvbbftyytnhfm7j5wzjzmepmqrg12b4krhfstheqmary276pba4vwksqgt9qtqagm9g24k5hdnpet1mm3hbk24nzsvwxq9x2z5qzxt3w1kdxt78vkzm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 424252
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2Sk70tkD6AXeMZGYXI6qjjbe9lmjpE3xEgk%2Fby6PHa6PQcZ%2B%2B4%2BlPCuozxKyTFX6aM8gnbzZn3PDGWx6XO3NnLtobr2ImRjcTi3WzviHoxwO23RlnGNJcsemjuX1R6igCY6lvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 77b50aa638fe91ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 06:18:09 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame C269 89 KB
12 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gb1rfa1efdy0anddn1ggtwbnxr5tv5jj987fxjrpqs6fnb7rph3evsr2m3h1gtm6729x3ayf36bffeq1smd3tp345ytnxs86df0tny5jvkgqxqzfmzt4ya0zhwsmhwvakx760xkb09gp5jpj03wkv1jkxbta9xb4zrrvf7dywsn5sp41c6sv4khzrrx1pp9wszbmew5agry2m8pk5qkc1tpy0t0w4v1p5zrgtzs94b53tc7vg3awkb1xwg6tm0xcb51xe9c9fw7r5wrgf14rj53aqp5qmzfbj35nzy0pkzhpsnax1qe3t3s69zfysske146trx2fj0k47ywncscx1cd52jh4z0fawxsm9sp7cyzsza0www7gf5nts0tf7kbq61vjg458392xtv64xvzf93wssv0jtsr3wsdq59t5bcphf07q2mh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gb1rfa1efdy0anddn1ggtwbnxr5tv5jj987fxjrpqs6fnb7rph3evsr2m3h1gtm6729x3ayf36bffeq1smd3tp345ytnxs86df0tny5jvkgqxqzfmzt4ya0zhwsmhwvakx760xkb09gp5jpj03wkv1jkxbta9xb4zrrvf7dywsn5sp41c6sv4khzrrx1pp9wszbmew5agry2m8pk5qkc1tpy0t0w4v1p5zrgtzs94b53tc7vg3awkb1xwg6tm0xcb51xe9c9fw7r5wrgf14rj53aqp5qmzfbj35nzy0pkzhpsnax1qe3t3s69zfysske146trx2fj0k47ywncscx1cd52jh4z0fawxsm9sp7cyzsza0www7gf5nts0tf7kbq61vjg458392xtv64xvzf93wssv0jtsr3wsdq59t5bcphf07q2mh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%26client%3Dca-pub-3139134883708761%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 400917
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfoYNWR4pTdtB7XRAvBsm8u%2FmwveWWKtpbaLMizPxIDIXFjHrsE1HTaGuINuStGnd2sM7mu1imqr%2FsHQhgNVrPkzsP9A%2BLaF2Xze3KVnOlW3xWxfI6%2FLvkh5MIUWrujj3emo0CH7wRE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77b50aa63b2e9156-FRA
expires: Sun, 18 Dec 2022 05:09:11 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame C269 35 KB
12 KB 16ms
15ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gb1rfa1efdy0anddn1ggtwbnxr5tv5jj987fxjrpqs6fnb7rph3evsr2m3h1gtm6729x3ayf36bffeq1smd3tp345ytnxs86df0tny5jvkgqxqzfmzt4ya0zhwsmhwvakx760xkb09gp5jpj03wkv1jkxbta9xb4zrrvf7dywsn5sp41c6sv4khzrrx1pp9wszbmew5agry2m8pk5qkc1tpy0t0w4v1p5zrgtzs94b53tc7vg3awkb1xwg6tm0xcb51xe9c9fw7r5wrgf14rj53aqp5qmzfbj35nzy0pkzhpsnax1qe3t3s69zfysske146trx2fj0k47ywncscx1cd52jh4z0fawxsm9sp7cyzsza0www7gf5nts0tf7kbq61vjg458392xtv64xvzf93wssv0jtsr3wsdq59t5bcphf07q2mh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 424252
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwXi4emEWDDw5VeU38QF9LqRo77xy08NVhfWtZspqqUiLDqeirbE4v2%2BznwxehSA0Q4ZQyqT4ruSXSfzgDVguzwTD9crspStrngVQJ19I4EfnzkNNLQZS1eNF0WxfhaKqKz3R0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 77b50aa638fd91ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 06:18:09 GMT

GET
DATA 200
OK truncated
/ Frame 5B70 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0ab5f5c8d85d2ce4888fdce28479127059a0d440bfbec6555e0048dbc9114ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 42ms
42ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 12AF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDu0vyZmvkwEMyMsviEpeWE&google_cver=1&google_push=AavPq0Md2Vj1GzJYlYmWdtpx7VyF1ZdoWtpow0ITpxKk1uNS6DTV7KEJYvoMTMNKFHs3aGfKtvnwYKdN0VaYEAqXbAaU-R0...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDu0vyZmvkwEMyMsviEpeWE&google_cver=1&google_push=AavPq0Md2Vj1GzJYlYmWdtpx7VyF1ZdoWtpow0ITpxKk1uNS6DTV7KEJYvoMTMNKFHs3aGfKtvnwYKdN0VaYEAqXbAaU-...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Md2Vj1GzJYlYmWdtpx7VyF1ZdoWtpow0ITpxKk1uNS6DTV7KEJYvoMTMNKFHs3aGfKtvnwYKdN0VaYEAqXbAaU-R0cTPn4hjk

170 B
188 B

24ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Md2Vj1GzJYlYmWdtpx7VyF1ZdoWtpow0ITpxKk1uNS6DTV7KEJYvoMTMNKFHs3aGfKtvnwYKdN0VaYEAqXbAaU-R0cTPn4hjk

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Md2Vj1GzJYlYmWdtpx7VyF1ZdoWtpow0ITpxKk1uNS6DTV7KEJYvoMTMNKFHs3aGfKtvnwYKdN0VaYEAqXbAaU-R0cTPn4hjk
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 12AF 43 B
356 B 62ms
15ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHxoT52ZqzK8lBdGaygyrLs&google_push=AavPq0MLhTLpKRT_WUyAEsN1ubBt31OR-I66TfD6RdqOI5l54qSFKMn1CKiAbZXthUDwo7s62FZEmxhm7Siv1NfU1SL0gDc4Iyzr_w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 12AF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPiMMeCx2DceZmPu8btoAGI&google_cver=1&google_push=AavPq0OF36d2nW8J1StUwk4C4X2COBQev8cI-QKM34icJnhELtxbvHtB567PP0LVgQEDKp9Xgl4...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJTVU1OTUstMTgtSVpZOQ==&google_push=AavPq0OF36d2nW8J1StUwk4C4X2COBQev8cI-QKM34icJnhELtxbvHtB567PP0LVgQEDKp9Xgl4ctsXRB2f7rEwGbaI_q2viHU85yOo

170 B
188 B

21ms
20ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJTVU1OTUstMTgtSVpZOQ==&google_push=AavPq0OF36d2nW8J1StUwk4C4X2COBQev8cI-QKM34icJnhELtxbvHtB567PP0LVgQEDKp9Xgl4ctsXRB2f7rEwGbaI_q2viHU85yOo

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJTVU1OTUstMTgtSVpZOQ==&google_push=AavPq0OF36d2nW8J1StUwk4C4X2COBQev8cI-QKM34icJnhELtxbvHtB567PP0LVgQEDKp9Xgl4ctsXRB2f7rEwGbaI_q2viHU85yOo
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 12AF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_hm=Y56SZ2zB9pFp319T0YbHvwAABGUAAAIB&google_nid=index&google_push=AavPq0PpqtIj3UnDiIXaek6spYPy4CIAwIqgq...

170 B
188 B

52ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_hm=Y56SZ2zB9pFp319T0YbHvwAABGUAAAIB&google_nid=index&google_push=AavPq0PpqtIj3UnDiIXaek6spYPy4CIAwIqgqd2cztuud47yOmWnOP9cZWR3PNbnBM4H_UaBwO9MFZ-1hKrta9fuCE1iOxHG8SFbbEI

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnceXJqYxgsQE3ygWHwZfjSVES8S2qeTL4dkfa%2Fj0%2BtjWTyIGrwhTnEnrzH2k8PxDVVHEPt2fB7wkVYheFkIE0BabMi7rwz6j0JoyIrQgJud3sRHnoElaN7c2RRdJm2ec%2FMq8q2hmCcJNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_hm=Y56SZ2zB9pFp319T0YbHvwAABGUAAAIB&google_nid=index&google_push=AavPq0PpqtIj3UnDiIXaek6spYPy4CIAwIqgqd2cztuud47yOmWnOP9cZWR3PNbnBM4H_UaBwO9MFZ-1hKrta9fuCE1iOxHG8SFbbEI
cache-control: no-cache
cf-ray: 77b50aa6f982696f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 12AF
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECvVty7zYWgA0g_om0fVuhI&google_cver=1&google_push=AavPq0OES9aYxDC6BBRM7M3io2wVHtNOcTeWn5yznnyoM9kBVM9jdYEvCuEmVQiTa-s2APaQvzMq9heOAoKp...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OES9aYxDC6BBRM7M3io2wVHtNOcTeWn5yznnyoM9kBVM9jdYEvCuEmVQiTa-s2APaQvzMq9heOAoKpLj3qQDKFwvhqT-Zy5g

170 B
329 B

22ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OES9aYxDC6BBRM7M3io2wVHtNOcTeWn5yznnyoM9kBVM9jdYEvCuEmVQiTa-s2APaQvzMq9heOAoKpLj3qQDKFwvhqT-Zy5g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OES9aYxDC6BBRM7M3io2wVHtNOcTeWn5yznnyoM9kBVM9jdYEvCuEmVQiTa-s2APaQvzMq9heOAoKpLj3qQDKFwvhqT-Zy5g
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 12AF
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN2_PdmuUEE-yJnXf-U4hWU&google_cver=1&google_push=AavPq0N2Zsak7SJzbNGQyD0wRFhIPesTTxZP-IVkX2vr30P5wUZCk5W8vRXCTFds7w2mqttrRgZPmyyP5lC9nkmD6umLI0tkOt...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0N2Zsak7SJzbNGQyD0wRFhIPesTTxZP-IVkX2vr30P5wUZCk5W8vRXCTFds7w2mqttrRgZPmyyP5lC9nkmD6umLI0tkOt9...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg0Mzk2NjMxNTgwMjQwMDM5MzU2NQ%3D%3D&google_push=AavPq0N2Zsak7SJzbNGQyD0wRFhIPesTTxZP-IVkX2vr30P5wUZCk5W8...

170 B
188 B

35ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg0Mzk2NjMxNTgwMjQwMDM5MzU2NQ%3D%3D&google_push=AavPq0N2Zsak7SJzbNGQyD0wRFhIPesTTxZP-IVkX2vr30P5wUZCk5W8vRXCTFds7w2mqttrRgZPmyyP5lC9nkmD6umLI0tkOt9-HQ

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg0Mzk2NjMxNTgwMjQwMDM5MzU2NQ%3D%3D&google_push=AavPq0N2Zsak7SJzbNGQyD0wRFhIPesTTxZP-IVkX2vr30P5wUZCk5W8vRXCTFds7w2mqttrRgZPmyyP5lC9nkmD6umLI0tkOt9-HQ
date: Sun, 18 Dec 2022 04:09:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 12AF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELgGvp8Uig0MIULwwZ4ebuY&google_cver=1&google_push=AavPq0Od2SmtUQWbbt16ercVC6-IUT9Jr1fklEmS7RU69lSg7R8sn0DQcn0S5PpGhat2PJ8YHN...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zV014QmtKRTJ1RWNmWUhXUjVLb0JCbEZOTFB6VmJtSH5B&google_push=AavPq0Od2SmtUQWbbt16ercVC6-IUT9Jr1fklEmS7RU69lSg7R8sn0DQc...

170 B
232 B

19ms
15ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zV014QmtKRTJ1RWNmWUhXUjVLb0JCbEZOTFB6VmJtSH5B&google_push=AavPq0Od2SmtUQWbbt16ercVC6-IUT9Jr1fklEmS7RU69lSg7R8sn0DQcn0S5PpGhat2PJ8YHNO3y6UqCcM7aUDJd6BSd_BsLIOi7E1u

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zV014QmtKRTJ1RWNmWUhXUjVLb0JCbEZOTFB6VmJtSH5B&google_push=AavPq0Od2SmtUQWbbt16ercVC6-IUT9Jr1fklEmS7RU69lSg7R8sn0DQcn0S5PpGhat2PJ8YHNO3y6UqCcM7aUDJd6BSd_BsLIOi7E1u
date: Sun, 18 Dec 2022 04:09:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 12AF 0
40 B 56ms
14ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJ2858jTRaPfX9ZgVq0it1WpPvJGuK7b-1BlRd5XS2i7JMrjmx_KssH5bE3QxpQqEjXeno8Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CD5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHQnIgy-kNJKAXal3e9nQFU&google_cver=1&google_push=AavPq0PO8HRa5a7NdS0IgqhbMpirzx6clB4k_vk__z39ioi1BF34i8t_5uvnsybfYsr1gHghseQNtRsokkHlMKwo609Dih0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PO8HRa5a7NdS0IgqhbMpirzx6clB4k_vk__z39ioi1BF34i8t_5uvnsybfYsr1gHghseQNtRsokkHlMKwo609Dih0m8JBVWbI&google_hm=eS1GT28zUDdSRTJwRWR...

170 B
188 B

36ms
15ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PO8HRa5a7NdS0IgqhbMpirzx6clB4k_vk__z39ioi1BF34i8t_5uvnsybfYsr1gHghseQNtRsokkHlMKwo609Dih0m8JBVWbI&google_hm=eS1GT28zUDdSRTJwRWRqNUkyS0JNNHh4MjlWZTFjU2M1QX5B

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 18 Dec 2022 04:09:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PO8HRa5a7NdS0IgqhbMpirzx6clB4k_vk__z39ioi1BF34i8t_5uvnsybfYsr1gHghseQNtRsokkHlMKwo609Dih0m8JBVWbI&google_hm=eS1GT28zUDdSRTJwRWRqNUkyS0JNNHh4MjlWZTFjU2M1QX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CD5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_hm=Y56SZ2zB9pFp319T0YbHvwAABGUAAAIB&google_nid=index&google_push=AavPq0OChqXsI06YDKtOVXX0piBYAOl9mAWIq...

170 B
188 B

61ms
42ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_hm=Y56SZ2zB9pFp319T0YbHvwAABGUAAAIB&google_nid=index&google_push=AavPq0OChqXsI06YDKtOVXX0piBYAOl9mAWIqb704w6wLJaBlwQDHX5LDsIRsNhWBf7e_bPQ6c_6xmG-Yji0W96aRglarQfo8YBM-Kk

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pw%2FEO%2BoajYEc6sTfLRQl3cRqZcYCktrlgK2Cwp0B1a99KTuAvhHTvBj2KoxM109I3aSE0mpen8ZVtmTRt1Z2b3HIOKuPAVIhLSkyzQDS1BaNGFp4nauM%2BJq4XECQddNYz%2BE0a29pwK3fgw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENOYMRpLkj5MvKcEW862Blo&google_hm=Y56SZ2zB9pFp319T0YbHvwAABGUAAAIB&google_nid=index&google_push=AavPq0OChqXsI06YDKtOVXX0piBYAOl9mAWIqb704w6wLJaBlwQDHX5LDsIRsNhWBf7e_bPQ6c_6xmG-Yji0W96aRglarQfo8YBM-Kk
cache-control: no-cache
cf-ray: 77b50aa6f980696f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CD5
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPIbR3AimkWvPEPB3S3HleA&google_cver=1&google_push=AavPq0N4fJR1lXVh1XKrlKLgFhIpWP7lO56NBa90ZXZa8TS0TVk4ItWqbfrLJYgWpL2szrZKtMFCJW5bSRlFbClh...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0N4fJR1lXVh1XKrlKLgFhIpWP7lO56NBa90ZXZa8TS0TVk4ItWqbfrLJYgWpL2szrZKtMFCJW5bSRlFbClhvJfFXQGri3IwVew

170 B
188 B

33ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0N4fJR1lXVh1XKrlKLgFhIpWP7lO56NBa90ZXZa8TS0TVk4ItWqbfrLJYgWpL2szrZKtMFCJW5bSRlFbClhvJfFXQGri3IwVew

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 18 Dec 2022 04:09:11 GMT
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0N4fJR1lXVh1XKrlKLgFhIpWP7lO56NBa90ZXZa8TS0TVk4ItWqbfrLJYgWpL2szrZKtMFCJW5bSRlFbClhvJfFXQGri3IwVew
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: gFHtew20uhDWjqRqS2ZwUVJuAKGBcZxiUVdQimVBmqKWj4WIkldupA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CD5
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEPOeRkqubTS23gM2Gyd5Xfs&google_cver=1&google_push=AavPq0Nz8RUrt8Qd34e9yyQjQMmvRJJZDKw7kOqMB9-C9mc_45o146MkO9HNSp7nT1H1XHRiG9b110-evNuxoxNPVUCO6O...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPOeRkqubTS23gM2Gyd5Xfs&google_cver=1&google_push=AavPq0Nz8RUrt8Qd34e9yyQjQMmvRJJZDKw7kOqMB9-C9mc_45o146MkO9HNSp7nT1H1XHRiG9b110-evNuxoxNP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GdoBbBb-T3iI72BWtiIaxQ&google_push=AavPq0Nz8RUrt8Qd34e9yyQjQMmvRJJZDKw7kOqMB9-C9mc_45o146MkO9HNSp7nT1H1XHRiG9b110-evNuxoxN...

170 B
188 B

30ms
25ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GdoBbBb-T3iI72BWtiIaxQ&google_push=AavPq0Nz8RUrt8Qd34e9yyQjQMmvRJJZDKw7kOqMB9-C9mc_45o146MkO9HNSp7nT1H1XHRiG9b110-evNuxoxNPVUCO6OyNqdvyCQ

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GdoBbBb-T3iI72BWtiIaxQ&google_push=AavPq0Nz8RUrt8Qd34e9yyQjQMmvRJJZDKw7kOqMB9-C9mc_45o146MkO9HNSp7nT1H1XHRiG9b110-evNuxoxNPVUCO6OyNqdvyCQ
access-control-allow-origin: *
date: Sun, 18 Dec 2022 04:09:11 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CD5
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN2_PdmuUEE-yJnXf-U4hWU&google_cver=1&google_push=AavPq0P7VHmIAdrCtlFIY5bq20imI6ITw81z_lLDx5HBKzSN6RPEPg_wHze7AR9SlXZq5Uc9qTWlAypqOeAFQHYqqOp6-ZiEWd...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0P7VHmIAdrCtlFIY5bq20imI6ITw81z_lLDx5HBKzSN6RPEPg_wHze7AR9SlXZq5Uc9qTWlAypqOeAFQHYqqOp6-ZiEWdn...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg0Mzk2NjMxNTgwMjQwMDM5MzU2NQ%3D%3D&google_push=AavPq0P7VHmIAdrCtlFIY5bq20imI6ITw81z_lLDx5HBKzSN6RPEPg_w...

170 B
188 B

36ms
32ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg0Mzk2NjMxNTgwMjQwMDM5MzU2NQ%3D%3D&google_push=AavPq0P7VHmIAdrCtlFIY5bq20imI6ITw81z_lLDx5HBKzSN6RPEPg_wHze7AR9SlXZq5Uc9qTWlAypqOeAFQHYqqOp6-ZiEWdnpXtU

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg0Mzk2NjMxNTgwMjQwMDM5MzU2NQ%3D%3D&google_push=AavPq0P7VHmIAdrCtlFIY5bq20imI6ITw81z_lLDx5HBKzSN6RPEPg_wHze7AR9SlXZq5Uc9qTWlAypqOeAFQHYqqOp6-ZiEWdnpXtU
date: Sun, 18 Dec 2022 04:09:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 0CD5 0
75 B 129ms
28ms Image
text/plain 185.86.137.108
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEE2f70shE3q3vg8HXAGk93A&google_cver=1&google_push=AavPq0P4WRj1iNgGzfyji3FAllZQcTnbG01oLSiv8aYmQpEHcM8wCjPSHAY9OOU4KCIae46wt8e7Ghwl_8MmBVAK4bagRiB3IbUVQVs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:10 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 0CD5
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECvVty7zYWgA0g_om0fVuhI&google_cver=1&google_push=AavPq0Mtdf5Umixk9vHiIbhFMpPtlKccH6Daioxncz3sSwjZUAy00gVkbLiF-PVD_2MbXTMrcLFoMnS3V0c...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0Mtdf5Umixk9vHiIbhFMpPtlKccH6Daioxncz3sSwjZUAy00gVkbLiF-PVD_2MbXTMrcLFoMnS3V0cf-t6NSHASR659MlzosVY
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

16ms
7ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0CD5 0
232 B 52ms
14ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J_ESp-PbWhubiywAPxbDtvSStCkycH3n1QfLBImiHnidKXtXyPMOgxv9WtO4xVLiBOWRMPTg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 507F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECY7CTFFhsprFGi5TOFMTMQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECY7CTFFhsprFGi5TOFMTMQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q0hXeVFka0ExUDZLWjk1&google_gid=CAESECY7CTFFhsprFGi5TOFMTMQ&google_cver=1&google_push=AavPq0Oj4NhegldKOejgauA4VgkSAonxnrqVw8JQ2Nfzdys...

170 B
188 B

57ms
41ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q0hXeVFka0ExUDZLWjk1&google_gid=CAESECY7CTFFhsprFGi5TOFMTMQ&google_cver=1&google_push=AavPq0Oj4NhegldKOejgauA4VgkSAonxnrqVw8JQ2NfzdysqIBL_Qw_ELuROwRb2DV4h_3DAtJ4KYr760yX5RVQD1reC9rHHjmpZKVM

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Dec 2022 04:09:11 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-050264eaa58f9e669@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q0hXeVFka0ExUDZLWjk1&google_gid=CAESECY7CTFFhsprFGi5TOFMTMQ&google_cver=1&google_push=AavPq0Oj4NhegldKOejgauA4VgkSAonxnrqVw8JQ2NfzdysqIBL_Qw_ELuROwRb2DV4h_3DAtJ4KYr760yX5RVQD1reC9rHHjmpZKVM
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 507F 0
173 B 45ms
13ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMAz666vfhWiTQv5LMOIkV0&google_cver=1&google_push=AavPq0Nj6aNnf3bIJiPyYtTNpWamJRgG7c6QjRQgT3oJAk4k3u1cytXm-jCvL7-6AvdG3Dkqduy8-tWBHwiLAPgwdZuA_NWGyDz_n4Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 507F
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEUSaF9cnpOatOfxy1yLeI4&google_cver=1&google_push=AavPq0NtwzCOntlgl79RmqwUtv_JptqbWWYaqSoBMBCLP5RK-snuUFZFSBwAzHaLj0WLwpaNcdJO7MyYVuKYti20gKSY...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NtwzCOntlgl79RmqwUtv_JptqbWWYaqSoBMBCLP5RK-snuUFZFSBwAzHaLj0WLwpaNcdJO7MyYVuKYti20gKSYUX1EFsw0tg&google_hm=CG61aM2IRHSfUyPuyFjlvg==

170 B
188 B

35ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NtwzCOntlgl79RmqwUtv_JptqbWWYaqSoBMBCLP5RK-snuUFZFSBwAzHaLj0WLwpaNcdJO7MyYVuKYti20gKSYUX1EFsw0tg&google_hm=CG61aM2IRHSfUyPuyFjlvg==

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NtwzCOntlgl79RmqwUtv_JptqbWWYaqSoBMBCLP5RK-snuUFZFSBwAzHaLj0WLwpaNcdJO7MyYVuKYti20gKSYUX1EFsw0tg&google_hm=CG61aM2IRHSfUyPuyFjlvg==
date: Sun, 18 Dec 2022 04:09:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 507F
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELka9b7w93hvbmoL-wh7Vd8&google_cver=1&google_push=AavPq0N3GBhGfHzwWbVEOsJqA8vpluj_KZ0LWw6_9sz-D5mkFbvDXIfwEZSQD7w_H7oHLfd_UaxEpUdz_xfOcVuoY...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELka9b7w93hvbmoL-wh7Vd8&google_cver=1&google_push=AavPq0N3GBhGfHzwWbVEOsJqA8vpluj_KZ0LWw6_9sz-D5mkFbvDXIfwEZSQD7w_H7oHLfd_UaxEpUdz_xfOcVuoY...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0N3GBhGfHzwWbVEOsJqA8vpluj_KZ0LWw6_9sz-D5mkFbvDXIfwEZSQD7w_H7oHLfd_UaxEpUdz_xfOcVuoYp_uQpN3NWWUM5w&google_hm=F1a5vGZHQ2_afuAIQIS...

170 B
188 B

39ms
34ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0N3GBhGfHzwWbVEOsJqA8vpluj_KZ0LWw6_9sz-D5mkFbvDXIfwEZSQD7w_H7oHLfd_UaxEpUdz_xfOcVuoYp_uQpN3NWWUM5w&google_hm=F1a5vGZHQ2_afuAIQISUn0hL

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 18 Dec 2022 04:09:11 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0N3GBhGfHzwWbVEOsJqA8vpluj_KZ0LWw6_9sz-D5mkFbvDXIfwEZSQD7w_H7oHLfd_UaxEpUdz_xfOcVuoYp_uQpN3NWWUM5w&google_hm=F1a5vGZHQ2_afuAIQISUn0hL
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 507F
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPIbR3AimkWvPEPB3S3HleA&google_cver=1&google_push=AavPq0NVGWMg0I_tHkki6PQxuRbBFrfZVziTRLeMSYhB8HCtI5HTIIT_WI7m1PpC4bupLP7p7n0lKYd1JjDY6Xgt...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NVGWMg0I_tHkki6PQxuRbBFrfZVziTRLeMSYhB8HCtI5HTIIT_WI7m1PpC4bupLP7p7n0lKYd1JjDY6XgtBCeJxmOt09AaxqE

170 B
188 B

34ms
20ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NVGWMg0I_tHkki6PQxuRbBFrfZVziTRLeMSYhB8HCtI5HTIIT_WI7m1PpC4bupLP7p7n0lKYd1JjDY6XgtBCeJxmOt09AaxqE

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 18 Dec 2022 04:09:11 GMT
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NVGWMg0I_tHkki6PQxuRbBFrfZVziTRLeMSYhB8HCtI5HTIIT_WI7m1PpC4bupLP7p7n0lKYd1JjDY6XgtBCeJxmOt09AaxqE
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: AiBXAQxoFsWQogMMequVWaO4LFELgX6VAutgaJDwAO7Kw_-fOkqC_w==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 507F
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN2_PdmuUEE-yJnXf-U4hWU&google_cver=1&google_push=AavPq0PE5YO6LfSLr9-5NUFbiJQpKxdqoEYHxdU99-QD8t2hZmQxc9_8LAXDI22iw5RdZBxCyrbDRIACrIqDy9UCsAu_wHYOwv...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PE5YO6LfSLr9-5NUFbiJQpKxdqoEYHxdU99-QD8t2hZmQxc9_8LAXDI22iw5RdZBxCyrbDRIACrIqDy9UCsAu_wHYOwv6...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg0Mzk2NjMxNTgwMjQwMDM5MzU2NQ%3D%3D&google_push=AavPq0PE5YO6LfSLr9-5NUFbiJQpKxdqoEYHxdU99-QD8t2hZmQxc9_8...

170 B
188 B

24ms
19ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg0Mzk2NjMxNTgwMjQwMDM5MzU2NQ%3D%3D&google_push=AavPq0PE5YO6LfSLr9-5NUFbiJQpKxdqoEYHxdU99-QD8t2hZmQxc9_8LAXDI22iw5RdZBxCyrbDRIACrIqDy9UCsAu_wHYOwv6_Jo4

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg0Mzk2NjMxNTgwMjQwMDM5MzU2NQ%3D%3D&google_push=AavPq0PE5YO6LfSLr9-5NUFbiJQpKxdqoEYHxdU99-QD8t2hZmQxc9_8LAXDI22iw5RdZBxCyrbDRIACrIqDy9UCsAu_wHYOwv6_Jo4
date: Sun, 18 Dec 2022 04:09:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 507F
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBeoA-tgaJSM-h3zKioEgaE&google_cver=1&google_push=AavPq0M9RizA9xSeU...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEBeoA-tgaJSM-h3zKioEgaE%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njg5MTQ3MzY4NjI3MTU0MDg1&google_gid=CAESEBeoA-tgaJSM-h3zKioEgaE&google_cver=1&google_push=AavPq0M9RizA9xSeUARKf1WGdFO6dCd-zAMor6cywH...

170 B
188 B

57ms
39ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njg5MTQ3MzY4NjI3MTU0MDg1&google_gid=CAESEBeoA-tgaJSM-h3zKioEgaE&google_cver=1&google_push=AavPq0M9RizA9xSeUARKf1WGdFO6dCd-zAMor6cywHicPZa0EPZv7D29xd2jbgAbjk_KKX2xb6zL4IS1JolRahgOHQeLOzn4aPKgu_3G

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 18 Dec 2022 04:09:11 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.30; 217.64.151.30; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4dd088b6-aaf5-457d-89cc-0c006d732b4b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njg5MTQ3MzY4NjI3MTU0MDg1&google_gid=CAESEBeoA-tgaJSM-h3zKioEgaE&google_cver=1&google_push=AavPq0M9RizA9xSeUARKf1WGdFO6dCd-zAMor6cywHicPZa0EPZv7D29xd2jbgAbjk_KKX2xb6zL4IS1JolRahgOHQeLOzn4aPKgu_3G
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 507F 0
49 B 36ms
15ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1PgzEr8CKOqadNEiLWgbzdmEyrRc9XNmfaCx60zRpEJ0CgzE10Me6EJHLYDrhADsjl8U16w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
13 KB 309ms
308ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418127904971085&correlator=1132572689422717&eid=31070233%2C676982961%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22304838115%2Cpelotainvernal%2Cdesktop_sidebar_01%2Cdesktop_inread_1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x600%2C728x90&ifi=8&adks=2344183488%2C1811199381&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.04%26hb_adid_rubicon%3D2220c0c78d03192%26hb_bidder_rubicon%3DITBHB%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.04%26hb_adid%3D2220c0c78d03192%26hb_bidder%3DITBHB%7Chb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D21660f3502d84f1%26hb_bidder_rubicon%3DITBHB%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D21660f3502d84f1%26hb_bidder%3DITBHB&eri=1&sc=1&cookie=ID%3D6fb24eb131bbc96f%3AT%3D1671336549%3AS%3DALNI_MatR30gj4BD4-rhlEG2t0v1C_cRCg&gpic=UID%3D00000b93d6c9ca3f%3AT%3D1671336549%3ART%3D1671336549%3AS%3DALNI_MaXhHZjhrb6R4a7vbf70K6-mAdkYw&abxe=1&dt=1671336551474&lmt=1671336551&dlt=1671336548476&idt=916&adxs=1149%2C275&adys=575%2C512&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=300x600%7C975x90&msz=300x600%7C975x90&fws=0%2C0&ohw=0%2C0&ga_vid=2044881066.1671336549&ga_sid=1671336549&ga_hid=526327406&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e33348c5cad0a84dea736e614dcea3bdd0078419e5ea106687c5f57bedfbf991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13139
x-xss-protection: 0
google-lineitem-id: 6009024233,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138391571107,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 317 B
168 B 42ms
39ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcb68dbdc8d49383906fc9935a65bd830d2f42a5e36eaca0951db3e0f5544d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 564F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

18ms
18ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:11 GMT
expires: Sun, 18 Dec 2022 04:09:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8893 36 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 20:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 20:48:37 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6601 42 B
64 B 157ms
107ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXlqClZxwn3cloV61UK1vsGZMG1zmKDOH4mYVI7sS_GlqIb6p3PPCyf67mCTfqoMesBSmaDL2ks3iqowOcB98kCy0xENSiO-dhP4M36xVLXSj-XTat6Dnr3H3dGPO0YTXAsqqvcg&sai=AMfl-YQvaehM4K_Dt42Ozhynm6Ys8u2HjqzQ8Q2zxOaOahRikvTgeQkxzoKuejj17aGdqT8DUJ6xgDmdT-gzzH0&sig=Cg0ArKJSzCVSUHeOkLmVEAE&cid=CAQSGwDq26N9x10sMxUKHW4oqZVvChzRD9LahqcD7hgBIBM&id=lidar2&mcvt=1023&p=0,0,100,1298&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=88850195&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671336549380&rpt=1079&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E4B6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31661cc49ad194662c03f1d553b028f1753d0bacb10df8865e87c3dc4a7ffb77

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET 35H11_051670841845.xml
vast.vidoomy.com/pro/ftp-pro/620/ 0
0

GET 59C11_221671190042.xml
vast.vidoomy.com/pro/ftp-pro/681/ 0
0

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 97ms
32ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fpelotainvernal.com%2F&cb=1662549771&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C153887582096497800806629498%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:11 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.003929
X-SpotX-Timing-Transform: 0.000256
Content-Encoding: gzip
X-SpotX-Timing-SpotMarket: 0.003929
X-SpotX-Timing-Page-Require: 0.000288
X-fe: 104
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.002961
X-SpotX-Timing-Page-Cookie: 0.000024
Content-Length: 79
X-SpotX-Timing-Page: 0.007915
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000242
Last-Modified: Sun, 18 Dec 2022 04:09:11 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://pelotainvernal.com
X-SpotX-Timing-Page-Exception: 0.000001
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000009
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-Mux: 0.000205
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 830 B
1 KB 191ms
184ms XHR
application/xml 92.122.244.32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C153887582096497800879362638%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.244.32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-122-244-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a907540f294a24326e21b5ffae1e76ceeb6b6fb3041eadd4dd3350012a030da5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Dec 2022 04:09:11 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 830
x-sticky-vk: 1671336551483021-565
Expires: Sun, 18 Dec 2022 04:09:11 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 69D9 3 KB
4 KB 88ms
32ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28240833
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fH8LdYsKz9HpULk7q2TozkiIIzxOmTU1JJAE95PN23uFAqJXwDgoJI5RdpP3eSVsstxEdhhkYlXd%2B%2FcZgLGBPFHm4CJaYloRtS11fixoDcMUOytg2lzwgAc2YAAPUhTnInO59lDE6cNMFZDfDnj4JcqQ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 77b50aa76b039b34-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame F00D 2 KB
1 KB 44ms
38ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1843437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 77b50aa71c119156-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 18 Dec 2022 04:09:11 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gf0b9Kq8F%2FMJ9TKVt%2B%2FDLCeX92GyaftnLIPbGIaZ%2Br0Y3x0uMHQ8C2Kp9bM0NaEB43VmAKVHL1MjH13ihYXm8NxTt%2F0q3n8vjVAhFJSyJnxSU2YT68mo7zzuD7nfLjGkzk1kz%2FY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame CF32 2 KB
1 KB 20ms
15ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1843437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 77b50aa71c159156-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 18 Dec 2022 04:09:11 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiaHbNobgj%2FkksXils16sbCLZnucT4NQsNgLqN%2FApFakVgGjsIvu0%2BXs1bJ9Q57wsU2tacZhRVirsRaXX4eaCtIAZfoYK8TqIfkD5sUHR7xt6pbDtLbs5MW1WcYZ3pSOWqkeTfk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E4B6 0
17 B 103ms
101ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Czih9ZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoEwgFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncAbXbyYlysqTsmXbvNp1DdjHsB6WaPk3KDfN4Zx_ZILsWB6wLxSdoAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMTM5MTM0ODgzNzA4NzYxGAA&sigh=x4ZSq211CFM&uach_m=[UACH]&cid=CAQSOwDq26N9AZq-wjDyt1YVH8T0TZOUAB5XRQNVhR5zFgGXy4EIm8hnHKCU5e7M-yomDQBCsK6kNcgSy5mAGAEgEw&vis=1

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 18 Dec 2022 04:09:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E4B6 0
103 B 94ms
47ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kdhb3rtq8n3ggvwsgzb9jq15fge8edpxm3f10vdq08b6a4h6kth6gysan078xnmazw99pypseeftknkrmtw0vh0c9gqnnqybh8y4r0eryfff346jha0137qm9qyt7xv0c0qmvrf2rsynp5eqrr39mh3tqk4sczwqntc2p3sbty1xjk7r238waeszzqv9ydf0zwy24976jd4zsm66tmqqk45rc3xgnc5rj8q9x828ete93rkqvh8ve9bbwd9nqx2cgr13fq8nc2p9g2ngh3aj4fq6vsgft2687bx40pvq3eamrx59tzkpdadgk92rh9tgxjty5cfht699052cyy0ghsfejksjee2xsc1xey58vpky2ymztzep5j1a9r69r358kd9fk882w&b=Y56SZQAMrucH_YF9AArbZXpFHd-e-z8B5PnZ0Q
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 18 Dec 2022 04:09:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B70 0
20 B 116ms
97ms Ping
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEmJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDMKDRAKIQAAAMDMzBhAMAQKDRANIQAAAAAAAAAAMAQKDhAeKggxMDA1eDEyNDAECg4QGSoIMTAwNXgxMjQwBAoNEA4hAAAAAJCZuT8wBAoNEAQhAAAAMzMTgkAwBAoNEA8hAAAAAKCZuT8wBAoNECshAAAAAACAUUAwBAoNEAUhAACAzMwUgkAwBAoNEBAhAAAAAAC-sUAwBAoNEBEhAAAAAECg00AwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAAAAZmZWhEAwBAoNEBQhAAAAAMBj1kAwBAoNEBUhAAAAAAAALkAwBAoNEBYhAAAAAAAAHEAwBAoNEBghAACAmZllhkAwBAoNEDIhAAAAADAz0z8wBAoNEDMhAAAAADAz0z8wBAoNEDQhAAAAADAz0z8wBAoNEDUhAAAAADAz0z8wBAoNEDYhAAAAADAz0z8wBAoNEDchAAAAADAz0z8wBAoNEDghAAAAADMz-z8wBAoNEDkhAAAAAAAAHkAwBAoNEDohAAAAIDMzIUAwBAoNEDshAACAmZlNhEAwBAoNEDwhAACAmZlNhEAwBAoNED0hAAAAZmZWhEAwBAoNED4hAACAmZkZhkAwBAoNED8hAACAmZkZhkAwBAoNEEAhAACAmZmBhkAwBBIaQ0tpazZlcWxndndDRlgyQl9RY2RaZHNLOFEiFnRleHQvdmFuaWxsYV9oaWdobGlnaHQoAw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ev Show response
s.seedtag.com/e/ 0
15 B 71ms
47ms XHR
text/plain 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/ev
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.9100ea3f41d5301dbd48.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
via: 1.1 google
server: nginx
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: https://pelotainvernal.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 61ms
60ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03dde0116f8f95a75e0247d3a17dcafa6e9c5599463b063ce6fc750c145630ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11323
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 69D9 1 KB
2 KB 58ms
56ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba27833c9c8b0ea5d187370411c8215cb87b7aa9f8471c6199ee22add2c32704

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4A%2Byfn41do%2F51%2FjWwx6lJuTR6Fd1C3dq1zHR9kcUUNbBGqbBXEG4I2C%2BbIVCpU9zZLnnkifM%2FkcrhI%2FU9yN%2B%2BkEkuzzZ%2ByOfzEcg1KpJvVtb7o2YC853QZmYgEnHoPax7O4FcKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 77b50aa8b81a6919-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame C269 1 KB
2 KB 58ms
55ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 834e41840553ab871c74aefa0dfc8b156f01fc5f4f83ca2d1efcc8f61148f766

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mESqJzvu2NoigP2iKs4fujAGGO4tdEZ1wbPGNd1%2FAjMguGz6oEINKNDReEuxxGbUWLr1CzuCAsX7mG9%2B30awKCjCtUqfhHmfr2nEA%2FWRgYYrYmJ3Y8nDmwO2rxfP37X01n0ekLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 77b50aa8b8166919-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 50ms
30ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77b50aa88fe36919-FRA
content-length: 24
content-type: text/plain
date: Sun, 18 Dec 2022 04:09:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qplaCzPtbja5uOB2bHsjxUVtBttKtjkbfvdxcb5drbEpBXpZNicC0hJyF43JkQzwCcRyBeu0H8TRLpYUG1sRzuJLX9WGCWAA1fU%2FBVBh82qPPqY%2BX17SY%2BVWHa4SoAMg77PmOO0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 47ms
28ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77b50aa88fe26919-FRA
content-length: 24
content-type: text/plain
date: Sun, 18 Dec 2022 04:09:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ybEAYDWDpTwSW8n3wSAX8KVIi1GCoWVXHYIjuIsJ1hmxswKc5A4jwv%2BvMU8r4j4IsthCuTXH4OKsSBEwqFpiQshYIVZWb8CBjZ6sZopqpTl80QRhxc7slzyO8Pfv8s2Yd0vNfQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

GET
H2 200 35H11_051670841845.xml Show response
vast.vidoomy.com/pro/ftp-pro/620/ 1 KB
843 B 160ms
44ms XHR
text/xml 2a02:6ea0:f400::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.vidoomy.com/pro/ftp-pro/620/35H11_051670841845.xml
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:f400::4 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7a2d0e62728d546f564846d2fcc27df2bd4fddb454589154260e7e6b0d6a3a87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-nzt: AamW8op7zo3/Ds0GAA
x-accel-expires: @1671927641
date: Sun, 18 Dec 2022 04:09:11 GMT
x-77-pop: zagrebHR
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 12:39:25 GMT
server: CDN77-Turbo
etag: W/"639720fd-497"
x-77-nzt-ray: bcd92b1f7c4be94c67929e630ed9be34
x-cache: HIT
content-type: text/xml
access-control-allow-origin: *
x-77-cache: HIT
x-age: 445710

GET
H2 200 59C11_221671190042.xml Show response
vast.vidoomy.com/pro/ftp-pro/681/ 1 KB
796 B 161ms
45ms XHR
text/xml 2a02:6ea0:f400::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.vidoomy.com/pro/ftp-pro/681/59C11_221671190042.xml
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:f400::4 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 974f1f5f52ab72486ae7e799bd88cd0c19d05bbf2407e0d5920e016bbd4cca64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-nzt: AamW8oqug1r/gzYCAA
x-accel-expires: @1672228324
date: Sun, 18 Dec 2022 04:09:11 GMT
x-77-pop: zagrebHR
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 11:27:34 GMT
server: CDN77-Turbo
etag: W/"639c5626-449"
x-77-nzt-ray: bcd92b1f7c4be94c67929e639c0ac534
x-cache: HIT
content-type: text/xml
access-control-allow-origin: *
x-77-cache: HIT
x-age: 145027

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 89ms
78ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 04:09:11 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 79ms
15ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: AS623DQBY0CG4WQ2
age: 63
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 77b50aa95b069193-FRA
x-amz-id-2: opH3n6Ss4TlDtfyjukoygT4YC9ks6ezIdzU29iyaBzEnETZcFBMAM6rnMr/Jv2PsgS8/3mqoHZ4=

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
818 B 48ms
13ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 18 Dec 2022 04:09:11 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 42056
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
x-served-by: cache-fra-eddf8230064-FRA, cache-hhn-etou8220098-HHN
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 108ms
22ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 19 Dec 2022 04:09:11 GMT

GET
H3 200 container.html Show response
a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A6D4 6 KB
3 KB 28ms
27ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:09 GMT
expires: Mon, 18 Dec 2023 04:09:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 931D 6 KB
3 KB 29ms
27ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:09 GMT
expires: Mon, 18 Dec 2023 04:09:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame E6D7 9 KB
4 KB 30ms
27ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=ba5e7d7edf55835fc6356a217a9cd93a%2F10823066702166494865&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551812&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwbv43sw1ztaam93fhx18kjdysmdnbfqnhzqvmqx07cz7cnep2xcd53g08fjnn9tcwewf24h1nvtvefr035n704wfzz8cwzkyfsmtk5yhg52egzyg1sqn8rvjmpfffnvzt8z88qk8trnwmtfjd9pnqsz7qrcsq745yj7tvhnvyjebyc0d32zn45dtx3s98eyjny8zt12skpy3mze4x10sm8ctbc0w6qfeks71xk16feagn397dtp82vs6zhqkyrjxmevhfhj38c7wne72fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ecddbbdb2c6e99fc9caa65d3a21125b84683d542c304f4c50c962382e32a15

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gb1rfa1efdy0anddn1ggtwbnxr5tv5jj987fxjrpqs6fnb7rph3evsr2m3h1gtm6729x3ayf36bffeq1smd3tp345ytnxs86df0tny5jvkgqxqzfmzt4ya0zhwsmhwvakx760xkb09gp5jpj03wkv1jkxbta9xb4zrrvf7dywsn5sp41c6sv4khzrrx1pp9wszbmew5agry2m8pk5qkc1tpy0t0w4v1p5zrgtzs94b53tc7vg3awkb1xwg6tm0xcb51xe9c9fw7r5wrgf14rj53aqp5qmzfbj35nzy0pkzhpsnax1qe3t3s69zfysske146trx2fj0k47ywncscx1cd52jh4z0fawxsm9sp7cyzsza0www7gf5nts0tf7kbq61vjg458392xtv64xvzf93wssv0jtsr3wsdq59t5bcphf07q2mh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%26client%3Dca-pub-3139134883708761%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77b50aa95e459156-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 1BF2 9 KB
4 KB 47ms
31ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C19491%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=120&d=600&e=&g=fb53d5b6e7560729ac6b301b253d2b90%2F5748129953402504728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551817&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gz79rq8csqnwds2vy0bzek1k720ghstsqrxxp924tkr0ky2pk6brysbjv3m7r2vg36ac1dhhe7jzkm1hccwyv25enee9eb2qqgnb1vrshr4w3bdx16kvs4g0gqj3awr4hrba7nfdkersvdvrkf69ty22aw022mrzvksh9drhpn8qrb997yanc405knhkpeytavs40yaeaddd94s8fc2h2ebbk0qhm8gwbk9x6h7twh24e43cjjv2nz58xzhqx7t7x8py71yq7ttqd3p0nk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05e80638055ab0f23d6df4b19eacdae9932a4f9cfcbe7dd95659649b1827585a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jywgh6f7jyp4rqnnfyzsehh16m4rm54rcf228qqgrx929xaesvrxqa0vktf06scqbefyasbdayrw8pg4fta33pjddadfjvejwqdt3yv96q5pt2t9xb50j2g3brrm0ef406yesrahx4wc8q07kbc3kgr9kf37nrvbpdhwj68gxrtte0tmd7fx08y3kbhsffakadpd7qzxr3vnbsw22y3aeahpqpsm9tb5t5sf8w8rgz8c9yb7t8g6ke42y4fxzr4w2ektmqk7xc05s2b1b82ajevty2bg04y2tg9gcq9547rfahk78vve0p7wy4dwt73p2kvbbftyytnhfm7j5wzjzmepmqrg12b4krhfstheqmary276pba4vwksqgt9qtqagm9g24k5hdnpet1mm3hbk24nzsvwxq9x2z5qzxt3w1kdxt78vkzm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%26client%3Dca-pub-3139134883708761%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77b50aa98e739156-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 15EE 13 KB
5 KB 44ms
29ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 20:47:52 GMT
expires: Sun, 17 Dec 2023 20:47:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 091B 783 B
536 B 31ms
19ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8f58f57adad63dc6be052b7cc960aadbf622e5c08f0335b59b0326ebb9aacdc0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ROPAN6FGuCkiZn6hkM67mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-ROPAN6FGuCkiZn6hkM67mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:11 GMT
expires: Sun, 18 Dec 2022 04:09:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 t Show response
t.lkqd.net/ Frame 53A1 0
166 B 121ms
89ms XHR
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sun, 18 Dec 2022 04:09:12 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 102ms
97ms Preflight
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 18 Dec 2022 04:09:12 GMT
server: nginx

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame E6D7 89 KB
11 KB 56ms
50ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=ba5e7d7edf55835fc6356a217a9cd93a%2F10823066702166494865&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551812&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwbv43sw1ztaam93fhx18kjdysmdnbfqnhzqvmqx07cz7cnep2xcd53g08fjnn9tcwewf24h1nvtvefr035n704wfzz8cwzkyfsmtk5yhg52egzyg1sqn8rvjmpfffnvzt8z88qk8trnwmtfjd9pnqsz7qrcsq745yj7tvhnvyjebyc0d32zn45dtx3s98eyjny8zt12skpy3mze4x10sm8ctbc0w6qfeks71xk16feagn397dtp82vs6zhqkyrjxmevhfhj38c7wne72fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=ba5e7d7edf55835fc6356a217a9cd93a%2F10823066702166494865&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551812&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwbv43sw1ztaam93fhx18kjdysmdnbfqnhzqvmqx07cz7cnep2xcd53g08fjnn9tcwewf24h1nvtvefr035n704wfzz8cwzkyfsmtk5yhg52egzyg1sqn8rvjmpfffnvzt8z88qk8trnwmtfjd9pnqsz7qrcsq745yj7tvhnvyjebyc0d32zn45dtx3s98eyjny8zt12skpy3mze4x10sm8ctbc0w6qfeks71xk16feagn397dtp82vs6zhqkyrjxmevhfhj38c7wne72fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 400918
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAhQyqQnG9BldPsdPfPGaLCgcgtkUDQY1mIthqXUWCoDcl%2FKKaXzNMmkJNMbZ%2FreN7zcTV3HCz6AgPauZd7xUzdsvCPOl3PcmhwIZHeCSDeRFqLuqhg0wddfhp0nVKZdhIIL62VcHkY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77b50aaa0f499156-FRA
expires: Sun, 18 Dec 2022 05:09:12 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame E6D7 53 KB
54 KB 80ms
65ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=ba5e7d7edf55835fc6356a217a9cd93a%2F10823066702166494865&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551812&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwbv43sw1ztaam93fhx18kjdysmdnbfqnhzqvmqx07cz7cnep2xcd53g08fjnn9tcwewf24h1nvtvefr035n704wfzz8cwzkyfsmtk5yhg52egzyg1sqn8rvjmpfffnvzt8z88qk8trnwmtfjd9pnqsz7qrcsq745yj7tvhnvyjebyc0d32zn45dtx3s98eyjny8zt12skpy3mze4x10sm8ctbc0w6qfeks71xk16feagn397dtp82vs6zhqkyrjxmevhfhj38c7wne72fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2016741
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkNiYo2fNhgrf8hTBIOVnB0h8eTSXtOmsF4PWxutELoTa5RGiXMU6Vc%2Fv%2Fo363b3f%2FuEORz%2BbVSOtKZroz1paqm8DW5Dlpd3R21qkM9RYdghX1a8ZiNDO09YQPmOfCactlLrNWjOWHgrA3hV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50aaa0cfa91ea-FRA
expires: Mon, 19 Dec 2022 04:09:12 GMT

GET
H3 200 3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame E6D7 11 KB
11 KB 49ms
26ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=ba5e7d7edf55835fc6356a217a9cd93a%2F10823066702166494865&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551812&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwbv43sw1ztaam93fhx18kjdysmdnbfqnhzqvmqx07cz7cnep2xcd53g08fjnn9tcwewf24h1nvtvefr035n704wfzz8cwzkyfsmtk5yhg52egzyg1sqn8rvjmpfffnvzt8z88qk8trnwmtfjd9pnqsz7qrcsq745yj7tvhnvyjebyc0d32zn45dtx3s98eyjny8zt12skpy3mze4x10sm8ctbc0w6qfeks71xk16feagn397dtp82vs6zhqkyrjxmevhfhj38c7wne72fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41692
cf-polished: qual=85, origFmt=jpeg, origSize=46259
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10888
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:09:44 GMT
server: cloudflare
etag: "b2cf554576629d98986c459034c76d1a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSlRVvR1KyVBhT%2FLAfzGcwY5%2FY%2BkD8%2Blx1h50OV2v1w2iOEwiR5LKbukuFSDcmP8h%2BusZ7f9sTHTRe1lWWrP4Qp1Wk65xhOP%2F84o1D5Ud2nW7YLFirQ%2FxkJp0mE2UQeIYISC%2BWKBFLpK%2FUIC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50aaa9ff59156-FRA
expires: Mon, 19 Dec 2022 04:09:12 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame E6D7
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJ--9eulgvwCFfOg_QcdgzkCrw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022121805091279606048099X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_N...

49 B
1 KB

78ms
30ms

Image
image/gif

78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022121805091279606048099X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022121805091279606048099X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=ba5e7d7edf55835fc6356a217a9cd93a%2F10823066702166494865&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551812&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwbv43sw1ztaam93fhx18kjdysmdnbfqnhzqvmqx07cz7cnep2xcd53g08fjnn9tcwewf24h1nvtvefr035n704wfzz8cwzkyfsmtk5yhg52egzyg1sqn8rvjmpfffnvzt8z88qk8trnwmtfjd9pnqsz7qrcsq745yj7tvhnvyjebyc0d32zn45dtx3s98eyjny8zt12skpy3mze4x10sm8ctbc0w6qfeks71xk16feagn397dtp82vs6zhqkyrjxmevhfhj38c7wne72fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:12 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022121805091279606048099X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022121805091279606048099X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
date: Sun, 18 Dec 2022 04:09:12 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame E6D7 9 KB
10 KB 50ms
17ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=ba5e7d7edf55835fc6356a217a9cd93a%2F10823066702166494865&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551812&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwbv43sw1ztaam93fhx18kjdysmdnbfqnhzqvmqx07cz7cnep2xcd53g08fjnn9tcwewf24h1nvtvefr035n704wfzz8cwzkyfsmtk5yhg52egzyg1sqn8rvjmpfffnvzt8z88qk8trnwmtfjd9pnqsz7qrcsq745yj7tvhnvyjebyc0d32zn45dtx3s98eyjny8zt12skpy3mze4x10sm8ctbc0w6qfeks71xk16feagn397dtp82vs6zhqkyrjxmevhfhj38c7wne72fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2009237
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEkKN2EUj68lL%2FDu%2BcqXLkpJRawu178UAfLLd5lGEoqTMSeDU4B7gy84jKVwAEji0pzfIcQi4Ex934n4NWYlnCn%2FGKs5N6XgoP1Jgfznjmxs9VaHFodsciq1Sr91bv1CgwPWSDfwSWFd5iS%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50aaab80d9156-FRA
expires: Mon, 19 Dec 2022 04:09:12 GMT

GET
H3 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame E6D7 20 KB
20 KB 52ms
19ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=ba5e7d7edf55835fc6356a217a9cd93a%2F10823066702166494865&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551812&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwbv43sw1ztaam93fhx18kjdysmdnbfqnhzqvmqx07cz7cnep2xcd53g08fjnn9tcwewf24h1nvtvefr035n704wfzz8cwzkyfsmtk5yhg52egzyg1sqn8rvjmpfffnvzt8z88qk8trnwmtfjd9pnqsz7qrcsq745yj7tvhnvyjebyc0d32zn45dtx3s98eyjny8zt12skpy3mze4x10sm8ctbc0w6qfeks71xk16feagn397dtp82vs6zhqkyrjxmevhfhj38c7wne72fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41689
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:32:10 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsGQv4fQdqrDb246bXpSU9pXz6F0KpJkWPDMxaYWW1s7hy4agLfhhoQak7NTc0SjOc3sc6eBAr5fCluzCJSUfcEUuWM%2BaGkj4MJv7bdMkHzAMZo9aH9gLMHieRF0%2B49jgECTT%2B37vTpK2zlt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50aaab80f9156-FRA
expires: Mon, 19 Dec 2022 04:09:12 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame E6D7
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CPa79eulgvwCFU1F4AodIjwGdQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022121805091279606048101X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

49 B
1 KB

74ms
27ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022121805091279606048101X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=ba5e7d7edf55835fc6356a217a9cd93a%2F10823066702166494865&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551812&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwbv43sw1ztaam93fhx18kjdysmdnbfqnhzqvmqx07cz7cnep2xcd53g08fjnn9tcwewf24h1nvtvefr035n704wfzz8cwzkyfsmtk5yhg52egzyg1sqn8rvjmpfffnvzt8z88qk8trnwmtfjd9pnqsz7qrcsq745yj7tvhnvyjebyc0d32zn45dtx3s98eyjny8zt12skpy3mze4x10sm8ctbc0w6qfeks71xk16feagn397dtp82vs6zhqkyrjxmevhfhj38c7wne72fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:12 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022121805091279606048101X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date: Sun, 18 Dec 2022 04:09:12 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame E6D7 16 KB
16 KB 56ms
23ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=ba5e7d7edf55835fc6356a217a9cd93a%2F10823066702166494865&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551812&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwbv43sw1ztaam93fhx18kjdysmdnbfqnhzqvmqx07cz7cnep2xcd53g08fjnn9tcwewf24h1nvtvefr035n704wfzz8cwzkyfsmtk5yhg52egzyg1sqn8rvjmpfffnvzt8z88qk8trnwmtfjd9pnqsz7qrcsq745yj7tvhnvyjebyc0d32zn45dtx3s98eyjny8zt12skpy3mze4x10sm8ctbc0w6qfeks71xk16feagn397dtp82vs6zhqkyrjxmevhfhj38c7wne72fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2456145
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzDMaJSzUhsDMniDDQScW4LLSVbRM9FS93iADMoqhy3e9lfiK1YYwXwE%2BZurPH01cm52KHQBT14ozpZgfFwpyBSbyN1Pt6bVy%2BS8LvpNVjHjZR4Z5t9CtynjCbO6p70RKZqngX6INfQu47iJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50aaab8109156-FRA
expires: Mon, 19 Dec 2022 04:09:12 GMT

GET
H3 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame E6D7 222 KB
222 KB 61ms
29ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=ba5e7d7edf55835fc6356a217a9cd93a%2F10823066702166494865&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551812&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwbv43sw1ztaam93fhx18kjdysmdnbfqnhzqvmqx07cz7cnep2xcd53g08fjnn9tcwewf24h1nvtvefr035n704wfzz8cwzkyfsmtk5yhg52egzyg1sqn8rvjmpfffnvzt8z88qk8trnwmtfjd9pnqsz7qrcsq745yj7tvhnvyjebyc0d32zn45dtx3s98eyjny8zt12skpy3mze4x10sm8ctbc0w6qfeks71xk16feagn397dtp82vs6zhqkyrjxmevhfhj38c7wne72fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1293110
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGnMyDfCctVpVA9XPbHQYf6RN1K2bBmfxWr4HS7g3f9uCYwyItd03R5G4KTv2jd2vUoAFxwDdExLqfIA64SDT9aSdRAfnndlYH4Kbjks2sPqhBEvdwJR9wzpLDg2AKagnojosxjB0%2Bmfcoz1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50aaab8129156-FRA
expires: Mon, 19 Dec 2022 04:09:12 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame E6D7
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1671336552_ba7f2ef0-7e89-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=

0
640 B

548ms
37ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1671336552_ba7f2ef0-7e89-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=ba5e7d7edf55835fc6356a217a9cd93a%2F10823066702166494865&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551812&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwbv43sw1ztaam93fhx18kjdysmdnbfqnhzqvmqx07cz7cnep2xcd53g08fjnn9tcwewf24h1nvtvefr035n704wfzz8cwzkyfsmtk5yhg52egzyg1sqn8rvjmpfffnvzt8z88qk8trnwmtfjd9pnqsz7qrcsq745yj7tvhnvyjebyc0d32zn45dtx3s98eyjny8zt12skpy3mze4x10sm8ctbc0w6qfeks71xk16feagn397dtp82vs6zhqkyrjxmevhfhj38c7wne72fg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9d2jZZKeY-bdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0Oa21dPDbnDVfBIm7hsZzu9qij8yWNWzbE_yXRRcLJ0x-ivyDVIMxDnFCdFXtfvksd7hSo0xJ2FUNn5XRHMgfiNJD22ShDlSENhhtGpQV-qt25l9xQMZhiz4zYv1cA6OFs-jTEEe9TIrSLqueQ8xCJIkFaFjsw9zSDzSHSbQFfEcKZLX12-DOFkaNibJd4qV8ximwAJqa5tbvPBhoTJ1NtqAzBLxX7lv3MawpD5DHAa9QWZBwunjJ9XgiV4Fn_yJUnbvm4AGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3zPbmqn1U_XUkrdAIfM4OpY1jS_A%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
via: 1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
content-type: text/html; charset=UTF-8
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 517342634
cache-control: no-cache
cf-ray: 77b50aaf782f5ba4-FRA
expires: -1

Redirect headers

Date: Sun, 18 Dec 2022 04:09:12 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1671336552_ba7f2ef0-7e89-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A6D4 0
0 84ms
82ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVCH-Z5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT4AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkfCpBLWsqX4m36xcyQlc6fD47Z-Nr-v0aVrr9WJHaunO03Hn75VK4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03ODcyMjI4NTg3NDYwMzMzGMe1eQ&sigh=xO0LO7f6VYQ&uach_m=[UACH]&cid=CAQSOwDq26N95yaxj2fLFHX4JmTo0w8k81-fKQz1XfKN05Idn8ZMFtZP_bed9kPNCYkLO8WDA6VWzHF8gjQQGAEgEw
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame A6D4 0
0 115ms
32ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jechwv0677036fsacysn6gak82xgxkv65cjw3taayw5dymn8fe89p13dzrfy3k1h94hzf94mz95yegnt1znwyeg2hefk7djycnkc1s8fkq2v7mysjkcnm7ckdxajmt1d3qchqegrxgnvdee6sv6d5p08qqgxt101tge7hpa9nt3mcjrkfx9gk0643kb340saxgevrzn0v4aykhbbmtrwjzjdk8savmk4t9qte0033wd8qztmghxn2vjkxzfqh0dcp2s5djawn3h5ettwjmv9yw4dwtkvtxnk34qsztgpba2mc2msrvyacfqpevc64gtexwz8yvndh56shp237828n2cpbek9ekxd59pt9369kgm2vn719zf0c9m94sa14rxrfzsggx0mr&b=Y56SZwAIBMIKd6eBAAimIPfAcVOrBlMIxu2Z9A
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 18 Dec 2022 04:09:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame C94C 2 KB
2 KB 87ms
84ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gpncggc5wee9j6ejqjvxpzmexrh01fep2nqmqxqbdcj3dcne0c5hdczp0ktvr7w200a392zj2kns1g4ac33xm7txhh177hq9rdk43nph3x119y3ecbyd83f6220w8k96g1wjsqm2g17etg9gg1cgx65jse534hfcmq778b9jvzkghedk18d6q8emnae13spktjc0x4w3t05nd931zze2npzmqw1r4cpf0vd52n9997chkaxz88s7ax0dn70mjrzggjdrwb0qwts3yz9bjgp3mg2e9mfhbk3azvt3j9tcns3bq6pewfje957be2tcr3c99pc8aeqcq2ae1baa03198ek79a4t2p9wfhhwb5s21hgm64hskhkct6ry40g5pe2mb9efts27cqpz4fpvmma2mftfv7ebwxnmv20s88j8b2h9btxfz80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%26client%3Dca-pub-7872228587460333%26adurl%3D

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36ff5240c8c658db74770dbd4343a900aa7d5d029d5f407505b8189299b7dc88

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77b50aaa2f7c9156-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:12 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A6D4 3 KB
1 KB 92ms
92ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 12F2 1 KB
643 B 104ms
101ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 18 Dec 2022 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A6D4 18 KB
7 KB 104ms
103ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 08:19:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A6D4 0
0 121ms
120ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQma7AyDsn7tOBqW7xEg04HqGv15UpYT8oFIS4wotcmq9PUo0RtzIQWt-uWJWveGDaJLENaGnoRCkrUjhM1LvLAsnXVCQ
Requested by: Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A6D4 24 KB
6 KB 107ms
106ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 20:11:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 374260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 13 Dec 2023 20:11:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6D4 153 KB
47 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 04:09:12 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 1BF2 89 KB
11 KB 61ms
60ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=120&d=600&e=&g=fb53d5b6e7560729ac6b301b253d2b90%2F5748129953402504728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551817&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gz79rq8csqnwds2vy0bzek1k720ghstsqrxxp924tkr0ky2pk6brysbjv3m7r2vg36ac1dhhe7jzkm1hccwyv25enee9eb2qqgnb1vrshr4w3bdx16kvs4g0gqj3awr4hrba7nfdkersvdvrkf69ty22aw022mrzvksh9drhpn8qrb997yanc405knhkpeytavs40yaeaddd94s8fc2h2ebbk0qhm8gwbk9x6h7twh24e43cjjv2nz58xzhqx7t7x8py71yq7ttqd3p0nk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=120&d=600&e=&g=fb53d5b6e7560729ac6b301b253d2b90%2F5748129953402504728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551817&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gz79rq8csqnwds2vy0bzek1k720ghstsqrxxp924tkr0ky2pk6brysbjv3m7r2vg36ac1dhhe7jzkm1hccwyv25enee9eb2qqgnb1vrshr4w3bdx16kvs4g0gqj3awr4hrba7nfdkersvdvrkf69ty22aw022mrzvksh9drhpn8qrb997yanc405knhkpeytavs40yaeaddd94s8fc2h2ebbk0qhm8gwbk9x6h7twh24e43cjjv2nz58xzhqx7t7x8py71yq7ttqd3p0nk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 400918
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BMc3jP3wxpVGQROWfT52xg4PqA3zydMwHW9EYEUmlN2hqfJJX%2BuUmDD0eR2YYDfZwvGK2DJk7c%2Fg%2FTXjdZQ3pBfvVbAcn%2BTQyptnXCZ4Vbb%2F0xh4VA9ksPEQFC0H6EI1Hlo5gYFQ0Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77b50aaa2f8b9156-FRA
expires: Sun, 18 Dec 2022 05:09:12 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 1BF2 53 KB
54 KB 138ms
137ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=120&d=600&e=&g=fb53d5b6e7560729ac6b301b253d2b90%2F5748129953402504728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551817&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gz79rq8csqnwds2vy0bzek1k720ghstsqrxxp924tkr0ky2pk6brysbjv3m7r2vg36ac1dhhe7jzkm1hccwyv25enee9eb2qqgnb1vrshr4w3bdx16kvs4g0gqj3awr4hrba7nfdkersvdvrkf69ty22aw022mrzvksh9drhpn8qrb997yanc405knhkpeytavs40yaeaddd94s8fc2h2ebbk0qhm8gwbk9x6h7twh24e43cjjv2nz58xzhqx7t7x8py71yq7ttqd3p0nk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2016741
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbhP0ldnoOZMEVDv9Cjop0qhBytuxy4I8FFfVglPD%2BcPc7cqrpLH3upHylNckaXlNZW5QmVqPskJecuv%2F8CHXf198Gm%2FrBDxJLf%2FfnoorIVNxZEETNLqw9xbXm8mxGgKouCP0DsiPT6hdMf0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50aaa2d2291ea-FRA
expires: Mon, 19 Dec 2022 04:09:12 GMT

GET
H3 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 1BF2 23 KB
23 KB 139ms
107ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=120&d=600&e=&g=fb53d5b6e7560729ac6b301b253d2b90%2F5748129953402504728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551817&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gz79rq8csqnwds2vy0bzek1k720ghstsqrxxp924tkr0ky2pk6brysbjv3m7r2vg36ac1dhhe7jzkm1hccwyv25enee9eb2qqgnb1vrshr4w3bdx16kvs4g0gqj3awr4hrba7nfdkersvdvrkf69ty22aw022mrzvksh9drhpn8qrb997yanc405knhkpeytavs40yaeaddd94s8fc2h2ebbk0qhm8gwbk9x6h7twh24e43cjjv2nz58xzhqx7t7x8py71yq7ttqd3p0nk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 428545
cf-polished: qual=85, origFmt=jpeg, origSize=132437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23154
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRRdj%2FNOuq07KRjeB6uAE6QqrnUTY5okaj%2FjGQ25aY79tzVF5Wcn071SHIQ098ws9XU1N95xSE72E1mvWvLFDC%2BK9dKKUPtT8QLM3bnmX%2F11gAGP634h5C0%2B2oBy37l2hQONh1SWwUlxyYId"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50aaab8149156-FRA
expires: Mon, 19 Dec 2022 04:09:12 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 1BF2
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIy79eulgvwCFabtuwgdS34D8A;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022121805091279606048105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Ne...

49 B
1 KB

76ms
28ms

Image
image/gif

78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022121805091279606048105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022121805091279606048105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=120&d=600&e=&g=fb53d5b6e7560729ac6b301b253d2b90%2F5748129953402504728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551817&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gz79rq8csqnwds2vy0bzek1k720ghstsqrxxp924tkr0ky2pk6brysbjv3m7r2vg36ac1dhhe7jzkm1hccwyv25enee9eb2qqgnb1vrshr4w3bdx16kvs4g0gqj3awr4hrba7nfdkersvdvrkf69ty22aw022mrzvksh9drhpn8qrb997yanc405knhkpeytavs40yaeaddd94s8fc2h2ebbk0qhm8gwbk9x6h7twh24e43cjjv2nz58xzhqx7t7x8py71yq7ttqd3p0nk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:12 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022121805091279606048105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022121805091279606048105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
date: Sun, 18 Dec 2022 04:09:12 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 1BF2 9 KB
10 KB 194ms
163ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=120&d=600&e=&g=fb53d5b6e7560729ac6b301b253d2b90%2F5748129953402504728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551817&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gz79rq8csqnwds2vy0bzek1k720ghstsqrxxp924tkr0ky2pk6brysbjv3m7r2vg36ac1dhhe7jzkm1hccwyv25enee9eb2qqgnb1vrshr4w3bdx16kvs4g0gqj3awr4hrba7nfdkersvdvrkf69ty22aw022mrzvksh9drhpn8qrb997yanc405knhkpeytavs40yaeaddd94s8fc2h2ebbk0qhm8gwbk9x6h7twh24e43cjjv2nz58xzhqx7t7x8py71yq7ttqd3p0nk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2009237
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEeUkmvJjazv3L6MouDfQseuNSTzoiOuZxMICp1BFLTtITgIF1BZyL0vyBYOfeXh09NAOmyMSnCX0O1srvn70W7nO5nE0aTDw6nz7HOuKXmoJReePiDzQXM8X%2F2MDvijbOPJn3IpkafiB1tB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50aaab8179156-FRA
expires: Mon, 19 Dec 2022 04:09:12 GMT

GET
H3 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 1BF2 20 KB
20 KB 59ms
27ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=120&d=600&e=&g=fb53d5b6e7560729ac6b301b253d2b90%2F5748129953402504728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551817&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gz79rq8csqnwds2vy0bzek1k720ghstsqrxxp924tkr0ky2pk6brysbjv3m7r2vg36ac1dhhe7jzkm1hccwyv25enee9eb2qqgnb1vrshr4w3bdx16kvs4g0gqj3awr4hrba7nfdkersvdvrkf69ty22aw022mrzvksh9drhpn8qrb997yanc405knhkpeytavs40yaeaddd94s8fc2h2ebbk0qhm8gwbk9x6h7twh24e43cjjv2nz58xzhqx7t7x8py71yq7ttqd3p0nk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41689
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:32:10 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0jZOXmC8V10HwX%2BkHzHByjTslZzFMnAnH6T%2FRhdq1%2FL83scLllCynV7hgtp6ngBvV27GlD4fwoMoFIgPybUz6hglowZsd%2FPsvci9WkOUndzwMVHwt9KR1No5oYoEHKdMj1tMhBC%2Fdh33%2B%2Fd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50aaab8189156-FRA
expires: Mon, 19 Dec 2022 04:09:12 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 1BF2
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CJX29eulgvwCFY8y4Aody_MI4g;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022121805091279606048103X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netm...

49 B
1 KB

72ms
24ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022121805091279606048103X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=120&d=600&e=&g=fb53d5b6e7560729ac6b301b253d2b90%2F5748129953402504728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551817&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gz79rq8csqnwds2vy0bzek1k720ghstsqrxxp924tkr0ky2pk6brysbjv3m7r2vg36ac1dhhe7jzkm1hccwyv25enee9eb2qqgnb1vrshr4w3bdx16kvs4g0gqj3awr4hrba7nfdkersvdvrkf69ty22aw022mrzvksh9drhpn8qrb997yanc405knhkpeytavs40yaeaddd94s8fc2h2ebbk0qhm8gwbk9x6h7twh24e43cjjv2nz58xzhqx7t7x8py71yq7ttqd3p0nk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:12 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022121805091279606048103X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
date: Sun, 18 Dec 2022 04:09:12 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 1BF2 16 KB
16 KB 145ms
114ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=120&d=600&e=&g=fb53d5b6e7560729ac6b301b253d2b90%2F5748129953402504728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551817&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gz79rq8csqnwds2vy0bzek1k720ghstsqrxxp924tkr0ky2pk6brysbjv3m7r2vg36ac1dhhe7jzkm1hccwyv25enee9eb2qqgnb1vrshr4w3bdx16kvs4g0gqj3awr4hrba7nfdkersvdvrkf69ty22aw022mrzvksh9drhpn8qrb997yanc405knhkpeytavs40yaeaddd94s8fc2h2ebbk0qhm8gwbk9x6h7twh24e43cjjv2nz58xzhqx7t7x8py71yq7ttqd3p0nk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2456145
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQ3aM%2BV62Zgq%2FQOQjkbDeYqB4SaL%2F72BEkAy5iesVVbdKSRJEv2DvuAe23YL5X64cpwXLRGfRx09yudXVxmkhxBliOer3GYiep14W8HnvdPnA5v1xP%2FovSZ%2BrQNegnUG9yZHkuiBTdIBxqPY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50aaab8199156-FRA
expires: Mon, 19 Dec 2022 04:09:12 GMT

GET
H3 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 1BF2 222 KB
222 KB 150ms
120ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=120&d=600&e=&g=fb53d5b6e7560729ac6b301b253d2b90%2F5748129953402504728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551817&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gz79rq8csqnwds2vy0bzek1k720ghstsqrxxp924tkr0ky2pk6brysbjv3m7r2vg36ac1dhhe7jzkm1hccwyv25enee9eb2qqgnb1vrshr4w3bdx16kvs4g0gqj3awr4hrba7nfdkersvdvrkf69ty22aw022mrzvksh9drhpn8qrb997yanc405knhkpeytavs40yaeaddd94s8fc2h2ebbk0qhm8gwbk9x6h7twh24e43cjjv2nz58xzhqx7t7x8py71yq7ttqd3p0nk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1293110
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYnDZ0KpG0P9R0l3A8i%2BihioUzgwuRQTFayHBbHcwhVJaRqi3RSJZAmT1TuzLlk8ZBmo%2FnxYXIjABLZfLhum0TL%2FkCY9gfc%2FcgUulirw0np1jC5UQPBEC72Z46mGNqBnB3nmxmSvrswn0itS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50aaab81a9156-FRA
expires: Mon, 19 Dec 2022 04:09:12 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 1BF2
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1671336552_ba7fa420-7e89-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=

0
269 B

549ms
38ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1671336552_ba7fa420-7e89-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=120&d=600&e=&g=fb53d5b6e7560729ac6b301b253d2b90%2F5748129953402504728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336551817&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gz79rq8csqnwds2vy0bzek1k720ghstsqrxxp924tkr0ky2pk6brysbjv3m7r2vg36ac1dhhe7jzkm1hccwyv25enee9eb2qqgnb1vrshr4w3bdx16kvs4g0gqj3awr4hrba7nfdkersvdvrkf69ty22aw022mrzvksh9drhpn8qrb997yanc405knhkpeytavs40yaeaddd94s8fc2h2ebbk0qhm8gwbk9x6h7twh24e43cjjv2nz58xzhqx7t7x8py71yq7ttqd3p0nk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRZgiZZKeY-fdMv2C9u8P5bariA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMTM5MTM0ODgzNzA4NzYxyAEJqQLOG7AQ3cKxPqgDAaoExQFP0OQAVDbnAAdiFiNkuMrOiNKQ35MxPabX_Ewh8USK8Q-gVoXMA0FBRJd7cbLEkV8fqfvHuQAR-ZOfsYKRp2JtDj5SHQO4YF8vUtJE0OyxzPrfNOYJCF0CI_-7FLf2pX8CV0WjyYlBJSwtcLK1kTXU_EJIiOZXQmu1cRdnxzVMRV9455sCbxIA1HpSiPk7Zd5TOUiHEMq1hHy4ncBZX50KQNKtDgEQJmWznaWRJ9Rw9KnKxH1f9c_jBQYVnXivHCMSvmsZeYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Z-ZoOOKHQGck6z2jtikuJ9hZikA%2526client%253Dca-pub-3139134883708761%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
via: 1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
content-type: text/html; charset=UTF-8
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 517342636
cache-control: no-cache
cf-ray: 77b50aaf78305ba4-FRA
expires: -1

Redirect headers

Date: Sun, 18 Dec 2022 04:09:12 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1671336552_ba7fa420-7e89-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 931D 24 KB
6 KB 87ms
86ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 20:11:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 374260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 13 Dec 2023 20:11:32 GMT

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 931D 27 KB
9 KB 63ms
62ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 18 Dec 2022 04:09:12 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 35103
x-jsd-version: 1.14.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9244
x-served-by: cache-fra-eddf8230118-FRA, cache-hhn-etou8220098-HHN
x-jsd-version-type: version
etag: W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 931D 153 KB
47 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 04:09:12 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
95ms Preflight
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 18 Dec 2022 04:09:12 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 53A1 0
166 B 103ms
95ms XHR
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sun, 18 Dec 2022 04:09:12 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad.js Show response
ad.lkqd.net/vpaid/ Frame 810F 8 KB
2 KB 30ms
29ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/ad.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 4a85bbd945d370b499409eeca2ac0a1ca75110c514373441b77a8ec397c4d7db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
content-encoding: gzip
x-sp-metadata: HS256.CPjA+pwGEogBCiQxNjllNTExMS03ZGQwLTQxMDYtOTc2Mi1hY2U3ZTI4YzBkYmIQkKbXzNb5+wIaBgjopPqcBiINMjE3LjY0LjE1MS4zMCj0oAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDdhNjBiMTVlLWRlMGEtNGI4NS1iNzk2LTFiY2ExZjc1NGNiNBiBECIYCAISFGNkczI2My5sbzQuaHdjZG4ubmV0.lHmoeCWo/OXituwYhI/ybFoZ5ahwCtuLF6RxWvDuu/M=
last-modified: Fri, 20 Dec 2019 22:17:27 GMT
etag: "b701f7cb2e7466f01798a9e3c2203ca5"
x-hw: 1671336552.cds035.lo4.hn,1671336552.cds263.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 2049

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 t Show response
t.lkqd.net/ Frame 53A1 0
166 B 93ms
92ms XHR
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sun, 18 Dec 2022 04:09:12 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 123ms
85ms Preflight
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 18 Dec 2022 04:09:12 GMT
server: nginx

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 181ms
11ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sun, 18 Dec 2022 04:09:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1C9F 15 KB
6 KB 17ms
16ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pelotainvernal.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 755150
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 091B 0
0 55ms
51ms Image
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=418127904971085&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 206 EADE2687C3966F9EA5FB08280B777818_0x0_19.mp4
creative.lkqd.net/430/video/ 3 MB
3 MB 98ms
21ms Media
video/mp4 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.lkqd.net/430/video/EADE2687C3966F9EA5FB08280B777818_0x0_19.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 68c45f895642f204febcbea8c9939dc218f15260d499ed9861d5ec0eba87e3fa

Request headers

Referer: https://pelotainvernal.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
x-sp-metadata: HS256.CPjA+pwGEogBCiQ1MWFjYmQyNi0wYTM2LTQ1NDUtODU3MC0wY2FkMjQyNDliNTYQuI2e8LS4+wIaBgjopPqcBiINMjE3LjY0LjE1MS4zMCjSogIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRotCAESJGI4NDUyYTg0LWNiZTQtNDZlYi1hNDg3LWE2OTY2YzBhYTlmMxje/MwBIhgIAhIUY2RzMjkzLmxvNC5od2Nkbi5uZXQ=.QMsHl0a/gLAjNcvxwIwhcVhGn2lDThmtJ3GyXmtOQcg=
last-modified: Fri, 30 Sep 2022 10:24:13 GMT
etag: "215969023e11c56e8f8762ec98d0f602"
x-hw: 1671336552.cds298.lo4.hn,1671336552.cds293.lo4.c
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-3358301/3358302
cache-control: public, max-age=1209600
accept-ranges: bytes
Content-Length: 3358302

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 931D 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVu1IyupAi75wiHpXUxVTdKpNiXIhpAj9tuPtdySU7CdbrOhRT38hhXAzqjSg0QNc_lL7NLVMidt1F0aAHhfPLaNmKFZVW8ln_x8J02X7S9J-fkZRcDsqAj83-LL-ButJWccfVq0JVbuI_nptrUPwclfJ-iRN9mPDA_22HC4ZPu4zsAndL7e608BGvkqfZu2pWI93dpV06i_s3IFth7p7n7oIGrqxFmELgQ2jcTM41-zHlWq8Fv2oa8w1ZUwYUp_-LIM1JgzSr0EOW_Xg2JujL21hmtxYWPpD6xmG5IyztnyNJw3YnhUFVnF8rknNnehR3E91Wc1L3zkgwfW6XWdso2fKkXjBxQUqiJ0QSkQ&sai=AMfl-YTHV6oKvRdq8cGSnaECVXzuY7Uu17HFlI6n78YzeONtmIvsgTZX6NxZqBPxnYFRnpgiz4O6PUv6gqWheDd13llr1POs-jWFty2teHlsDMBzYZTPd8_AFwMKLScBaZ0y&sig=Cg0ArKJSzP3sIZdpWmOKEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A6D4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 588f44ce369926dd3bb733a3a8c5f40bab1c7f55dd018ce0fea00799b4d1a045

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 931D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ff84e48663432087ad72487f385a38dc2f2ce1b6b657f90fe663a84d9498b9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 15EE 36 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 20:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 20:48:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 931D 0
0 60ms
47ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlUv8RyM5kbmFzhXbH1pp3Vgqjp0n2ZvU2YnIoPjH-psone1txmw8kIZrUAQRvBDVFul_r-Hy-Eekr4mOokJ6Wl16gTLG-fNd4BKBoPW376bBjLGxmmS-9-hFXfNz6PAhjLDOuUJPKlZvczEXL0rop_ntyEyZ9WjOtpzhr3eI8h46aaocBbqPGIY4a8T2VSsXWWbg_tluTdPk3WrnIg6dKkdJNuDgqbzwve6PwbA-gWpFZAqJgr0z585p8ZLAJMY31Arz3vjN0hcKugXVfeOnBjojYXoswGh2wRAMYDOPVJ6L7q5l_QvviTe6AcmpBtsztkv4U-hcmpTM91Kq_ii2FzzqhkTzTfL872BNyGksN&sai=AMfl-YT8ZmFxK5sYY44q4HzlEReJddWVbZSKJ8tJ7SHlA1ZL6euBX-0dPHF7m9zD9qZoxs_90tU6WHE8mWrgzc7SJkrhNpQRDiGs9tg64l-riuR3O27Y1Ld4BF5PFYYJYFzi&sig=Cg0ArKJSzFjZQ4gjuhd1EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 18 Dec 2022 04:09:12 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame C94C 89 KB
11 KB 28ms
28ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gpncggc5wee9j6ejqjvxpzmexrh01fep2nqmqxqbdcj3dcne0c5hdczp0ktvr7w200a392zj2kns1g4ac33xm7txhh177hq9rdk43nph3x119y3ecbyd83f6220w8k96g1wjsqm2g17etg9gg1cgx65jse534hfcmq778b9jvzkghedk18d6q8emnae13spktjc0x4w3t05nd931zze2npzmqw1r4cpf0vd52n9997chkaxz88s7ax0dn70mjrzggjdrwb0qwts3yz9bjgp3mg2e9mfhbk3azvt3j9tcns3bq6pewfje957be2tcr3c99pc8aeqcq2ae1baa03198ek79a4t2p9wfhhwb5s21hgm64hskhkct6ry40g5pe2mb9efts27cqpz4fpvmma2mftfv7ebwxnmv20s88j8b2h9btxfz80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%26client%3Dca-pub-7872228587460333%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gpncggc5wee9j6ejqjvxpzmexrh01fep2nqmqxqbdcj3dcne0c5hdczp0ktvr7w200a392zj2kns1g4ac33xm7txhh177hq9rdk43nph3x119y3ecbyd83f6220w8k96g1wjsqm2g17etg9gg1cgx65jse534hfcmq778b9jvzkghedk18d6q8emnae13spktjc0x4w3t05nd931zze2npzmqw1r4cpf0vd52n9997chkaxz88s7ax0dn70mjrzggjdrwb0qwts3yz9bjgp3mg2e9mfhbk3azvt3j9tcns3bq6pewfje957be2tcr3c99pc8aeqcq2ae1baa03198ek79a4t2p9wfhhwb5s21hgm64hskhkct6ry40g5pe2mb9efts27cqpz4fpvmma2mftfv7ebwxnmv20s88j8b2h9btxfz80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%26client%3Dca-pub-7872228587460333%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 400918
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTV8S8X5cDQ7QxZ5ns3hDhkbClGd%2BQQO2EtyxMmp%2Fp33yfdtLw5iYv0eUlZp2V7nsSb29NjOaf1i2nufpRkmD5abChAmTBTxUWiohV3gIzGyZOh42T6ONofEd9GX22lmiWFGq3z%2FTsY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77b50aabb9059156-FRA
expires: Sun, 18 Dec 2022 05:09:12 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame C94C 35 KB
12 KB 17ms
17ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gpncggc5wee9j6ejqjvxpzmexrh01fep2nqmqxqbdcj3dcne0c5hdczp0ktvr7w200a392zj2kns1g4ac33xm7txhh177hq9rdk43nph3x119y3ecbyd83f6220w8k96g1wjsqm2g17etg9gg1cgx65jse534hfcmq778b9jvzkghedk18d6q8emnae13spktjc0x4w3t05nd931zze2npzmqw1r4cpf0vd52n9997chkaxz88s7ax0dn70mjrzggjdrwb0qwts3yz9bjgp3mg2e9mfhbk3azvt3j9tcns3bq6pewfje957be2tcr3c99pc8aeqcq2ae1baa03198ek79a4t2p9wfhhwb5s21hgm64hskhkct6ry40g5pe2mb9efts27cqpz4fpvmma2mftfv7ebwxnmv20s88j8b2h9btxfz80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%26client%3Dca-pub-7872228587460333%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 424253
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RB2wOkNyOemswvU%2FiatBvTEiuD7gXBMC5x8Q9Y2W9OBK%2BdDqfu1tLD8Vnsz6fbfJZfvoQAGvrEn9Ee8NlYIdEe7xbgAVF5VhLRrhG4vveWrZEvuvBIY7npoZBqCGu8108N9fMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 77b50aabb9079156-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 06:18:09 GMT

GET
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame BC8B 138 KB
39 KB 164ms
163ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch?adk=2758585555&adsafe=medium&client=ca-pub-6579838053286784&format=300x600_as&ip=2001:ac8:20:3a00::&output=html&unviewed_position_start=1&url=https://pelotainvernal.com/&sub_client=bidder-447118&hl=de&aceid=MEZbNAGSYDQBmn80AV6ANAEZgTQBQIE0ASmCNAFLgjQBdYI0AZeCNAHZgjQB5YI0AemCNAHrgjQB94I0AQCDNAEHgzQBGIM0ASKDNAEjgzQBOYM0ATyDNAFEgzQBUIM0AVWDNAF6gzQBfoM0AX-DNAGfgzQBrIM0AUtzQQFTc0EBWB5cAjIfXAJ8H1wCF_yIAidCqgIoQqoCKUKqAg9WqgJfW6oCFWCqAi1hqgKAm6oCgZuqAoKbqgJNoKoC2qCqApmoqgKiqKoCM7uqAkW9qgKM3aoCyeKqAqDlqgJU8KoCdPKqAvT1qgJR-KoCJvuqAkL7qgJkB6sCSAyrAsQMqwL0DasCuxCrAq8XqwJjHKsChyWrAg0mqwLcJqsC8ierAlQoqwKxKKsC0yqrAvsrqwI-LqsC5y-rAn4wqwLXMKsC-zCrAikzqwKgOKsC_zirApY5qwJCOqsCDTyrAiM8qwJxPasCJj6rArM-qwK9PqsCyj6rAvc-qwIhQKsCTkGrApJBqwKoQasCF0OrAkBDqwLtQ6sCBkSrApVEqwKkRKsCtkSrAs5FqwKIRqsCpUarAnpIqwKXSasCb0urAn5MqwL4TKsCKe0FAwfafwgKqPsSzaz7Ei_J-xIh1vsSttb7EjPi-xIJ6PsS7PP7EoP4-xIn_vsSYwH8EvYH_BIjCfwScgn8EnkJ_BKJCfwSlwn8ErYJ_BK4CfwS7Ar8Eulb0BPEXNAT91ZrGsjLtS72P59M&awbid_c=AKAmf-Bt8-6RWJb7mbFXapVON7lGXUQO47yKp-Mlhnd-d9n9-ja2pCPUVL8zbTNC3rEX61O5LKOzxNlvwRly4crLZLheMFsydF0ngHKHcKl88DZLMMmpgZ_qf8uekQ9GQQx67YZbAd5J_Fc9aQ_FTB4dkl51ejeiiSLplnJ7gDOkyGIVPzMHiSbR2xfy_4u_RL9A_pStSRfFv5oZKPb61XVbnqOEp6vcVfd7HNmJgB8osHFkxvMfk7rAX16g7B_RwwOx58WWcHCuLRjBUX8h35G_AMcCPZa2AaubxZT9IN3PZ6Zo45BQcuE_nxVCw2dgrGa__QNUsRMJw4aC9gBbwzvrTmQXUFSbc0b0erjS9K086jG0h6tWzZZrZeYQSyebOgugnauCIT_IOFyydopNubrei_mTrelW583JuoUh8ttzixXvEXXynGBA7zZX1GvDzBl2tkyw9Kki0-zwHq5nM3BCxE2oq19trWuQqn2l0nsg8N3G9sLspeZbq4FSg9OFVY_r0n2u3xVBJEx2KpbB-VIbTqnGywSebnAupnnn4DumNZTuk5snq_bKRZgqV8hgb683zKLu7DOMjrta_VSnYi1dE4yGIlDXnJZG_3wihPwRwb99VT311OU&awbid_d=AKAmf-Awwp3y_EyWKPOruiQNvcF0L5cWgdhYQI14SOj2V_ROwlv37Y8LFbwL9-Lw8kBXwSJ6KEB2O2quA1YhILubxXI5do_-lkEeInToL3upv3iZji8LcnULmWz2ihC9GTQGMJ8_EokHXIR-uJNTMKwECWETiusqT6ISYY9L4-vNxoUvr3CCNl4hq2SpnMo7oBPv3K0zdADSe7XOsl8h4MJNhSPi28GWwA65e-SMeATo5PnycR_PGyNDhOYicUWzvH6h0bhliTL5Bn8wUAJ_mRBybFY3XWYwYZAWJHW1Fjwh6kO5X46ITYfdrbTD0-3i0dvs1uz_FjqxU2YTv870mKIgmazLHoxPSSnuZjSfooqSnOUuQAAG4jymwGllrCJ8CA-DRwDlzNKQVqNAJNwHhdMDo6lKTR2S2KYWt_6OO0XDbEbbZKLJmGf6fXATY4SN5J0qqQbwe2lvEYF4Hc8XtHdYsHxj-7Ap0jsqpLnipWI_nDalV-sA4x8b2B_wwTCXDLcobhFaWlzC2yrEp2GZp1p11svdYO_vJh74gqg6281539Ow3nIG4nX83pcXxepMlZj7LAMCYdUfZPY1HVKMKKP9lyifEg7JPtejC1qSfaG7limbTv5ng8L-WTM8Z16zu76kZoRAmdXqcRx2l_faXv5AMXr6JgsToXzjTdWJvDujZZrNBxGqEq5L3CCk5GlkrTdDmgJNv4IjVU0KkCWrIuOBekTUN0ZMP45bcZzbYkAmIoX6a2T-C7AJNqFltr6b-ybQbcOWiawZshOhvr1iPJElPUIfWjtaqGw5MZ45FaIkAJXSJh9HoCuM1qq1A7rppIw6LldBPoiORBWcFldGzRa0O0z5vr-u8FUk_AweDaG9CJ6GiVSAxZHL-J31tlqxGRHIMKvFAs_i-6_GlbjgXfA3jvlqJSzb9P0KhaCAKopQ7V2xfIj_b4bByzmgurZs-D2M4xLAAZDUi7hVhNpC2po6BrjqVbOuG2VqM-mvD4zVt1XN0_YhPymNn46qYH3ts-qN86CQdM9KhSYfQo_wsPXeRV6o6xBWKAlcrr2mz33LBShhx1eeVwjHjRDiRRDVwGz08cjmq6ChU2q6Wlzi8H4MOTt04ZTYn_eLeSo8lLqO4nAqfTc5-0gqUByVHVRUqkcDaoLs0nAPTvycsUai4aIFrajwpIouXSwpv4sHXOq6TpJFYt8o45wmkQNrPchuP5CMjsnn8wONvJwk1bO6OSVfaw8_ZOmEzw&cid=CAQSGwDq26N9N26JFLtXJ7B6W297ZHHgAoSZ11NjHxgBIAo&exk=1512204066&rfl=https%3A%2F%2Fpelotainvernal.com%2F&a_pr=8:3F9BE9E443540BEF

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b7c3607011f758ebcd6fd278efbfa7af8fde88ca2a4399b67eca1c903648c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 39401
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 01CC 7 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 03:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2328
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3003
x-xss-protection: 0
server: cafe
etag: 2660866305706646737
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 04:30:24 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 01CC 0
20 B 70ms
69ms Image
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-AY7qjuUqREk8DkBsz3dyaqKVN4iwF0XYkeHtgju-hR33VINCSRaFZW09JKIO_3XKSwVxhzV_Ulp_wexkMrqZ9okAth0w&pr=8:3F9BE9E443540BEF

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 fcdbd8c3-0365-4f52-9c6c-09088b602df8
beacon-ams3.rubiconproject.com/beacon/d/ Frame 01CC 43 B
354 B 575ms
19ms Image
image/avif 2602:803:c003:200::77
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/fcdbd8c3-0365-4f52-9c6c-09088b602df8?oo=0&accountId=24930&siteId=447118&zoneId=2620778&sizeId=10&e=6A1E40E384DA563B897271DD3FCF7D71F4B143ACF818987FE541A65C45471A2B5C3F4D7527595B5EC703C215C5D5E3C3FE5D718BBE08EF1CB82580E909366BE5E2F6A052CB2FCD9E6820D59250AAB852F763BD6DB093A188460C4968C4DC39F7E11C20D3A0840D4C6B66DE4B58FD39CADDFDF5587655501346EEB1FF93EA307401B161855D5543C4998234B169F03692E8775377AC9196DC1D70DC76E05C02B7896C8188E6B237C8AD2E72943F850CFF898CF63D3ED36F288EC4211A39A48DC2

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Dec 2022 04:09:12 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1C9F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=pelotainvernal.com&sn=ChromeSyncframe&so=3&topUrl=pelotainvernal.com&bundle=t_D5V19PZSUyRjZ1RmVwc3U0JTJCM2FoOUFuWDZIRGttV3pnYk8yeVRZRW1...
https://mug.criteo.com/sid?cpp=6biHqnxFbUlNcldzMnNjbHdIVzl6cTJ5ZkV0TEFRaWtYOW1WU2lOWENwM0Z0eno1aEQ2S1ZrVWdqS1BXZTR0SG1zVVBYREhTVXcwM1pBdGNSZnBkZEU5cURScWtpVTcrNkhSSFRDYW14Ymxaa3RyOUx5cmx5bVJZTjlIRF...

470 B
679 B

20ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=6biHqnxFbUlNcldzMnNjbHdIVzl6cTJ5ZkV0TEFRaWtYOW1WU2lOWENwM0Z0eno1aEQ2S1ZrVWdqS1BXZTR0SG1zVVBYREhTVXcwM1pBdGNSZnBkZEU5cURScWtpVTcrNkhSSFRDYW14Ymxaa3RyOUx5cmx5bVJZTjlIRFM2OUgwL0I5UnRFVG12T05ZVW1CMTlORHcwaTMxZnRQNzVpWGJMZmlZdkYxMTZCN0RPU1VWRkNtbUlHSUp4Nk15TE5tUEFlQ3RIai9sMnJCd09VM0dqdmp2cjBJL2ZqZGVmYVZCYmY1YWpsbk85NEMyVC9hS0hhOGJ0VGdrL2Vjc1dhVkFaYmlFenQxdnFEZWgvTmU5Ulk5MjRvVmhZRURpc09vOXBHVUUwVzg5RlpQYnlXOD18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

53790d646fe0774747dd3632f40d7956f22bd635b64f64bfa5d54cd7de225fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2244993
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=6biHqnxFbUlNcldzMnNjbHdIVzl6cTJ5ZkV0TEFRaWtYOW1WU2lOWENwM0Z0eno1aEQ2S1ZrVWdqS1BXZTR0SG1zVVBYREhTVXcwM1pBdGNSZnBkZEU5cURScWtpVTcrNkhSSFRDYW14Ymxaa3RyOUx5cmx5bVJZTjlIRFM2OUgwL0I5UnRFVG12T05ZVW1CMTlORHcwaTMxZnRQNzVpWGJMZmlZdkYxMTZCN0RPU1VWRkNtbUlHSUp4Nk15TE5tUEFlQ3RIai9sMnJCd09VM0dqdmp2cjBJL2ZqZGVmYVZCYmY1YWpsbk85NEMyVC9hS0hhOGJ0VGdrL2Vjc1dhVkFaYmlFenQxdnFEZWgvTmU5Ulk5MjRvVmhZRURpc09vOXBHVUUwVzg5RlpQYnlXOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 576268
content-length: 0
expires: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 12F2 35 B
362 B 26ms
22ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPw9wkMHuZp6v-t2ZF-JQ70&google_cver=1&google_push=AavPq0O_9b02vY8yScV2atM6wBBX7EdlFMrvb7lH3owf8r67ag6lh6isJDV96ogqmyFhIgV2Vyo3Yt4xVhxknIviooZlxAIx9SQ

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 12F2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELZKKkuXPRqJ4xj-SuD0Zbg&google_cver=1&google_push=AavPq0PX6_BCop9E7qsWkSRRw0j3JE9ROxfl26kwV0_QiTp3f_u7Oli0VMxD23fOuuQp_i2lQ3TTmlXU7HgDn49qIytuzNPC4sg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B4868C7756542A9A29CC97072E476AC&google_push=AavPq0PX6_BCop9E7qsWkSRRw0j3JE9ROxfl26kwV0_QiTp3f_u7Oli0VMxD23fOuuQp_i2lQ3TTmlXU7HgDn49...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B4868C7756542A9A29CC97072E476AC&google_push=AavPq0PX6_BCop9E7qsWkSRRw0j3JE9ROxfl26kwV0_QiTp3f_u7Oli0VMxD23fOuuQp_i2lQ3TTmlXU7HgDn49qIytuzNPC4sg

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 18 Dec 2022 04:09:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B4868C7756542A9A29CC97072E476AC&google_push=AavPq0PX6_BCop9E7qsWkSRRw0j3JE9ROxfl26kwV0_QiTp3f_u7Oli0VMxD23fOuuQp_i2lQ3TTmlXU7HgDn49qIytuzNPC4sg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 17 Dec 2022 04:09:12 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 12F2 70 B
265 B 530ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDZjFPr1F0bDrZC94RyUNLo&google_cver=1&google_push=AavPq0PpaIlWWA7VaD_JtnOkndvuCeku8DQn3ko7Mh4hCx-edhzkDG0LWHzOyU_IvVQcFY72Z7oN-9AnEZZfr9KiowDJxTfpVP-Q
Requested by: Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 18 Dec 2022 04:09:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 12F2
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEB5BtOLhvb73fiL4TRtxO1U&google_cver=1&google_push=AavPq0Pujp6FZdaZeZT3Yech554QFtC3SZZ19z1MofCOKlnsO8Bc833eTq_30sp4jCSzXuwWWI73-PL_Ez-...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pujp6FZdaZeZT3Yech554QFtC3SZZ19z1MofCOKlnsO8Bc833eTq_30sp4jCSzXuwWWI73-PL_Ez-gtI2ZpjFXEy_NTDa2&google_hm=qKTWFLeOQCepENom2q5nPB4

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pujp6FZdaZeZT3Yech554QFtC3SZZ19z1MofCOKlnsO8Bc833eTq_30sp4jCSzXuwWWI73-PL_Ez-gtI2ZpjFXEy_NTDa2&google_hm=qKTWFLeOQCepENom2q5nPB4

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:12 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pujp6FZdaZeZT3Yech554QFtC3SZZ19z1MofCOKlnsO8Bc833eTq_30sp4jCSzXuwWWI73-PL_Ez-gtI2ZpjFXEy_NTDa2&google_hm=qKTWFLeOQCepENom2q5nPB4
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 12F2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHQnIgy-kNJKAXal3e9nQFU&google_cver=1&google_push=AavPq0NC6rdhLS75Cqu-V4DwcU55QsSBDWB6-IkW4Lkn5Nnlw9QResaluXC9jdTiTnQEGDhApjpyxfrThLOqAwGk-_gJLOd...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NC6rdhLS75Cqu-V4DwcU55QsSBDWB6-IkW4Lkn5Nnlw9QResaluXC9jdTiTnQEGDhApjpyxfrThLOqAwGk-_gJLOdPHm4R&google_hm=eS1GT28zUDdSRTJwRWRqNU...

170 B
188 B

19ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NC6rdhLS75Cqu-V4DwcU55QsSBDWB6-IkW4Lkn5Nnlw9QResaluXC9jdTiTnQEGDhApjpyxfrThLOqAwGk-_gJLOdPHm4R&google_hm=eS1GT28zUDdSRTJwRWRqNUkyS0JNNHh4MjlWZTFjU2M1QX5B

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 18 Dec 2022 04:09:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NC6rdhLS75Cqu-V4DwcU55QsSBDWB6-IkW4Lkn5Nnlw9QResaluXC9jdTiTnQEGDhApjpyxfrThLOqAwGk-_gJLOdPHm4R&google_hm=eS1GT28zUDdSRTJwRWRqNUkyS0JNNHh4MjlWZTFjU2M1QX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 12F2
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELITdWzf1vRmWlOmlUMkyeg&google_cver=1&google_push=AavPq0OcS7IEDQQ6El0xx0UufASnXegiZJtVIIANm5bOM9N0uj0bjgQAvE8kIvSVd8ywz1-omO5xNf_F...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELITdWzf1vRmWlOmlUMkyeg&google_cver=1&google_push=AavPq0OcS7IEDQQ6El0xx0UufASnXegiZJtVIIANm5bOM9N0uj0bjgQAvE8kIvSVd8ywz1-omO5...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg1NDY0NDQ5NjY5NTQwNTUx&google_push=AavPq0OcS7IEDQQ6El0xx0UufASnXegiZJtVIIANm5bOM9N0uj0bjgQAvE8kIvSVd8ywz1-omO5xNf_F...

170 B
188 B

20ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg1NDY0NDQ5NjY5NTQwNTUx&google_push=AavPq0OcS7IEDQQ6El0xx0UufASnXegiZJtVIIANm5bOM9N0uj0bjgQAvE8kIvSVd8ywz1-omO5xNf_FcwP2B7OYpYKWeSm1gWp9

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg1NDY0NDQ5NjY5NTQwNTUx&google_push=AavPq0OcS7IEDQQ6El0xx0UufASnXegiZJtVIIANm5bOM9N0uj0bjgQAvE8kIvSVd8ywz1-omO5xNf_FcwP2B7OYpYKWeSm1gWp9
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 12F2 0
12 B 28ms
25ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEBho4TARpnFxeORUqg9UHyFu9s8wfBrX4buEY_f4pSW2s2zdiKU-jxFSrVv3O6g

Requested by

Host: a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
URL: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 57ms
56ms Image
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=418127904971085&vrg=2022120501&nw_id=40135427%2C22304838115&nslots=3&eid=31070233%2C676982961%2C44780792&pub_url=https%3A%2F%2Fpelotainvernal.com%2F&qid=CILZ0OulgvwCFYGndwodIKYI6Q&iu=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&e=0&ret=728x90&req=728x90&bm=0&efh=1&stk=0&ifi=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C94C 3 KB
4 KB 46ms
24ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28240834
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuvaxdrHjgUyiBwCtdgXIUNV%2BV1fIrJVHW%2BGh6aJ%2BYTdAmc2PoWnczXxviWFfTuq2PHfaZJ5dgxQt96FraJliv5fdzrx7VKukK8mJGCvkZmtN2LFc5ZyW0PY0iHJWNZ7ABNAHXILX4URB2lOnf7OhcVd"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 77b50aacbc0a6931-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 77E0 2 KB
1 KB 20ms
20ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1843438
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 77b50aaf5d4c9156-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 18 Dec 2022 04:09:12 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDZ3l8KAgOjySuUaLQ6e1vxd%2Fzp7IpJWBpEBjb6NZxfQ6NXvNDF8%2BiyRYq2SWQOe0LxD23VqskLbES%2F93tTxNx%2BljtrfI7DyIDSu2u2KNwlNdNvA5N5F5B4ZWekWEq8ZYStvJ04%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5B70 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMaLTyWzavt8qLEQxhgVa_DItP22V38dqUkUkfoc-plVrnoSzVyYKXiZ8TlQ8m7bNVGD2ulXHZgNN_WXj_owvnw-BBhc9wjuk32UdamkfTL7iW4BYlzgj94MWG3SAAr97hZ5gcPA&sai=AMfl-YTYhKzK7EINAREiBH0u-PDjgIwfvlC-beMBtdxYQ1H6zmemApJbXcrtbHhzN0hEDCohdSK0NBXKLxFK2Qrk_hd456JKaecuY4lQJlkh9MVRWNBK6eTG4XJIlQv3nw&sig=Cg0ArKJSzHFk6rHDTkPwEAE&cid=CAQSOwDq26N9AZq-wjDyt1YVH8T0TZOUAB5XRQNVhR5zFgGXy4EIm8hnHKCU5e7M-yomDQBCsK6kNcgSy5mAGAEgEw&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=398,1002,1002,1002,1002&tos=398,604,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671336550748&rpt=717&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 15EE 0
10 B 20ms
19ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tQ1QHA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E4B6 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstU_KEF6I_AHkiqT_B4UtJDoJZakP7TvZi52UiMr0h1j_a1--wa8WKSnnMMW4G98XB3IBpkmJop9zcmHeqdBnspjJgz&sig=Cg0ArKJSzN7bJoDY_jJLEAE&cid=CAASF-Ro-XstgP6shFK9ruVlIpjFHarcAwkk&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671336550745&rpt=554&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BC8B 2 KB
535 B 43ms
42ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2758585555&adsafe=medium&client=ca-pub-6579838053286784&format=300x600_as&ip=2001:ac8:20:3a00::&output=html&unviewed_position_start=1&url=https://pelotainvernal.com/&sub_client=bidder-447118&hl=de&aceid=MEZbNAGSYDQBmn80AV6ANAEZgTQBQIE0ASmCNAFLgjQBdYI0AZeCNAHZgjQB5YI0AemCNAHrgjQB94I0AQCDNAEHgzQBGIM0ASKDNAEjgzQBOYM0ATyDNAFEgzQBUIM0AVWDNAF6gzQBfoM0AX-DNAGfgzQBrIM0AUtzQQFTc0EBWB5cAjIfXAJ8H1wCF_yIAidCqgIoQqoCKUKqAg9WqgJfW6oCFWCqAi1hqgKAm6oCgZuqAoKbqgJNoKoC2qCqApmoqgKiqKoCM7uqAkW9qgKM3aoCyeKqAqDlqgJU8KoCdPKqAvT1qgJR-KoCJvuqAkL7qgJkB6sCSAyrAsQMqwL0DasCuxCrAq8XqwJjHKsChyWrAg0mqwLcJqsC8ierAlQoqwKxKKsC0yqrAvsrqwI-LqsC5y-rAn4wqwLXMKsC-zCrAikzqwKgOKsC_zirApY5qwJCOqsCDTyrAiM8qwJxPasCJj6rArM-qwK9PqsCyj6rAvc-qwIhQKsCTkGrApJBqwKoQasCF0OrAkBDqwLtQ6sCBkSrApVEqwKkRKsCtkSrAs5FqwKIRqsCpUarAnpIqwKXSasCb0urAn5MqwL4TKsCKe0FAwfafwgKqPsSzaz7Ei_J-xIh1vsSttb7EjPi-xIJ6PsS7PP7EoP4-xIn_vsSYwH8EvYH_BIjCfwScgn8EnkJ_BKJCfwSlwn8ErYJ_BK4CfwS7Ar8Eulb0BPEXNAT91ZrGsjLtS72P59M&awbid_c=AKAmf-Bt8-6RWJb7mbFXapVON7lGXUQO47yKp-Mlhnd-d9n9-ja2pCPUVL8zbTNC3rEX61O5LKOzxNlvwRly4crLZLheMFsydF0ngHKHcKl88DZLMMmpgZ_qf8uekQ9GQQx67YZbAd5J_Fc9aQ_FTB4dkl51ejeiiSLplnJ7gDOkyGIVPzMHiSbR2xfy_4u_RL9A_pStSRfFv5oZKPb61XVbnqOEp6vcVfd7HNmJgB8osHFkxvMfk7rAX16g7B_RwwOx58WWcHCuLRjBUX8h35G_AMcCPZa2AaubxZT9IN3PZ6Zo45BQcuE_nxVCw2dgrGa__QNUsRMJw4aC9gBbwzvrTmQXUFSbc0b0erjS9K086jG0h6tWzZZrZeYQSyebOgugnauCIT_IOFyydopNubrei_mTrelW583JuoUh8ttzixXvEXXynGBA7zZX1GvDzBl2tkyw9Kki0-zwHq5nM3BCxE2oq19trWuQqn2l0nsg8N3G9sLspeZbq4FSg9OFVY_r0n2u3xVBJEx2KpbB-VIbTqnGywSebnAupnnn4DumNZTuk5snq_bKRZgqV8hgb683zKLu7DOMjrta_VSnYi1dE4yGIlDXnJZG_3wihPwRwb99VT311OU&awbid_d=AKAmf-Awwp3y_EyWKPOruiQNvcF0L5cWgdhYQI14SOj2V_ROwlv37Y8LFbwL9-Lw8kBXwSJ6KEB2O2quA1YhILubxXI5do_-lkEeInToL3upv3iZji8LcnULmWz2ihC9GTQGMJ8_EokHXIR-uJNTMKwECWETiusqT6ISYY9L4-vNxoUvr3CCNl4hq2SpnMo7oBPv3K0zdADSe7XOsl8h4MJNhSPi28GWwA65e-SMeATo5PnycR_PGyNDhOYicUWzvH6h0bhliTL5Bn8wUAJ_mRBybFY3XWYwYZAWJHW1Fjwh6kO5X46ITYfdrbTD0-3i0dvs1uz_FjqxU2YTv870mKIgmazLHoxPSSnuZjSfooqSnOUuQAAG4jymwGllrCJ8CA-DRwDlzNKQVqNAJNwHhdMDo6lKTR2S2KYWt_6OO0XDbEbbZKLJmGf6fXATY4SN5J0qqQbwe2lvEYF4Hc8XtHdYsHxj-7Ap0jsqpLnipWI_nDalV-sA4x8b2B_wwTCXDLcobhFaWlzC2yrEp2GZp1p11svdYO_vJh74gqg6281539Ow3nIG4nX83pcXxepMlZj7LAMCYdUfZPY1HVKMKKP9lyifEg7JPtejC1qSfaG7limbTv5ng8L-WTM8Z16zu76kZoRAmdXqcRx2l_faXv5AMXr6JgsToXzjTdWJvDujZZrNBxGqEq5L3CCk5GlkrTdDmgJNv4IjVU0KkCWrIuOBekTUN0ZMP45bcZzbYkAmIoX6a2T-C7AJNqFltr6b-ybQbcOWiawZshOhvr1iPJElPUIfWjtaqGw5MZ45FaIkAJXSJh9HoCuM1qq1A7rppIw6LldBPoiORBWcFldGzRa0O0z5vr-u8FUk_AweDaG9CJ6GiVSAxZHL-J31tlqxGRHIMKvFAs_i-6_GlbjgXfA3jvlqJSzb9P0KhaCAKopQ7V2xfIj_b4bByzmgurZs-D2M4xLAAZDUi7hVhNpC2po6BrjqVbOuG2VqM-mvD4zVt1XN0_YhPymNn46qYH3ts-qN86CQdM9KhSYfQo_wsPXeRV6o6xBWKAlcrr2mz33LBShhx1eeVwjHjRDiRRDVwGz08cjmq6ChU2q6Wlzi8H4MOTt04ZTYn_eLeSo8lLqO4nAqfTc5-0gqUByVHVRUqkcDaoLs0nAPTvycsUai4aIFrajwpIouXSwpv4sHXOq6TpJFYt8o45wmkQNrPchuP5CMjsnn8wONvJwk1bO6OSVfaw8_ZOmEzw&cid=CAQSGwDq26N9N26JFLtXJ7B6W297ZHHgAoSZ11NjHxgBIAo&exk=1512204066&rfl=https%3A%2F%2Fpelotainvernal.com%2F&a_pr=8:3F9BE9E443540BEF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Dec 2022 04:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Dec 2022 02:48:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Dec 2022 04:09:12 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame BC8B 2 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bc215a872ab9aaae4d909e40ad5ce96594678b55b22717351cea7929bb97a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 09:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
server: cafe
etag: 13101302802994182238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 09:03:30 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame BC8B 30 KB
11 KB 23ms
21ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 00:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Jan 2023 00:48:43 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame BC8B 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbeb9bef20e45478eff214445fd7c36c62f1cbdda84fefc809e475ad1372a6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 00:27:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1280
x-xss-protection: 0
server: cafe
etag: 8058174711348553767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Jan 2023 00:27:55 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame BC8B 26 KB
10 KB 25ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376b9a21cd2e1dfcd781cb7aa717914f69a65b113839cd116436e98939bf4ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 00:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10138
x-xss-protection: 0
server: cafe
etag: 11555303801430025220
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Jan 2023 00:48:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BC8B 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR23-Tu7AF6GkeFGcqh3V3rk0HBTEUHEKlmfglfw3-pcIPC_iPASnDxKRLU7uGOBN1lXujZGjpMoAyrI1hzZp9uAUfkJA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2758585555&adsafe=medium&client=ca-pub-6579838053286784&format=300x600_as&ip=2001:ac8:20:3a00::&output=html&unviewed_position_start=1&url=https://pelotainvernal.com/&sub_client=bidder-447118&hl=de&aceid=MEZbNAGSYDQBmn80AV6ANAEZgTQBQIE0ASmCNAFLgjQBdYI0AZeCNAHZgjQB5YI0AemCNAHrgjQB94I0AQCDNAEHgzQBGIM0ASKDNAEjgzQBOYM0ATyDNAFEgzQBUIM0AVWDNAF6gzQBfoM0AX-DNAGfgzQBrIM0AUtzQQFTc0EBWB5cAjIfXAJ8H1wCF_yIAidCqgIoQqoCKUKqAg9WqgJfW6oCFWCqAi1hqgKAm6oCgZuqAoKbqgJNoKoC2qCqApmoqgKiqKoCM7uqAkW9qgKM3aoCyeKqAqDlqgJU8KoCdPKqAvT1qgJR-KoCJvuqAkL7qgJkB6sCSAyrAsQMqwL0DasCuxCrAq8XqwJjHKsChyWrAg0mqwLcJqsC8ierAlQoqwKxKKsC0yqrAvsrqwI-LqsC5y-rAn4wqwLXMKsC-zCrAikzqwKgOKsC_zirApY5qwJCOqsCDTyrAiM8qwJxPasCJj6rArM-qwK9PqsCyj6rAvc-qwIhQKsCTkGrApJBqwKoQasCF0OrAkBDqwLtQ6sCBkSrApVEqwKkRKsCtkSrAs5FqwKIRqsCpUarAnpIqwKXSasCb0urAn5MqwL4TKsCKe0FAwfafwgKqPsSzaz7Ei_J-xIh1vsSttb7EjPi-xIJ6PsS7PP7EoP4-xIn_vsSYwH8EvYH_BIjCfwScgn8EnkJ_BKJCfwSlwn8ErYJ_BK4CfwS7Ar8Eulb0BPEXNAT91ZrGsjLtS72P59M&awbid_c=AKAmf-Bt8-6RWJb7mbFXapVON7lGXUQO47yKp-Mlhnd-d9n9-ja2pCPUVL8zbTNC3rEX61O5LKOzxNlvwRly4crLZLheMFsydF0ngHKHcKl88DZLMMmpgZ_qf8uekQ9GQQx67YZbAd5J_Fc9aQ_FTB4dkl51ejeiiSLplnJ7gDOkyGIVPzMHiSbR2xfy_4u_RL9A_pStSRfFv5oZKPb61XVbnqOEp6vcVfd7HNmJgB8osHFkxvMfk7rAX16g7B_RwwOx58WWcHCuLRjBUX8h35G_AMcCPZa2AaubxZT9IN3PZ6Zo45BQcuE_nxVCw2dgrGa__QNUsRMJw4aC9gBbwzvrTmQXUFSbc0b0erjS9K086jG0h6tWzZZrZeYQSyebOgugnauCIT_IOFyydopNubrei_mTrelW583JuoUh8ttzixXvEXXynGBA7zZX1GvDzBl2tkyw9Kki0-zwHq5nM3BCxE2oq19trWuQqn2l0nsg8N3G9sLspeZbq4FSg9OFVY_r0n2u3xVBJEx2KpbB-VIbTqnGywSebnAupnnn4DumNZTuk5snq_bKRZgqV8hgb683zKLu7DOMjrta_VSnYi1dE4yGIlDXnJZG_3wihPwRwb99VT311OU&awbid_d=AKAmf-Awwp3y_EyWKPOruiQNvcF0L5cWgdhYQI14SOj2V_ROwlv37Y8LFbwL9-Lw8kBXwSJ6KEB2O2quA1YhILubxXI5do_-lkEeInToL3upv3iZji8LcnULmWz2ihC9GTQGMJ8_EokHXIR-uJNTMKwECWETiusqT6ISYY9L4-vNxoUvr3CCNl4hq2SpnMo7oBPv3K0zdADSe7XOsl8h4MJNhSPi28GWwA65e-SMeATo5PnycR_PGyNDhOYicUWzvH6h0bhliTL5Bn8wUAJ_mRBybFY3XWYwYZAWJHW1Fjwh6kO5X46ITYfdrbTD0-3i0dvs1uz_FjqxU2YTv870mKIgmazLHoxPSSnuZjSfooqSnOUuQAAG4jymwGllrCJ8CA-DRwDlzNKQVqNAJNwHhdMDo6lKTR2S2KYWt_6OO0XDbEbbZKLJmGf6fXATY4SN5J0qqQbwe2lvEYF4Hc8XtHdYsHxj-7Ap0jsqpLnipWI_nDalV-sA4x8b2B_wwTCXDLcobhFaWlzC2yrEp2GZp1p11svdYO_vJh74gqg6281539Ow3nIG4nX83pcXxepMlZj7LAMCYdUfZPY1HVKMKKP9lyifEg7JPtejC1qSfaG7limbTv5ng8L-WTM8Z16zu76kZoRAmdXqcRx2l_faXv5AMXr6JgsToXzjTdWJvDujZZrNBxGqEq5L3CCk5GlkrTdDmgJNv4IjVU0KkCWrIuOBekTUN0ZMP45bcZzbYkAmIoX6a2T-C7AJNqFltr6b-ybQbcOWiawZshOhvr1iPJElPUIfWjtaqGw5MZ45FaIkAJXSJh9HoCuM1qq1A7rppIw6LldBPoiORBWcFldGzRa0O0z5vr-u8FUk_AweDaG9CJ6GiVSAxZHL-J31tlqxGRHIMKvFAs_i-6_GlbjgXfA3jvlqJSzb9P0KhaCAKopQ7V2xfIj_b4bByzmgurZs-D2M4xLAAZDUi7hVhNpC2po6BrjqVbOuG2VqM-mvD4zVt1XN0_YhPymNn46qYH3ts-qN86CQdM9KhSYfQo_wsPXeRV6o6xBWKAlcrr2mz33LBShhx1eeVwjHjRDiRRDVwGz08cjmq6ChU2q6Wlzi8H4MOTt04ZTYn_eLeSo8lLqO4nAqfTc5-0gqUByVHVRUqkcDaoLs0nAPTvycsUai4aIFrajwpIouXSwpv4sHXOq6TpJFYt8o45wmkQNrPchuP5CMjsnn8wONvJwk1bO6OSVfaw8_ZOmEzw&cid=CAQSGwDq26N9N26JFLtXJ7B6W297ZHHgAoSZ11NjHxgBIAo&exk=1512204066&rfl=https%3A%2F%2Fpelotainvernal.com%2F&a_pr=8:3F9BE9E443540BEF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC8B 153 KB
47 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 04:09:12 GMT

GET
H3 200 642da85a17a5d0d5421ac0c1d4d3507f.js Show response
www.gstatic.com/mysidia/ Frame BC8B 48 KB
18 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/642da85a17a5d0d5421ac0c1d4d3507f.js?tag=mysidia_one_click_handler_one_afma

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

776352aec6c56a0c99f11b52896ca571a2c067a22f3b8a3c5ac6b4dd31afca66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 21:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18445
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 21:29:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BC8B 0
17 B 54ms
53ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CImQYZpKeY4DeC4aNjuwPuNGgoAqdjY7obaSz3ISWD_fDvt3LGBABILq-8BZgleKQgqAHoAHjwKvHA8gBCakCzhuwEN3CsT6oAwHIA8sEqgTTAU_QE-ui5k6lsikTHucBJk-T31gPerQqrwHkeAWUm_NoSbo_ynGNPWG4BUVrv80F6V3OX_zwL9v5TiGg5bgbL50EZvU61cfVwYyFa3cwXmQfacNYKrzNT7pfXD-45khU-ru6pJ3RhwKbY-DrHbuHOVkk6bcBUBxO94HN3ENV_zPuP4Z_Y58r4L_srcsyscllD0Jpt2uTnIM2NZlOmm4rrEGYE5DzCuwDZr0igxTru8BMjsPyy2Jl9QSQmD5zhYV23UoPOofTDxrK5dqYmT_yqE-_winABKqFkbrCApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfR_4wmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA0ggRCIDhgBAQARgAMgKqAjoCgEDyCA1iaWRkZXItNDQ3MTE4gAoEyAsB2BML0BUBgBcBshcICgYIABIAGAA&sigh=BL63KuWS9pE&uach_m=[UACH]&pr=8:3F9BE9E443540BEF&cid=CAQSKQDq26N96iVBo1NmG1haqCvKkNJu8J6_zPZbSdcbmgUsHg4thQPlVM3OGAEgCg&template_id=494&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2758585555&adsafe=medium&client=ca-pub-6579838053286784&format=300x600_as&ip=2001:ac8:20:3a00::&output=html&unviewed_position_start=1&url=https://pelotainvernal.com/&sub_client=bidder-447118&hl=de&aceid=MEZbNAGSYDQBmn80AV6ANAEZgTQBQIE0ASmCNAFLgjQBdYI0AZeCNAHZgjQB5YI0AemCNAHrgjQB94I0AQCDNAEHgzQBGIM0ASKDNAEjgzQBOYM0ATyDNAFEgzQBUIM0AVWDNAF6gzQBfoM0AX-DNAGfgzQBrIM0AUtzQQFTc0EBWB5cAjIfXAJ8H1wCF_yIAidCqgIoQqoCKUKqAg9WqgJfW6oCFWCqAi1hqgKAm6oCgZuqAoKbqgJNoKoC2qCqApmoqgKiqKoCM7uqAkW9qgKM3aoCyeKqAqDlqgJU8KoCdPKqAvT1qgJR-KoCJvuqAkL7qgJkB6sCSAyrAsQMqwL0DasCuxCrAq8XqwJjHKsChyWrAg0mqwLcJqsC8ierAlQoqwKxKKsC0yqrAvsrqwI-LqsC5y-rAn4wqwLXMKsC-zCrAikzqwKgOKsC_zirApY5qwJCOqsCDTyrAiM8qwJxPasCJj6rArM-qwK9PqsCyj6rAvc-qwIhQKsCTkGrApJBqwKoQasCF0OrAkBDqwLtQ6sCBkSrApVEqwKkRKsCtkSrAs5FqwKIRqsCpUarAnpIqwKXSasCb0urAn5MqwL4TKsCKe0FAwfafwgKqPsSzaz7Ei_J-xIh1vsSttb7EjPi-xIJ6PsS7PP7EoP4-xIn_vsSYwH8EvYH_BIjCfwScgn8EnkJ_BKJCfwSlwn8ErYJ_BK4CfwS7Ar8Eulb0BPEXNAT91ZrGsjLtS72P59M&awbid_c=AKAmf-Bt8-6RWJb7mbFXapVON7lGXUQO47yKp-Mlhnd-d9n9-ja2pCPUVL8zbTNC3rEX61O5LKOzxNlvwRly4crLZLheMFsydF0ngHKHcKl88DZLMMmpgZ_qf8uekQ9GQQx67YZbAd5J_Fc9aQ_FTB4dkl51ejeiiSLplnJ7gDOkyGIVPzMHiSbR2xfy_4u_RL9A_pStSRfFv5oZKPb61XVbnqOEp6vcVfd7HNmJgB8osHFkxvMfk7rAX16g7B_RwwOx58WWcHCuLRjBUX8h35G_AMcCPZa2AaubxZT9IN3PZ6Zo45BQcuE_nxVCw2dgrGa__QNUsRMJw4aC9gBbwzvrTmQXUFSbc0b0erjS9K086jG0h6tWzZZrZeYQSyebOgugnauCIT_IOFyydopNubrei_mTrelW583JuoUh8ttzixXvEXXynGBA7zZX1GvDzBl2tkyw9Kki0-zwHq5nM3BCxE2oq19trWuQqn2l0nsg8N3G9sLspeZbq4FSg9OFVY_r0n2u3xVBJEx2KpbB-VIbTqnGywSebnAupnnn4DumNZTuk5snq_bKRZgqV8hgb683zKLu7DOMjrta_VSnYi1dE4yGIlDXnJZG_3wihPwRwb99VT311OU&awbid_d=AKAmf-Awwp3y_EyWKPOruiQNvcF0L5cWgdhYQI14SOj2V_ROwlv37Y8LFbwL9-Lw8kBXwSJ6KEB2O2quA1YhILubxXI5do_-lkEeInToL3upv3iZji8LcnULmWz2ihC9GTQGMJ8_EokHXIR-uJNTMKwECWETiusqT6ISYY9L4-vNxoUvr3CCNl4hq2SpnMo7oBPv3K0zdADSe7XOsl8h4MJNhSPi28GWwA65e-SMeATo5PnycR_PGyNDhOYicUWzvH6h0bhliTL5Bn8wUAJ_mRBybFY3XWYwYZAWJHW1Fjwh6kO5X46ITYfdrbTD0-3i0dvs1uz_FjqxU2YTv870mKIgmazLHoxPSSnuZjSfooqSnOUuQAAG4jymwGllrCJ8CA-DRwDlzNKQVqNAJNwHhdMDo6lKTR2S2KYWt_6OO0XDbEbbZKLJmGf6fXATY4SN5J0qqQbwe2lvEYF4Hc8XtHdYsHxj-7Ap0jsqpLnipWI_nDalV-sA4x8b2B_wwTCXDLcobhFaWlzC2yrEp2GZp1p11svdYO_vJh74gqg6281539Ow3nIG4nX83pcXxepMlZj7LAMCYdUfZPY1HVKMKKP9lyifEg7JPtejC1qSfaG7limbTv5ng8L-WTM8Z16zu76kZoRAmdXqcRx2l_faXv5AMXr6JgsToXzjTdWJvDujZZrNBxGqEq5L3CCk5GlkrTdDmgJNv4IjVU0KkCWrIuOBekTUN0ZMP45bcZzbYkAmIoX6a2T-C7AJNqFltr6b-ybQbcOWiawZshOhvr1iPJElPUIfWjtaqGw5MZ45FaIkAJXSJh9HoCuM1qq1A7rppIw6LldBPoiORBWcFldGzRa0O0z5vr-u8FUk_AweDaG9CJ6GiVSAxZHL-J31tlqxGRHIMKvFAs_i-6_GlbjgXfA3jvlqJSzb9P0KhaCAKopQ7V2xfIj_b4bByzmgurZs-D2M4xLAAZDUi7hVhNpC2po6BrjqVbOuG2VqM-mvD4zVt1XN0_YhPymNn46qYH3ts-qN86CQdM9KhSYfQo_wsPXeRV6o6xBWKAlcrr2mz33LBShhx1eeVwjHjRDiRRDVwGz08cjmq6ChU2q6Wlzi8H4MOTt04ZTYn_eLeSo8lLqO4nAqfTc5-0gqUByVHVRUqkcDaoLs0nAPTvycsUai4aIFrajwpIouXSwpv4sHXOq6TpJFYt8o45wmkQNrPchuP5CMjsnn8wONvJwk1bO6OSVfaw8_ZOmEzw&cid=CAQSGwDq26N9N26JFLtXJ7B6W297ZHHgAoSZ11NjHxgBIAo&exk=1512204066&rfl=https%3A%2F%2Fpelotainvernal.com%2F&a_pr=8:3F9BE9E443540BEF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 18 Dec 2022 04:09:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame BC8B 11 KB
11 KB 54ms
6ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRcHHal_Ans_Gs3Hr87g_lssAYhF_YKg7bknMc5aCrEzEDxg9kc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b296c3484f80533a3f4875456219f1825077acdfc5595d8fb512459eb02bf57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 00:57:00 GMT
x-content-type-options: nosniff
age: 270732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10781
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 19:04:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 15 Dec 2023 00:57:00 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame BC8B 12 KB
13 KB 54ms
7ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR077FnsLiX8cMAzeqJntVz_GAyh3q6TFu9gGQAG_OmGA99yS4&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6188e6460c41ce7b2d5eb371d4dd17c54058746ab6df3e91a33ac1422306df02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 00:45:07 GMT
x-content-type-options: nosniff
age: 98645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12799
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:05:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 17 Dec 2023 00:45:07 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame BC8B 39 KB
40 KB 55ms
8ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTE1OTuoK0moeOd1GBRPK87lE7CXTEjQHcYiW4kaCz5ysiRJzjY8JCqxatPkQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e8dae75eb77ef61ce938fdc8b826868662c1fefb978fc29cc2e3f4d3dd1eef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:03:03 GMT
x-content-type-options: nosniff
age: 288369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39972
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 04:42:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 14 Dec 2023 20:03:03 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame BC8B 12 KB
12 KB 70ms
23ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSDIa1t0YMAigGjXRhoSt0AqGm2VD0gEBKX_5g8nxgdKo6LXzAE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0fbab32102bf76e3f298da015d59c1cb91c9b239234142f1fbc77117d859e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 05:08:48 GMT
x-content-type-options: nosniff
age: 255624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12303
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 16:39:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 15 Dec 2023 05:08:48 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame BC8B 10 KB
10 KB 67ms
20ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTJTdwvkYw1APyL6zDnA_dS_nVzhThF8NDYNoYjZ2lqjhdsW1xq&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452a79401fb40c6f6307be6c5d5e393879ee3dcc74fe31b84b6b052574babb07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 13:49:15 GMT
x-content-type-options: nosniff
age: 51597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10495
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:17:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 17 Dec 2023 13:49:15 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame BC8B 9 KB
9 KB 68ms
22ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTtkHLCjyvyymhDXlV-_30Y8WMg5Buex_QEOIlqwNdSc617qQQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f9b891dc897737cee2e1383d09d27a852c2a5ab930eecce3ef9554ea6f2dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 00:46:56 GMT
x-content-type-options: nosniff
age: 98536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9248
x-xss-protection: 0
last-modified: Sat, 12 Nov 2022 11:55:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 17 Dec 2023 00:46:56 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame BC8B 7 KB
7 KB 61ms
15ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTEewdF5J2TMs1_i1yVs1gGnXp_5ZNV9QiFvYwugVEmMFqvvfU&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64b97d3338dc98afff33d4e47dde28115575fbbbe723bbc8aa312ca375d0c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 69810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6701
x-xss-protection: 0
last-modified: Sun, 03 Apr 2022 19:04:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 17 Dec 2023 08:45:42 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame BC8B 14 KB
14 KB 55ms
9ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTyYm1E4-bq7LztozumnoGpFplEWdrDlECaTJCX_H5oOTQaEY8&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60e5983ac4da690338eb371c1645fe8c7d7fab20dbbe5bb196eaa0d664b5a2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 00:23:06 GMT
x-content-type-options: nosniff
age: 13566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14701
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 11:22:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 18 Dec 2023 00:23:06 GMT

GET
H3

200

1855790038366648222
tpc.googlesyndication.com/simgad/ Frame BC8B
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbxsi7jQEQ6AIY6AIyCFR5nIyM6Xl-
https://tpc.googlesyndication.com/simgad/1855790038366648222

2 KB
2 KB

21ms
20ms

Image
image/png

2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1855790038366648222

Requested by

Protocol

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d02526cbaad695117721d111752936444366ac35fec7d36bf8d5fb2aab3094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 23:09:14 GMT
x-content-type-options: nosniff
age: 277198
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1882
x-xss-protection: 0
last-modified: Wed, 17 Apr 2019 14:59:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Dec 2023 23:09:14 GMT

Redirect headers

date: Sat, 17 Dec 2022 10:09:40 GMT
x-content-type-options: nosniff
server: cafe
age: 64772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/1855790038366648222
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Jan 2023 10:09:40 GMT

GET
DATA 200
OK truncated
/ 477 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 6700 8 KB
4 KB 79ms
14ms Script
application/javascript 2a02:26f0:3500:d::1732:83d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=21728770&cmp=DV485761&sid=Verve&plc=Verve-IQM_20210404001_VidJS&adsrv=0&advid=3891363&dvtagver=6.1.src&ppid=302&DVP_PP_IMP_ID=153887582096497800&DVP_DV_TT=1&DVP_DV_CT=2&tagtype=video&DVP_C1=&DVP_C2=&DVP_PUB=430&DVP_SITE=1171093&DVP_CRT=1079652&DVP_PP_BUNDLE_ID=&DVP_PP_AUCTION_IP=&DVPX_PP_AUCTION_UA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F108.0.5359.124%20Safari%2F537.36&turl=https%3A%2F%2Fpelotainvernal.com%2F
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 84850d50823ca8d77cb4c238356e9289dc59dc770f00829d7f3a70aed85c3f70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Dec 2022 15:05:32 GMT
Server: Microsoft-IIS/10.0
ETag: W/"064f584fd91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

POST
H2 200 t Show response
t.lkqd.net/ Frame 53A1 0
166 B 103ms
101ms XHR
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sun, 18 Dec 2022 04:09:13 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
92ms Preflight
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 18 Dec 2022 04:09:12 GMT
server: nginx

GET
H2 200 p
sb.scorecardresearch.com/ Frame 6CC5 43 B
263 B 34ms
8ms Image
image/gif 99.86.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?C1=1&C2=23229166&C3=platform&C5=01&C7=https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-3.fra6.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 43
x-amz-cf-id: 8ns_m8OgdmJ7358XROOwgQCEi7JWG1_B9ewiLPbJUZLikimTKeZo5Q==
x-cache: Miss from cloudfront
content-type: image/gif

GET
H2 200 p
sb.scorecardresearch.com/ Frame 6CC5 43 B
264 B 33ms
7ms Image
image/gif 99.86.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1671336551&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=19000&ns_st_pt=0&ns_ts=1671336551
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-3.fra6.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:12 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 43
x-amz-cf-id: INuVfw4e1uojShc-DkqIYIFv96x7RxuDeUe_1UUWSZtxkRfZUSclmg==
x-cache: Miss from cloudfront
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame BC8B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1d559c0795bf8c1dea50becc3510208555560bb4eb029389376db1bb7c703c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 t Show response
t.lkqd.net/ Frame 53A1 0
166 B 106ms
104ms XHR
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sun, 18 Dec 2022 04:09:13 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H3 200 rs Show response
ad4m.at/ Frame C94C 2 KB
2 KB 31ms
31ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e01c9428cdc9bd25b57f158f3d62ade57eb2818b1e504955b08996f15e14e4c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Dec 2022 04:09:13 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qcavojJnqhDqDrhhhzFM%2FAWo2s%2BJdf70GcbdEFeWk%2F4jSawZ1Uw8aL6r1E%2FCx6gUsonvf8YuJvA82M34MhBVrYvjl3e4T3io95ISMPYai%2FS8M%2BL2cLq6MHv%2BagEEmpFfZlYP54%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 77b50ab088536919-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
93ms Preflight
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 18 Dec 2022 04:09:13 GMT
server: nginx

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 34ms
32ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77b50ab0481f6919-FRA
content-length: 24
content-type: text/plain
date: Sun, 18 Dec 2022 04:09:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G43%2FGTnOLx%2F5SxHppHjB3wd498dfgfcTv%2FX9RpUfYAUOvRFPwdG0MS%2BIT%2BBDEtoCb5XQ5fJmKHGPw85cHmdaJcYXspaO1hphJC787qNLrV7E%2ByGRbv3Vv2lUm6zjZojMlXDwt7Y%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame BC8B 20 KB
20 KB 21ms
20ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 15:58:56 GMT
x-content-type-options: nosniff
age: 475817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 15:58:56 GMT

GET
H/1.1 200
OK dv-measurements3326.js Show response
cdn.doubleverify.com/ Frame E862 552 KB
106 KB 14ms
14ms Script
application/javascript 2a02:26f0:3500:d::1732:83d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3326.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e23d1ed62c982ac7ccbdbf25ce5289b23facf4631028e662b1b092f62332f4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 04:09:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Dec 2022 08:24:20 GMT
Server: Microsoft-IIS/10.0
ETag: "052474ccced91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108149

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 337B 36 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 20:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 20:48:37 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame BB08 11 KB
5 KB 20ms
20ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

168da968400885dff40944f070fc55c5504990dcce17095f654862acc4d3efb3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gpncggc5wee9j6ejqjvxpzmexrh01fep2nqmqxqbdcj3dcne0c5hdczp0ktvr7w200a392zj2kns1g4ac33xm7txhh177hq9rdk43nph3x119y3ecbyd83f6220w8k96g1wjsqm2g17etg9gg1cgx65jse534hfcmq778b9jvzkghedk18d6q8emnae13spktjc0x4w3t05nd931zze2npzmqw1r4cpf0vd52n9997chkaxz88s7ax0dn70mjrzggjdrwb0qwts3yz9bjgp3mg2e9mfhbk3azvt3j9tcns3bq6pewfje957be2tcr3c99pc8aeqcq2ae1baa03198ek79a4t2p9wfhhwb5s21hgm64hskhkct6ry40g5pe2mb9efts27cqpz4fpvmma2mftfv7ebwxnmv20s88j8b2h9btxfz80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%26client%3Dca-pub-7872228587460333%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77b50ab0ceb39156-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 04:09:13 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=418127904971085&bg=!LS6lLmrNAAYgquz3AKo7ACkAdvg8Ws61Fh9Z7JCS2ivijuhSBd-j9eDbvvzVBKhtww6QaxGrboP3vgIAAACAUgAAAANoAQeZAuKZgXeZ6zjkTZMHfzgfIHnxoVRrBX8LNBUbTVJZVG_MPUAvIscbUzZR6FqPgggjuly3sSvoFexAVlpSk0ziA8Tr6FX-hQ5efpzI3z_hpzAPDWRtvm3HNmpYk_Ie5rzTRlqmOnW7mpEfdbWyJ47nB4kfj_aRoTOlcvxf_hsLdcE1jCLVFb7J744N3DL4jORt-Iunovf62vCTCZ2BsnHnfwIxPyA4Ikg5FgDG6YmRckMCSXrsBlAK3QwWD2pL762mNi7HjcSPBGkFDXbSx1ZNtG2P1BvFPq9S774EJZl6V4kCMKa43iV_N-sudMSH4X9jEGMUuZS4uRz5KvxFjB-zRxet2Vii2PedJfiyJeDGayZ4vnZsD0mc_9568f2d0MMDtDSNCOIO6CmFMHqw0EBiIXFJe9SpHbf1KyreTOJz7jlYV6Z-cz3xWl--sne6K6CzODxgZRuKXhkos8DnDnDfCn8wMLK7HqpVUDU5pI4S32puN3MLczAR_up7oe_vFpihCSVMsDDGmyxINUuNdSZD6Y0ziqHzEA0o0_vLUeOgj_hRdF4S5JiXytj8nys6NCmaCdnzSxssGlADrLX_ZTw_LfL6O--ZLnMWDs6U49ka_4lnp5550QkxNkbha4crqjfXbj3mTG1a5umikC4d2WY3hncflG9_kLpoXEHnmw5ybByAh0eXhTBls0WbzTwN6BlamqTEe_DhpMqDONaj_QYV4PT8ZTXCX1HQFWWZEQ_urMCVkwUdZ4YaFjMunXupY0T16Jwi92WxgK8lisRRdK7Nv_JCY75dI5ZG2Ee1JB5oVC5arV1PrkxJKC-xdNOFb4up_Qr9XfNqY8ZQwO5Dt3r-QhgRHWFUEjkLgzfW8pE5uu0CpQy0Kr8wh-DqkgeNoRY-kY06Zny5_MjmtYV_Q7ttk9UoN3jHEwZ-KVGtOByqXaZjGSC62A5fPT-laNhOq3LJXtfo3oOKrF7_WtHMYvFzcRuJS7U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame BB08 89 KB
11 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 400919
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBolPSFQHEpj6GiaXQeiuamv1vwiYDPgXgGzukHFmnPvtlGNqx0jBpDqytpQJZCvrkwPg08W%2FpX%2BOW5EH51gTZ5YbMjH3Ri8z39K8aMpr1Z8eWE3qLSAWsIe9t3KWxRUBf16Uf5v%2FxQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77b50ab17f7e9156-FRA
expires: Sun, 18 Dec 2022 05:09:13 GMT

GET
H3 200 F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
assets.ad4m.at/logo/ Frame BB08 3 KB
4 KB 47ms
23ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 638619
cf-polished: origFmt=png, origSize=11554
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3224
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 07:30:35 GMT
server: cloudflare
etag: "1ca6a79380ae53c080c2e12b38bdb5eb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDP32hQ4AuHF6yWjT%2FpNUEeLhC8RjZYOO06PS3vPCGzH9LIGkeb%2BTZTEi1cGRJIWMd0VRA8VY9dkBM7dGNPqQ5vrBBIv793kWxF%2Bk1etJ3iADT0g0tHKV2ZEi2J2gIyi6NhiaDjp765C8z78"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50ab19fa69156-FRA
expires: Mon, 19 Dec 2022 04:09:13 GMT

GET
H3 200 43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
assets.ad4m.at/product_image/ Frame BB08 296 KB
296 KB 27ms
26ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 638619
cf-polished: origFmt=png, origSize=466926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 302728
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 12:39:43 GMT
server: cloudflare
etag: "45f5fed59fc1f13fbebb41146459eb81"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsLAhqbHrbEqryEPh%2FcBHQRny9wcEP2ar%2FxvphXYjzuBFisZRbD9Q2XhIYK%2FsO1yg4f6Orpx7o%2B3R12kS7thzcuJ1%2BiLLxAEEU30HJMN1qkfv0emlvVHciMsVQyFRC7YYthNgOY3GK9%2BVg%2FN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50ab1e8449156-FRA
expires: Mon, 19 Dec 2022 04:09:13 GMT

GET
H3 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame BB08 8 KB
9 KB 131ms
129ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1650485
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0iigrEoHH7pxJsueaQdq2UidQqwqCnrZjQH7rgwg679wqKIGHANbsb6btTzcwwh7zrYLVuFnJtITfIeo48EFGT7Ldanue0sgw3PBAikp2fvg0WYh7Cive15NFrYIs3AV3JlVFug9MeTdRivY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50ab208809156-FRA
expires: Mon, 19 Dec 2022 04:09:13 GMT

GET
H3 200 18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
assets.ad4m.at/product_image/ Frame BB08 317 KB
318 KB 135ms
133ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2018623
cf-polished: origFmt=png, origSize=451997
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 324760
cf-bgj: imgq:85,h2pri
last-modified: Tue, 14 Jun 2022 08:21:28 GMT
server: cloudflare
etag: "7dada3f3f6321a7ee4badc53b11da1f3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdndeOPqd59jNXKC0%2B2WlsZZN0dt4mVDVOBMDkCHQtKGLY2fukveudJK1%2FiB4lDmiaurqZKze%2FuB%2Fjo5f26z3AE1dTcthKm6924fsAy8vnCUy5RbuclwoKRarQ0VZFGeNp5c%2F9wJigI%2BZRQr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50ab208829156-FRA
expires: Mon, 19 Dec 2022 04:09:13 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame BB08
Redirect Chain

https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1671336553_bb1b47e0-7e89-11ed-9792-223985e9a9b7

0
517 B

91ms
16ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1671336553_bb1b47e0-7e89-11ed-9792-223985e9a9b7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Dec 2022 04:09:13 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sun, 18 Dec 2022 04:09:13 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1671336553_bb1b47e0-7e89-11ed-9792-223985e9a9b7
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame BB08 2 KB
3 KB 80ms
79ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2014635
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3gCbaASJxX3Wj0osQ%2FoMu1c%2BUk9%2FDWMm5TSiwOAMlkQCT%2FUwKRXXkLJ%2B5fq7784SmQqPRCCyK9BnjjxumLo%2Fad1WnoKcPGWKFX2XMBqoWu8QJy%2ByNYFmNV3TUAhhkiWjl8SNSEIOBQxFSxv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50ab208839156-FRA
expires: Mon, 19 Dec 2022 04:09:13 GMT

GET
H3 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame BB08 339 KB
340 KB 81ms
80ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2009257
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryO%2B%2FVBXgPFvO9F7SdgctwkNQzllwKZyfaMVBtL7qmwiF7xHt%2Bb75%2Bs4NEGjT%2BnDJCb52fPDW%2FXJTV5jJ8I4b8YEK3cgPXnvRFCTmRzN8rT3dK21x2%2BZAJmZGxFSjPn2kPU1Z4XOLMIZ51OE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77b50ab208869156-FRA
expires: Mon, 19 Dec 2022 04:09:13 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame BB08 43 B
703 B 66ms
65ms Image
image/gif 23.2.214.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSWoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.2.214.113 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-2-214-113.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Dec 2022 04:09:13 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame E862 758 B
716 B 201ms
24ms Script
text/javascript 213.254.244.25
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=148&ttfrms=50&brid=3&brver=108.0.5359.124&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauA6%3D%40E2%3A%3FG6C%3F2%3D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauA6%3D%40E2%3A%3FG6C%3F2%3D%5D4%40%3ETar23%40FETbpTauTau&srcurlD=0&aUrlD=0&ssl=https:&prplyd=1&dfs=7&ddur=82&uid=1671336553237393&jsCallback=dvCallback_1671336553237535&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3326&tgjsver=3326&lvvn=28&m1=13&refD=1&referrer=about%3Ablank&fwc=0&fcl=810&flt=9&fec=731&fcifrms=19&brh=2&sdf=2&dvp_epl=147&noc=4&nav_pltfrm=Win32&ctx=21728770&cmp=DV485761&sid=Verve&plc=Verve-IQM_20210404001_VidJS&adsrv=0&advid=3891363&tagtype=video&turl=https%3A%2F%2Fpelotainvernal.com%2F&isdvvid=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=302&mib=0&DVP_PP_IMP_ID=153887582096497800&DVP_DV_TT=1&DVP_DV_CT=2&DVP_PUB=430&DVP_SITE=1171093&DVP_CRT=1079652&DVPX_PP_AUCTION_UA=Mozilla%252F5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F108.0.5359.124%2520Safari%252F537.36&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=423260400.3861797&dvp_tukv=31613944554.7444&dvp_uuid=86196975.00842196&dvp_tuid=836106886828&jurtd=2435427694
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3326.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.25 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: abcb1c3452d5f263f9846be348f279823c1c1d01edf69e7651c624f6a0e9b92b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Dec 2022 04:09:13 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Expires: 12/17/2022 04:09:13

POST
H2 200 t Show response
t.lkqd.net/ Frame 53A1 0
166 B 94ms
93ms XHR
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sun, 18 Dec 2022 04:09:13 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A6D4 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuH2T2C1gW6tWyO86rwXOQp4cLN0AhPn8EC-ncQjBqTs6HBrj8nAxnTAJOyU8iL0oJDy8Z1-kYNp3IMAffYAlEoYU8A&sig=Cg0ArKJSzDTGK-YbnhaxEAE&cid=CAASF-RoZlieQVV3mcgD8lQC2W5ZCGpK3Imf&id=lidar2&mcvt=1024&p=511,275,601,1003&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1811199381&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671336551855&rpt=384&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame BB08 2 KB
2 KB 199ms
76ms Script
text/html 13.41.118.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j4z5sm5f3ep3k72067jrz6wjmhxwytscm462kctk41qej5sbbhcc4x0qpqd8qvtp5pn9ht6tjr36wssnfac3p56msysv2rtceeq0hxjfxby0pbgf4hfzc4re2enjrv8anz7vrqmzargzf1aba448q723hkt95w2f7gkyy9kdy5rztg3zenxa7mf8g6dv64tgs1th1f9a9g49w9xg41x1wsxanf4krn0a09ffhxqdhpex3s8r2esk50ps3kdr8d3x1t09fg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%252526client%25253Dca-pub-7872228587460333%252526adurl%25253D&clickref=oneidgzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ceoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidwbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5oneid__suite_Netmix_Reach43_TopRotaMonth
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.118.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-118-175.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 94e9a13c50ba631f2fafbd0f923194e29ef926e4de95d10dbfe577093fb0c037

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 04:09:13 GMT
last-modified: Sun, 18 Dec 2022 04:09:13 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 18 Dec 2022 04:10:13 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 931D 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjUx66-7-EkeoSRugFL0votSkuTmfBnlf4bMn4NRxfSSPXwfJEsKwkTgOVqOs6YjodriJejjdZDqLOBB4FrkdOUFgDmz9wB53oOtSfH4SZLC00T-KM&sig=Cg0ArKJSzL6D5xddfeSOEAE&id=lidar2&mcvt=1017&p=574,1149,1174,1449&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2344183488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671336551879&rpt=378&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
95ms Preflight
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 18 Dec 2022 04:09:13 GMT
server: nginx

GET
H2 204 /
onetag-sys.com/usync/ 0
38 B 13ms
9ms Image
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

GET
H/1.1 200
OK cksync.php
cs.media.net/ 44 B
410 B 49ms
15ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-22.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Dec 2022 04:09:13 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 44
X-MNET-HL2: E
Expires: Sun, 18 Dec 2022 04:09:13 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://sync.srv.stackadapt.com/sync?nid=68&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=lb-1XUmyQkRlz166Qg3689lAlx4

43 B
766 B

64ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=lb-1XUmyQkRlz166Qg3689lAlx4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Dec 2022 04:09:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=lb-1XUmyQkRlz166Qg3689lAlx4
Date: Sun, 18 Dec 2022 04:09:13 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame BB08 85 KB
31 KB 44ms
7ms Script
application/javascript 65.9.66.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j4z5sm5f3ep3k72067jrz6wjmhxwytscm462kctk41qej5sbbhcc4x0qpqd8qvtp5pn9ht6tjr36wssnfac3p56msysv2rtceeq0hxjfxby0pbgf4hfzc4re2enjrv8anz7vrqmzargzf1aba448q723hkt95w2f7gkyy9kdy5rztg3zenxa7mf8g6dv64tgs1th1f9a9g49w9xg41x1wsxanf4krn0a09ffhxqdhpex3s8r2esk50ps3kdr8d3x1t09fg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%252526client%25253Dca-pub-7872228587460333%252526adurl%25253D&clickref=oneidgzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ceoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidwbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5oneid__suite_Netmix_Reach43_TopRotaMonth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:50:10 GMT
content-encoding: gzip
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 69544
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: pw_PZ4IInZK_A1cuGfRzCsvO1_s0RcnY-aVCleN8REWej0VX8J_IXQ==

GET
H2 200 1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif
cdn.track.production.webgains.team/295140/ Frame BB08 19 KB
19 KB 53ms
6ms Image
image/gif 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/295140/1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif?Expires=1671336853&Signature=eREi8J38h-xhrzEuv4NC2l1qiZhYvg5vvAqDpdyQnL~-PHS7ASSoHFNwKDrel8vT7IxxBHgLLWTp3BU7cYloPfUpuMp~sjqEW0WKwdHGbFcV7rOGeh4fS5-Lplm08jr9ZkyEvMbsoy-YCTJS4LLkh4ma58FPV8JC2-gjTdu0CbRihIbWr9W3T8Buf4A8jkyL4yeioz5gEFw~oTSH6xH6-luKbxOXI24ZovmFZ3MPKFLMFzIDHW6YOwvvEF5Wa~4q14Y5eastJyWpM3OBdlO95MCTbw2Vrb6uLowKnH~xaIuZ6qVbIL~1YwSn~7QCvsJmkpLTDSxvc-IFNM~YkGQD1g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C196438%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2Cj6qCEfbGcqmxzFYHEH2t6tg7WhKTzTAjS9%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CxPKSQf9AHEkAXcPHdHztDCxQqUJT6TW6uA%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=9b4fa380b867951bbdd75e7bd14f4521%2F1796691712902051403&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671336553059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jr2xhh5kaetv1rv02053z73ax7m2f2qxdbpt3qwqeyagb0gpgcpj6cyrr6s523y1t3jbjjy72ab0t2ycwqxmd9vqh5xxk0zxvxwhyzzmtj0rgvhs76xw3pk393ne15q55za396pmexrdhy9dbb16nxf9dsbss0a6g80pcmhxfq3rc89war1dpq97v2bp0s0r9gsdepdn61xc0g6cdxj6csbcmhz1f21dk8xmb9svt05s3828m2eshf5h88b7yc6wketdychaxkmers0dkrg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHzcsZ5KeY8KJIIHP3gOgzKLIDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4NzIyMjg1ODc0NjAzMzPIAQmpAs4bsBDdwrE-4AIAqAMBqgT7AU_QTS-RJ_I-T_vScmRf1ihKLNneXXiFkpIs_bN6gNeUSsoMbNvY3fWbO3b8JKpX-pT57ysOU-vcFAwhiorqPJVheoEqM67Nqb7XeBuKMcHVQW27LZbGVmksQoPfz1-69T1PucgX8IIaaS6dHXxLLyASpAm-E-X9RssDG94KzvQgM0U8rccx4ZNiLkmg4VRNuhcq2clc06QlJPy65hzXZ0o9ct7QGz0Ese-Vw6_S8EH7X5voovf7GOteKIZu-KLr-jDxch-tyo0sX5JE2a_ta2bGkbKrJSd7UPlmFysUX9MVewLB-ZUgpcXstNopvPC__vfiy6Q7cNWCy1Pr4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fX1Z4sBT7inP2phGL74ckdzOCNQ%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 17 Dec 2022 12:52:03 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified: Mon, 01 Aug 2022 11:49:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 55031
etag: "c8717f93a87217b1c114134b189e2ca0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 19052
x-amz-cf-id: ogWa_3UAtSP-Hqmalooun2xO4fmxn1dyOkV9mDIU0ZL7RVHMIkE0ig==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BC8B 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuR_FRb4vBbEa2vvCyl_rKJuwXIbANPEi8rA04wRe-eLJh19QyNhs-wKed7hwl6oGocpZ4vl1fnIv8lBQw_3LSCKu_6jeQD4IR6Pv30rUBj-df7QGM6J6i1XjmbIHNy85-c4Xiesw&sai=AMfl-YRAFYueazxiOjo5oY252Qeg3psBT1V5DJ8He2Djvnbn4_XiFk1MY0_M6Wxs2BJicJBurSZcrg1OQP7kUpDFkh9oJs9ONFMweFYkQg&sig=Cg0ArKJSzIy27q9CXpz9EAE&cid=CAQSKQDq26N96iVBo1NmG1haqCvKkNJu8J6_zPZbSdcbmgUsHg4thQPlVM3OGAEgCg&id=lidar2&mcvt=1104&p=0,0,600,300&mtos=1104,1104,1104,1104,1104&tos=1104,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2758585555&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671336552328&rpt=713&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 04:09:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame BB08 16 B
232 B 86ms
86ms Fetch
application/json 18.170.123.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.170.123.253 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-170-123-253.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Dec 2022 04:09:14 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 73ms
20ms Preflight 18.170.123.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.123.253 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-123-253.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 18 Dec 2022 04:09:14 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 53A1 0
166 B 101ms
93ms XHR
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sun, 18 Dec 2022 04:09:15 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 93ms
93ms Preflight
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 18 Dec 2022 04:09:15 GMT
server: nginx

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame E862 0
210 B 46ms
13ms Ping
text/plain 213.254.244.25
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=a832e196f6bc49179292457b506af76c&flavor=0&gdpr=&gdpr_consent=&dvp_vperr=Failed%20to%20get%20adid&vdur=203&eoid=9&msrjs=3326&sdf=2&vit=0&isvelg=0&rmi=16&tltms=82&tetms=13&msltms=31&vltms=203&sei=292&vetms=4&engms=1&engisel=0&dvp_dtcov=4&ttfurm=3258&cbust=1671336556455272
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3326.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.25 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sun, 18 Dec 2022 04:09:17 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 12/17/2022 04:09:16

POST
H2 200 t Show response
t.lkqd.net/ Frame 53A1 0
166 B 97ms
97ms XHR
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sun, 18 Dec 2022 04:09:18 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 97ms
96ms Preflight
text/plain 146.20.128.182
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 18 Dec 2022 04:09:18 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: vast.vidoomy.com
URL: https://vast.vidoomy.com/pro/ftp-pro/620/35H11_051670841845.xml

Domain: vast.vidoomy.com
URL: https://vast.vidoomy.com/pro/ftp-pro/681/59C11_221671190042.xml

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pelotainvernal.com/	1970-01-20 17:37:12	Name: __gads Value: ID=6fb24eb131bbc96f:T=1671336549:S=ALNI_MatR30gj4BD4-rhlEG2t0v1C_cRCg
.pelotainvernal.com/	1970-01-20 17:37:12	Name: __gpi Value: UID=00000b93d6c9ca3f:T=1671336549:RT=1671336549:S=ALNI_MaXhHZjhrb6R4a7vbf70K6-mAdkYw
pelotainvernal.com/	1970-01-20 08:58:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
.pelotainvernal.com/	1970-01-20 17:01:12	Name: _pubcid Value: 75a8b4cb-d9d7-4c31-b359-5d79bb84ba48
s.pelotainvernal.com/	1970-01-20 08:25:41	Name: AWSALB Value: yegjsbErvvkGOKiSNkhu/RQE8XsX80PfrSFuovdMEpgHKYPk4j4PiAMYT/BthHhHEp/0t9Ns2XYAh/+L8vQU/9uSmiAWrQ9iucU66VzNstgsntKjSqREzGtBxQrH
s.pelotainvernal.com/	1970-01-20 08:25:41	Name: AWSALBCORS Value: yegjsbErvvkGOKiSNkhu/RQE8XsX80PfrSFuovdMEpgHKYPk4j4PiAMYT/BthHhHEp/0t9Ns2XYAh/+L8vQU/9uSmiAWrQ9iucU66VzNstgsntKjSqREzGtBxQrH
.yahoo.com/	1970-01-20 17:01:34	Name: A3 Value: d=AQABBGWSnmMCEHqsOz5Qoq8ZLiBg_ryOG88FEgEBAQHjn2OoYwAAAAAA_eMAAA&S=AQAAAvWaRnHslqT5VwF3Xkhb6Hw
.bidswitch.net/	1970-01-20 17:01:12	Name: tuuid Value: 086eb568-cd88-4474-9f53-23eec858e5be
.bidswitch.net/	1970-01-20 17:01:12	Name: c Value: 1671336550
.bidswitch.net/	1970-01-20 17:01:12	Name: tuuid_lu Value: 1671336550
.pelotainvernal.com/	1970-01-20 17:51:36	Name: _ga Value: GA1.2.2044881066.1671336549
.pelotainvernal.com/	1970-01-20 08:17:02	Name: _gid Value: GA1.2.2045169535.1671336550
.pelotainvernal.com/	1970-01-20 08:15:36	Name: _gat_gtag_UA_19230497_1 Value: 1
a.vidoomy.com/	1970-01-20 17:01:12	Name: SSCookie Value: 1
.creative-serving.com/	1970-01-20 17:37:12	Name: tuuid Value: 0399231a-245f-4fd9-a5f7-3de45caa575b
.creative-serving.com/	1970-01-20 17:37:12	Name: c Value: 1671336550
.creative-serving.com/	1970-01-20 17:37:12	Name: tuuid_lu Value: 1671336550
.doubleclick.net/	1970-01-20 17:37:12	Name: IDE Value: AHWqTUkbif1iKLQDMolektrhmUWb_5BQhWZsxu_R-916V9yF1UAWKTufOHD76XrAlrY
.pelotainvernal.com/	1970-01-20 17:37:12	Name: cto_bidid Value: bHJpOl9ST3h1TzJCJTJCSDBQRzJrMXpPSU4ybURuUlc4dndHUW51dkN3ZlZrUXhFZnpycnFrdmFwQkppbTZXWjFHT0clMkJXcjdqZzVYeGFCem0wRyUyRkhGayUyRlp4d0FRJTNEJTNE
.rubiconproject.com/	1970-01-20 17:01:12	Name: khaos Value: LBSUMNMK-18-IZY9
.rubiconproject.com/	1970-01-20 17:01:12	Name: audit Value: 1\|naVuGyos1qpXBUy3WQ782SAkF7RiBdb4AgvEG2sPPZrw0zLiRRUt4e/Kp1Px55TGSkyj9x8eeR3thoi474+Tg2jYHTlS9mMvGIFatoJ0DXuyqVI1k5poNA==
.quantserve.com/	1970-01-20 17:45:50	Name: mc Value: 639e9266-587c4-c3b0f-794b0
.pelotainvernal.com/	1970-01-20 17:40:05	Name: __qca Value: P0-27100677-1671336550029
.ads.stickyadstv.com/	1970-01-20 08:58:48	Name: UID Value: 6e738c5c65c61f2cabaf426abe5ed342
.doubleclick.net/	1970-01-20 08:15:40	Name: DSID Value: NO_DATA
.turn.com/	1970-01-20 12:34:48	Name: uid Value: 2936648504658258103
sync.srv.stackadapt.com/	1970-01-20 17:01:12	Name: sa-user-id Value: s%3A0-95bfb55d-49b2-4244-65cf-5eba420dfaf3.8k1pVAV6q36e4jUZSGMk%2BmQHfqZ4ehcC194Ge944NlQ
.srv.stackadapt.com/	1970-01-20 17:01:12	Name: sa-user-id-v2 Value: s%3Alb-1XUmyQkRlz166Qg3689lAlx4.YOtGb0UuyuBNcjUseblo6T4cCE57L7UJLW3JVyCM%2BSY
.csync.loopme.me/	1970-01-20 10:25:12	Name: viewer_token Value: 267ac5f0-dab4-4a9e-84a3-5840fb946cfc
.analytics.yahoo.com/	1970-01-20 17:01:12	Name: IDSYNC Value: "1982~28ws:18yx~28ws"
.bidswitch.net/	1970-01-20 08:15:36	Name: google_push Value: AavPq0NtwzCOntlgl79RmqwUtv_JptqbWWYaqSoBMBCLP5RK-snuUFZFSBwAzHaLj0WLwpaNcdJO7MyYVuKYti20gKSYUX1EFsw0tg
.3lift.com/	1970-01-20 10:25:12	Name: tluid Value: 2843966315802400393565
.lijit.com/	1970-01-20 17:01:12	Name: ljt_reader Value: F1a5vGZHQ2_afuAIQISUn0hL
.casalemedia.com/	1970-01-20 17:01:12	Name: CMID Value: Y56SZ2zB9pFp319T0YbHvwAA
.casalemedia.com/	1970-01-20 10:25:12	Name: CMPS Value: 1125
.casalemedia.com/	1970-01-20 10:25:12	Name: CMPRO Value: 1125
.360yield.com/	1970-01-20 10:25:12	Name: tuuid Value: 19da016c-16fe-4f78-88ef-6056b6221ac5
.360yield.com/	1970-01-20 10:25:12	Name: tuuid_lu Value: 1671336551
.blismedia.com/	1970-01-20 17:01:16	Name: b Value: 639E9267F7CE7174EE51226FBLIS
.adnxs.com/	1970-01-20 10:25:12	Name: uuid2 Value: 689147368627154085
.w55c.net/	1970-01-20 17:45:50	Name: wfivefivec Value: CHWyQdkA1P6KZ95
.de17a.com/	1970-01-20 16:54:00	Name: guid Value: 1.6821736240019775391
.w55c.net/	1970-01-20 08:58:48	Name: matchgoogle Value: 5
.spotxchange.com/	1970-01-20 17:01:12	Name: audience Value: ba148c6f-7e89-11ed-bfd7-1e1d47870006
.criteo.com/	1970-01-20 17:37:12	Name: uid Value: 122bdf21-776e-4c9e-b569-06d2e2c5e347
.awin1.com/	1970-01-20 08:19:55	Name: awpv11354 Value: 412871\|1671336552\|ba7fa420-7e89-11ed-bfbc-22342ff4a6f7
.quantserve.com/	1970-01-20 10:25:12	Name: d Value: EFQBCQHrJ4EA
.simpli.fi/	1970-01-20 17:02:38	Name: suid Value: 8B4868C7756542A9A29CC97072E476AC
.ctnsnet.com/	1970-01-20 17:01:12	Name: cid_a8a4d614b78e4027a910da26daae673c Value: 1
.ctnsnet.com/	1970-01-20 17:01:12	Name: gid_CAESEB5BtOLhvb73fiL4TRtxO1U Value: 1
www.conrad.de/	1970-01-20 08:22:48	Name: HTLP_timestamp Value: 1671336552
www.conrad.de/	1970-01-20 08:22:48	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 08:15:38	Name: __cf_bm Value: BV47V2tt2CEwztyJ7zoN27IcCfrVwLNsoKAWs_gxrxQ-1671336552-0-AfFf8e/lbp7QPcFHF2G1EkTWGOrJ2VQYevFduImZ5SBhiEnEsEcDCp6btxPuzgrMR6RbR4KntZdAynNvUc3Amrw=
.adform.net/	1970-01-20 09:00:14	Name: C Value: 1
.pelotainvernal.com/	1970-01-20 17:37:12	Name: cto_bundle Value: Jo6mn19PZSUyRjZ1RmVwc3U0JTJCM2FoOUFuWDZIRWthYWppUHJVRDBkeEpLU3pjV3QlMkJ3Q3clMkZPQWJnQXYlMkJkVXRTeGJLWnBtTUdKRnFjQUNzVW4xN2tqMSUyQm4xSHpqWFJxekFnMnNGR0QxaURjanNYd016cUVMN3hMeVZpT1k3dVU1RnJObnJaJTJGWlRiTmslMkJLd3lRdmI3Z210cUx0QWFpZ25iZUFqR3kyOERrQWZlTjhoUXRVJTNE
.adform.net/	1970-01-20 09:42:00	Name: uid Value: 485464449669540551
.blau.de/	1970-01-20 08:25:41	Name: nscQ486 Value: V
.blau.de/	1970-01-20 08:25:41	Name: nscT486 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjcxMzM2NTUydmxlYTFkZTIwMjIxMjE4MDUwOTEyNzk2MDYwNDgxMDFYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/	1970-01-20 08:25:41	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022121805091279606048101X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663
.o2online.de/	1970-01-20 08:25:41	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 08:25:41	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY3MTMzNjU1MnZsZWExZGUyMDIyMTIxODA1MDkxMjc5NjA2MDQ4MDk5WDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWQ3MnhjcWZnekhqWG1ydXJIWEhndEF0VlZlZkdUMVRNSkNNb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzcwMw
.o2online.de/	1970-01-20 08:25:41	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022121805091279606048099X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY3MTMzNjU1MnZsZWExZGUyMDIyMTIxODA1MDkxMjc5NjA2MDQ4MDk5WDExNzcwM1YxMjI2MTMyNzAyT
.awin1.com/	1970-01-20 08:18:29	Name: awpv20044 Value: 412871\|1671336553\|bb1af9c0-7e89-11ed-9792-223985e9a9b7
.awin1.com/	1970-01-20 08:25:41	Name: awpv11938 Value: 412871\|1671336553\|bb1b47e0-7e89-11ed-9792-223985e9a9b7
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 08:25:44	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1671336553_bb1b47e0-7e89-11ed-9792-223985e9a9b7%22%2C%22sp%22%3A%22awin%22%7D
.casalemedia.com/	1970-01-20 10:25:12	Name: CMTS Value: 2132

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://pelotainvernal.com/ Message: Access to XMLHttpRequest at 'https://vast.vidoomy.com/pro/ftp-pro/620/35H11_051670841845.xml' from origin 'https://pelotainvernal.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://vast.vidoomy.com/pro/ftp-pro/620/35H11_051670841845.xml Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://pelotainvernal.com/ Message: Access to XMLHttpRequest at 'https://vast.vidoomy.com/pro/ftp-pro/681/59C11_221671190042.xml' from origin 'https://pelotainvernal.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://vast.vidoomy.com/pro/ftp-pro/681/59C11_221671190042.xml Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-3139134883708761&fa=1&ifi=7&uci=a!7&btvi=3&xpc=S0Fu0os4uj&p=https%3A//pelotainvernal.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vidoomy.com
a70f19ff77b4cba27e7f41fb58cd05b5.safeframe.googlesyndication.com
ad.doubleclick.net
ad.lkqd.net
ad.turn.com
ad4m.at
ads.creative-serving.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
beacon-ams3.rubiconproject.com
c.4dex.io
c1.adform.net
cdn-conectate.kiskoo.com
cdn.doubleverify.com
cdn.firstimpression.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
creative.lkqd.net
cs.lkqd.net
cs.media.net
csync.loopme.me
d5p.de17a.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
ecdn.firstimpression.io
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fastlane.rubiconproject.com
flower-ads.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
match.360yield.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pelotainvernal.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
prod-rtb.ad4mat.net
rules.quantcount.com
s.ad.smaato.net
s.seedtag.com
s3.amazonaws.com
sb.scorecardresearch.com
script.4dex.io
search.spotxchange.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
stats.g.doubleclick.net
sync.srv.stackadapt.com
t.lkqd.net
t.seedtag.com
tag.escalated.io
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
v.lkqd.net
vast.vidoomy.com
widgets.outbrain.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
t.lkqd.net
vast.vidoomy.com
104.18.135.145
104.18.33.19
13.41.118.175
142.250.185.130
142.250.186.134
146.20.128.146
146.20.128.182
146.20.132.154
151.139.128.10
162.19.138.119
172.64.154.237
178.250.0.157
18.170.123.253
18.193.52.247
184.30.24.22
185.80.39.216
185.86.137.108
185.94.180.123
2001:4de0:ac18::1:a:1a
2001:678:cb4:bbbb::11
213.155.156.167
213.254.244.25
216.52.2.39
23.2.214.113
23.218.209.87
2600:1901:0:76b9::
2600:9000:211e:c600:6:44e3:f8c0:93a1
2600:9000:211e:e200:1b:5138:8a40:93a1
2602:803:c003:200::31
2602:803:c003:200::77
2606:4700:10::ac43:266a
2606:4700:20::681a:179
2606:4700:20::681a:71b
2606:4700:20::681a:8a9
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:3031::ac43:b7f8
2606:4700::6811:180e
2606:4700::6812:272
2606:4700::6812:7e05
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2004
2a00:1450:400c:c06::9a
2a00:1450:400d:802::2002
2a00:1450:400d:805::2002
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::200a
2a00:1450:400d:80e::2003
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:d::1732:83d6
2a02:6ea0:f400::4
2a04:4e42:200::485
2a05:d018:d29:3602:5:8e0b:5ab8:71a4
3.126.56.137
3.19.54.139
3.33.220.150
3.65.71.95
3.66.71.88
34.107.148.139
34.149.50.64
34.96.105.8
34.98.67.61
35.174.181.179
35.186.193.173
35.204.74.118
35.214.223.115
35.241.34.106
37.157.4.25
37.252.171.22
37.252.173.215
51.89.9.251
52.217.195.192
52.57.231.104
52.58.191.156
54.208.89.30
54.78.253.158
65.9.66.11
69.173.144.139
76.223.111.18
78.46.85.162
84.200.5.215
87.118.116.9
88.99.63.132
92.122.244.32
99.86.4.124
99.86.4.3
99.86.4.53
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
008be15ff7db879ddccb3bf415d1143924af4eca6d1dd5250726ac423624f9d5
03dde0116f8f95a75e0247d3a17dcafa6e9c5599463b063ce6fc750c145630ab
05e80638055ab0f23d6df4b19eacdae9932a4f9cfcbe7dd95659649b1827585a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09778ab5d08d1983b0ba1d423603b1b0f2214947ed465534dcc9ac047bf929ba
099f7bd7eeecadbaac06271857ca7ed29a0c4ab338b7ec6bc89170c506f4629d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e01c9428cdc9bd25b57f158f3d62ade57eb2818b1e504955b08996f15e14e4c
0e63307deac3d8aeab68773529536e2d1d9ad4e09749326cbcdf6d9009b49551
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
11d02526cbaad695117721d111752936444366ac35fec7d36bf8d5fb2aab3094
14fa937604e0fd3f7f1f8fa5daa5ab7e25052e1b1b826688b0109fac4251bf6f
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
168da968400885dff40944f070fc55c5504990dcce17095f654862acc4d3efb3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19737707017ce7f188707e1e6fbae40088945cb235a8c37971b507b97d771a4b
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e894e7cf7187c224f386656a508446013f4cd6edea742f5241ce57258db06c6
2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db
262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f
2b296c3484f80533a3f4875456219f1825077acdfc5595d8fb512459eb02bf57
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31661cc49ad194662c03f1d553b028f1753d0bacb10df8865e87c3dc4a7ffb77
31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5
3521616fbd1415fd86988bfc9773f6044497f54354e0b924f7db878f91c1af83
3620d28357207cd4b8092fe728bed5a606c78c07d4043ed225b7c3e8e58fa731
36c2343f3359688c9948184e631420db683b3d1a105206fcf76f1354c106425e
36ff5240c8c658db74770dbd4343a900aa7d5d029d5f407505b8189299b7dc88
376b9a21cd2e1dfcd781cb7aa717914f69a65b113839cd116436e98939bf4ee8
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3aa5cdd18374b285ddc76c94ee1735df8b3e518cb7202fa7feec77a3b13437a3
3b1efaae19dcb7c525d27016287aa9fb6718eb311347056992bd3aec1e57c817
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
43ed01782a52f74351b31f996f02f0761540c3af7cdbd0693891a3e5abcfa3c1
443f7cd7974328229181280cee948d0f344c1b7b269a7fe8f01ad2e25d98d1ed
452a79401fb40c6f6307be6c5d5e393879ee3dcc74fe31b84b6b052574babb07
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ad56f3866042bd7e339da79592dcd0a2beb286dd1b0a22ef6e4701c3bc401e
46fcba2d33ed0c6a8322aee403da08a72043db68a12425fd8520073be4b9a907
47b7c3607011f758ebcd6fd278efbfa7af8fde88ca2a4399b67eca1c903648c6
47f719c1691461a5d778135c0512d51c87f8eea39be7ddad829830925902674b
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a85bbd945d370b499409eeca2ac0a1ca75110c514373441b77a8ec397c4d7db
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4e8dae75eb77ef61ce938fdc8b826868662c1fefb978fc29cc2e3f4d3dd1eef1
4f4db957340b18ded839648a36bf4271d7edf963930b53aac7351b0a936a1408
4ffe1619d0cddcd71c73eb41dcf1bf9219646f36b90667b3746c8a6771375fc6
52084175f1ddbd7e4168245880f4dd0c69cedbcac6096306ecae4e56181ad545
53790d646fe0774747dd3632f40d7956f22bd635b64f64bfa5d54cd7de225fc1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568264bc1c4cc59e47bc677e8f8133ea8b5c684ddb911913a5ffe2a91161faac
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
588f44ce369926dd3bb733a3a8c5f40bab1c7f55dd018ce0fea00799b4d1a045
5bc215a872ab9aaae4d909e40ad5ce96594678b55b22717351cea7929bb97a6c
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
5e6a0ba351b513818535c7ad400d7ffc937d0a7b42a2c44bedbdd15c808eaace
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
60e5983ac4da690338eb371c1645fe8c7d7fab20dbbe5bb196eaa0d664b5a2d7
6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058
6188e6460c41ce7b2d5eb371d4dd17c54058746ab6df3e91a33ac1422306df02
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628e1ff1dc4353dafb32dc9a90a12069e447c866341654fab0ded52d92388b92
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68c45f895642f204febcbea8c9939dc218f15260d499ed9861d5ec0eba87e3fa
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cbb005498c3f209f89019b181c9a8ec2c3d7813122e61a193e654940a4438c1
6f272fccfb3459a79bd48d562cd33cf5086280c5039268ab4d22e2f59b0981de
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
74df90f5f0e27dd5df2470215692754169878aa5443c25a3515e1768e3db03b1
76e9ef12de421d3f6a5f9fb571391ce9c0cfa8276b09856490bb348cbf2cb8d4
776352aec6c56a0c99f11b52896ca571a2c067a22f3b8a3c5ac6b4dd31afca66
77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def
77f9b891dc897737cee2e1383d09d27a852c2a5ab930eecce3ef9554ea6f2dbd
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a2d0e62728d546f564846d2fcc27df2bd4fddb454589154260e7e6b0d6a3a87
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7e9276746ee6d70a75d8362ddd8e20aa1ce8a008c8e39c66a9e05b758f636d01
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
7ff84e48663432087ad72487f385a38dc2f2ce1b6b657f90fe663a84d9498b9d
82e537364f69e27918603dcf659dfe007ab68afab61ea270dd2e71f10ce60f5a
834e41840553ab871c74aefa0dfc8b156f01fc5f4f83ca2d1efcc8f61148f766
84850d50823ca8d77cb4c238356e9289dc59dc770f00829d7f3a70aed85c3f70
8650923badeeb32b03adecf301daf73c691bbdf491c5ad1a74c56f07ef325221
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87ec184cd9b3cfb5ccbf631c766fc0d6b01d8811184a5f6f49f2ec528429dad4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f58f57adad63dc6be052b7cc960aadbf622e5c08f0335b59b0326ebb9aacdc0
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
94e9a13c50ba631f2fafbd0f923194e29ef926e4de95d10dbfe577093fb0c037
9550be4dbbc7a9eb3f70accd7ee908d1675a9f9924c0bf599b53c07f10a98743
95abe6c4dda654ee245ef9c5c97362c0c4586a4a9cad31e07fcae9cfed09d12e
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
974f1f5f52ab72486ae7e799bd88cd0c19d05bbf2407e0d5920e016bbd4cca64
981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9fbf8104decb0113b2a26cd2bde3ac9650580902624681deeecd9d83ef5f54a9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fbab32102bf76e3f298da015d59c1cb91c9b239234142f1fbc77117d859e28
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a64b97d3338dc98afff33d4e47dde28115575fbbbe723bbc8aa312ca375d0c6a
a67612c801d54b2817687d2155b63f849b671d96ffd423cb77b36b0b66fa2192
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a907540f294a24326e21b5ffae1e76ceeb6b6fb3041eadd4dd3350012a030da5
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
abcb1c3452d5f263f9846be348f279823c1c1d01edf69e7651c624f6a0e9b92b
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
af9474e5a7a9093351569e5cb64b9b34596d02e5cd1ede8ead7acf41740f76cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873
b465194eb5043b81378bd5b49a2b6b99c9366f0a1efa925af210172e7713d690
b59274b06fc793177aedbfa4b52d6d2571528266198414ae2b1795d7d87bff48
b7382d2ae003d2c93657df0912f924975ba279a3f78743aa90ae0ef63502eb19
b9ab3f179c703b28a88e2d379df37f5fb9130b2281720e750af6c95ff1eb9e60
ba27833c9c8b0ea5d187370411c8215cb87b7aa9f8471c6199ee22add2c32704
bac0705d11ffc896d765dc3507e2ad3abb961795b05bb857039ca92f649a0745
bb358d17fb27d75f81b5bb460eb199c58f94fa28881352593b0bca456f51c456
bbeb9bef20e45478eff214445fd7c36c62f1cbdda84fefc809e475ad1372a6fc
bd558b6b0fa8256504d6f1796203c55c540013d7d4021f79241476f3ac49dac1
bdbbb447bf69f791cb6717a186852f2b9661ca900a74d8235d37ef9ed65ac0dd
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c0ab5f5c8d85d2ce4888fdce28479127059a0d440bfbec6555e0048dbc9114ae
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c1d559c0795bf8c1dea50becc3510208555560bb4eb029389376db1bb7c703c0
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c54527742912dc24ffdbc35d926d8d76f016b8258e9ebb94dfb50a729d6901df
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3af101364ec3316028fe02dfacc86355cfeac079897a33636e41d99fe83e66
cd257ced5860b54b3c71dd2e1c9704a552f0c2be8e63ef42cdf47e05293da1bb
d247b3e39042c0f82b95bae1d1eb94c3f03d66c1cf25ecc1555086fb8b84cb4f
d2ecddbbdb2c6e99fc9caa65d3a21125b84683d542c304f4c50c962382e32a15
d4ba0d2593d2330d5e78b10912e1f10352b1574b02a7055feb62699ecd525e27
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d74835ebc144bb92d18a970ca79cae0840c356a5967bb1d1d9428c32c183cdb1
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dcb68dbdc8d49383906fc9935a65bd830d2f42a5e36eaca0951db3e0f5544d82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0c800eb323c1ce828b85ac0ee2c3b96019740de8a54c26e8d5d2466100ee9d5
e23d1ed62c982ac7ccbdbf25ce5289b23facf4631028e662b1b092f62332f4cd
e2b2b6d7202461df9702f00cb15dd87985d0b1e9a8318333d15e5787641badee
e33348c5cad0a84dea736e614dcea3bdd0078419e5ea106687c5f57bedfbf991
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b12f0001d95ff505b926cb079a40f5b8af3595ff994ae7bd0080cf51505a80
e8ec3c176b12a03aebd44a1f69820e94326cf48693cda33f9fc63b97be95325a
e8f40bccba1b20df36aecef44fbf3d446c60633ad3d0d1f8817aef4fca184d22
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
edac5953633f83d7093c5166cc12328e35e599bde27bc3fed90d32d914668804
ee735ad9351455e1417cd144ed24de18f6311c98a1284b55cd59fd0d25489d22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f348bb4ae0699b186e6055db2b1142d872a6a3377a1d1156a3f24451925a6793
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51

pelotainvernal.com Open in urlscan Pro 54.208.89.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

363 Requests

87 %HTTPS

42 %IPv6

69 Domains

108 Subdomains

80 IPs

11 Countries

7806 kBTransfer

13495 kBSize

67 Cookies

3 Outgoing links

Redirected requests

363 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pelotainvernal.com Open in urlscan Pro
54.208.89.30 Public Scan

Screenshot
Live screenshot

Full Image

363
Requests

87 %
HTTPS

42 %
IPv6

69
Domains

108
Subdomains

80
IPs

11
Countries

7806 kB
Transfer

13495 kB
Size

67
Cookies

363 HTTP transactions
13 data transactions