depedlacarlota.com Open in urlscan Pro
192.124.249.57 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Submission: On August 04 via automatic, source openphish (August 4th 2023, 5:10:50 am UTC) — Scanned from DE

Summary HTTP 185 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 63 IPs in 10 countries across 43 domains to perform 185 HTTP transactions. The main IP is 192.124.249.57, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is depedlacarlota.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 16th 2023. Valid for: a year.

This is the only time depedlacarlota.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Juno (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
4	192.124.249.57 192.124.249.57	30148 (SUCURI-SEC) (SUCURI-SEC)
4	64.136.53.83 64.136.53.83	13446 (AS-NETZERO) (AS-NETZERO)
9	64.136.45.46 64.136.45.46	13446 (AS-NETZERO) (AS-NETZERO)
1	64.136.52.17 64.136.52.17	13446 (AS-NETZERO) (AS-NETZERO)
7	64.136.52.49 64.136.52.49	13446 (AS-NETZERO) (AS-NETZERO)
1	64.136.53.30 64.136.53.30	13446 (AS-NETZERO) (AS-NETZERO)
3	184.30.16.195 184.30.16.195	16625 (AKAMAI-AS) (AKAMAI-AS)
13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	216.52.2.6 216.52.2.6	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2602:803:c003... 2602:803:c003:200::45	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
3	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1	18.196.251.166 18.196.251.166	16509 (AMAZON-02) (AMAZON-02)
3	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	18.66.138.185 18.66.138.185	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
2	52.214.214.124 52.214.214.124	16509 (AMAZON-02) (AMAZON-02)
1 2	35.196.86.86 35.196.86.86	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	104.18.19.219 104.18.19.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
7	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
2	104.18.24.112 104.18.24.112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
6	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	216.52.2.91 216.52.2.91	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 16	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.4 143.204.98.4	16509 (AMAZON-02) (AMAZON-02)
2	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	13.32.99.35 13.32.99.35	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Arelion)
7	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
3 5	52.95.126.138 52.95.126.138	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
6 8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	54.144.249.67 54.144.249.67	14618 (AMAZON-AES) (AMAZON-AES)
3 3	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:9ed9:69f8:bfd6:471c	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
185	63

4 192.124.249.57 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10057.sucuri.net

depedlacarlota.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.136.53.83 (United States)

ASN13446 (AS-NETZERO, US)
PTR: webmail.vgs.netzero.net

webmail.uolstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webmail.netzero.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 64.136.45.46 (United States)

ASN13446 (AS-NETZERO, US)
PTR: my.dca.juno.com

my.juno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.136.52.17 (United States)

ASN13446 (AS-NETZERO, US)
PTR: feed.vgs.untd.com

feed.untd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 64.136.52.49 (United States)

ASN13446 (AS-NETZERO, US)
PTR: content.vgs.untd.com

static.uolcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.uolstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.136.53.30 (United States)

ASN13446 (AS-NETZERO, US)
PTR: track.vgs.untd.com

track.untd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.6 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

uol-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.251.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-251-166.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.138.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-185.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.214.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-214-124.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.196.86.86 (North Charleston, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 86.86.196.35.bc.googleusercontent.com

h.parrable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.219 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sc.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.112 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-sic.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

sic.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-4.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.95.126.138 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (Grosse Pointe, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.144.249.67 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-249-67.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.132 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:9ed9:69f8:bfd6:471c (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com 1 redirects 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	162 KB
21	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	377 KB
15	amazon-adsystem.com 5 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 380 aax.amazon-adsystem.com — Cisco Umbrella Rank: 457 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1114 s.amazon-adsystem.com — Cisco Umbrella Rank: 325	134 KB
15	pubmatic.com 1 redirects ads.pubmatic.com — Cisco Umbrella Rank: 574 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 603 t.pubmatic.com — Cisco Umbrella Rank: 2933 image6.pubmatic.com — Cisco Umbrella Rank: 813 image2.pubmatic.com — Cisco Umbrella Rank: 1030 simage2.pubmatic.com — Cisco Umbrella Rank: 793 simage4.pubmatic.com — Cisco Umbrella Rank: 1315	113 KB
12	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 584 eus.rubiconproject.com — Cisco Umbrella Rank: 622 token.rubiconproject.com — Cisco Umbrella Rank: 648 pixel.rubiconproject.com — Cisco Umbrella Rank: 393	15 KB
11	33across.com ssc.33across.com — Cisco Umbrella Rank: 4567 cdn-sic.33across.com — Cisco Umbrella Rank: 20049 sic.33across.com — Cisco Umbrella Rank: 16791 ssc-cms.33across.com — Cisco Umbrella Rank: 1218	121 KB
10	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com fonts.gstatic.com	200 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 418	219 KB
9	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 13509 sc.tynt.com — Cisco Umbrella Rank: 18167 ic.tynt.com — Cisco Umbrella Rank: 6476 de.tynt.com — Cisco Umbrella Rank: 1810	9 KB
9	juno.com my.juno.com — Cisco Umbrella Rank: 263475	81 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 750 gum.criteo.com — Cisco Umbrella Rank: 431 mug.criteo.com — Cisco Umbrella Rank: 2526 dis.criteo.com — Cisco Umbrella Rank: 664	8 KB
5	uolcontent.com static.uolcontent.com — Cisco Umbrella Rank: 125713	55 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2942	3 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
4	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 414 acdn.adnxs.com — Cisco Umbrella Rank: 594	36 KB
4	depedlacarlota.com depedlacarlota.com	36 KB
3	adform.net 3 redirects dmp.adform.net — Cisco Umbrella Rank: 3604 c1.adform.net — Cisco Umbrella Rank: 631	2 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 23029 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 23281	897 B
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 385	919 B
3	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3447
3	lijit.com ap.lijit.com — Cisco Umbrella Rank: 766 ce.lijit.com — Cisco Umbrella Rank: 1045	3 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 623	42 KB
3	netzero.net webmail.netzero.net — Cisco Umbrella Rank: 278469	9 KB
3	uolstatic.com webmail.uolstatic.com — Cisco Umbrella Rank: 187265 content.uolstatic.com — Cisco Umbrella Rank: 439174	36 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5239	560 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	113 KB
2	parrable.com 1 redirects h.parrable.com — Cisco Umbrella Rank: 4585	1 KB
2	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2986 sync.crwdcntrl.net — Cisco Umbrella Rank: 889	583 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 440	1 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 667 eb2.3lift.com — Cisco Umbrella Rank: 429	713 B
2	untd.com feed.untd.com — Cisco Umbrella Rank: 223562 track.untd.com — Cisco Umbrella Rank: 240970	36 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 391	645 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	619 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 836	610 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 878	589 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 892	795 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 2083	609 B
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 2739	73 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1118	405 B
1	openx.net uol-d.openx.net — Cisco Umbrella Rank: 146984	378 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 676	541 B
0	agkn.com Failed fid.agkn.com Failed
185	43

	Domain	Requested by
16	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com depedlacarlota.com 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
13	securepubads.g.doubleclick.net	static.uolcontent.com securepubads.g.doubleclick.net depedlacarlota.com www.googletagservices.com cdn-sic.33across.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com depedlacarlota.com
9	my.juno.com	depedlacarlota.com my.juno.com
8	cm.g.doubleclick.net	6 redirects
5	pixel.rubiconproject.com	3 redirects
5	aax-eu.amazon-adsystem.com	3 redirects ads.pubmatic.com
5	image2.pubmatic.com	ads.pubmatic.com
5	ssc-cms.33across.com	static.uolcontent.com
5	ic.tynt.com	depedlacarlota.com
5	static.uolcontent.com	webmail.uolstatic.com static.uolcontent.com depedlacarlota.com
4	token.rubiconproject.com	4 redirects
4	a.audrte.com	3 redirects ads.pubmatic.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	tpc.googlesyndication.com depedlacarlota.com 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
4	gum.criteo.com	1 redirects ads.pubmatic.com static.criteo.net
4	c.amazon-adsystem.com	static.uolcontent.com c.amazon-adsystem.com cdn-sic.33across.com
4	depedlacarlota.com	depedlacarlota.com static.uolcontent.com
3	s.amazon-adsystem.com	2 redirects
3	match.adsrvr.org	ads.pubmatic.com
3	aax.amazon-adsystem.com	c.amazon-adsystem.com
3	web.hb.ad.cpe.dotomi.com	static.uolcontent.com
3	ssc.33across.com	static.uolcontent.com
3	secure.adnxs.com	static.uolcontent.com
3	static.criteo.net	static.uolcontent.com depedlacarlota.com
3	ads.pubmatic.com	static.uolcontent.com ads.pubmatic.com
3	webmail.netzero.net	depedlacarlota.com
2	c1.adform.net	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	simage2.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	image6.pubmatic.com	1 redirects ads.pubmatic.com
2	eus.rubiconproject.com	static.uolcontent.com eus.rubiconproject.com
2	encrypted-tbn2.gstatic.com	734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
2	encrypted-tbn0.gstatic.com	734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	de.tynt.com	cdn.tynt.com
2	cdn-sic.33across.com	cdn.tynt.com cdn-sic.33across.com
2	www.googletagservices.com	securepubads.g.doubleclick.net 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
2	734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	h.parrable.com	1 redirects depedlacarlota.com
2	id5-sync.com	ads.pubmatic.com
2	bidder.criteo.com	static.criteo.net
2	ap.lijit.com	static.uolcontent.com
2	content.uolstatic.com	depedlacarlota.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	cms.quantserve.com	1 redirects
1	p.rfihub.com	1 redirects
1	dis.criteo.com	1 redirects
1	geo.privacymanager.io	ats.rlcdn.com
1	eb2.3lift.com
1	ats.rlcdn.com	ads.pubmatic.com
1	encrypted-tbn3.gstatic.com	734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
1	www.gstatic.com	734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
1	mug.criteo.com
1	ce.lijit.com	ap.lijit.com
1	sic.33across.com	cdn-sic.33across.com
1	acdn.adnxs.com	cdn-sic.33across.com
1	sc.tynt.com	cdn.tynt.com
1	cdn.tynt.com	depedlacarlota.com
1	lb.eu-1-id5-sync.com	ads.pubmatic.com
1	t.pubmatic.com	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	tlx.3lift.com	static.uolcontent.com
1	uol-d.openx.net	static.uolcontent.com
1	hbopenbid.pubmatic.com	static.uolcontent.com
1	fastlane.rubiconproject.com	static.uolcontent.com
1	htlb.casalemedia.com	static.uolcontent.com
1	track.untd.com	depedlacarlota.com
1	feed.untd.com	webmail.uolstatic.com
1	webmail.uolstatic.com	depedlacarlota.com
0	fid.agkn.com Failed	ads.pubmatic.com
185	79

This site contains links to these domains. Also see Links.

Domain
my.juno.com
help.juno.com
account.juno.com
www.juno.com
www.newser.com
track.juno.com

Subject Issuer	Validity	Valid
depedlacarlota.com Go Daddy Secure Certificate Authority - G2	`2023-06-16` - `2024-06-16`	a year	crt.sh
webmail.netzero.net Go Daddy Secure Certificate Authority - G2	`2023-07-12` - `2024-08-12`	a year	crt.sh
my.juno.com Go Daddy Secure Certificate Authority - G2	`2023-06-23` - `2024-07-11`	a year	crt.sh
feed.untd.com Go Daddy Secure Certificate Authority - G2	`2023-07-13` - `2024-07-25`	a year	crt.sh
content.uolstatic.com Go Daddy Secure Certificate Authority - G2	`2023-07-13` - `2024-07-27`	a year	crt.sh
track.netzero.net Go Daddy Secure Certificate Authority - G2	`2022-09-13` - `2023-09-25`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2023-07-03` - `2023-10-01`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Frame ID: 8142EB13B25C656035BDB4339A15FAA6
Requests: 83 HTTP requests in this frame

Frame: https://depedlacarlota.com/start/viewhttps://my.juno.com/redesign/common/phoenix/blankPhnx.html?v=34955
Frame ID: D155CB9634993322C847EAE88FDD8911
Requests: 1 HTTP requests in this frame

Frame: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 28146D75759E59D7EC6140F3B5078A53
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTJdis7TEcIRTHh9q7oIlKlHI0a_P3XjMIwkkf6IGMdsuhkmkuSbLCpO6wkwzj4orvpCDyNtUKsSjrPwO6ErOVnmPZnjJHSAQ7qCwMEyjcZdPD-rpCad3CB-1sOiFEmpvI8iw3dgU7E4Y_b9VJQnF6f2pll4mb7St8O1UIUfHtU2U2Mw8vfXF-0K4GzWsc47xV9b5hRbZSLk_yC2cMt8C3--cgnrD3s0V7LRFhQ5fH9R3qI8kat-c-ixwPpP0VAGRU4Uayo_utOOr0PZDCCccX98ps8p9jT0PuYR5_brVK5f8tb3pqCgmVUceZI9kLGdgjqinyr9jhyCye3hA&sai=AMfl-YSmGJ9jhpM5hscBJ90sgbvYlByzODtZ74f9jPoxczuxtNIGUA9ho0w-LaJvT-wIQQEYWHDkNiFD0xf-XvjHItqB_hOO-iDwlRgeuryPBDcMyA1hPz2FgyexBm4zjXmqodBN3Po9Y33vQoqHM2U&sig=Cg0ArKJSzN-5VqEp7xgkEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2FC2DC6B47CE29A3B93AF519B3E20BAE
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: 55350FB1858DAD4C08113E7D232092C8
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 7DC5E3F63BB6F667DFDE98D5C2D954C5
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0FD992996CFFB9C1E583949A46029F4D
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=depedlacarlota.com&us_privacy=1---
Frame ID: C9C4687FD9B2A47EB16D7AC174E0CCA1
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Frame ID: 16FD77E16C1F4756B26BCF7D4928D0FF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E11E5A03B8EC33FEA35AE917C9C94DAA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C45AAF80336E5E2688DBA5A3CF55633D
Requests: 2 HTTP requests in this frame

Frame: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 625768301B10125AB6975CC66F6E0CC3
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: 379FF2B9ACD1BB5C7EC5A2A2DE9F2F1E
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: 81841B4DD4559313264AC742F9F458A2
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 08BF92B8B291B471653BE4D357687AD9
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9027E6AAB2314E62C8100B8B3685AB86
Requests: 12 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=chfiOU1f0r64kDaKjGFx_2&us_privacy=1---
Frame ID: F98EDA1179B0B9C95EBE3EA5997865AE
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=crc8x21f0r64kDaKjGFx_2&us_privacy=1---
Frame ID: C1223F7CC83CAF51999A58A249EC1419
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a2Sl-k1f0r65XCaKlKyvbs&us_privacy=1---
Frame ID: 4363078A3F6D6E7770881365B370718C
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cmYvqS1f0r64kDaKjGFx_2&us_privacy=1---
Frame ID: 3AFFBDB8BC6484202694CE8134190F0F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cvYZ0g1f0r64kDaKjGFx_2&us_privacy=1---
Frame ID: 823622EE7D68D3E9C77B5698A6754742
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: C5972E967A4A269866899A255849CB2E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=424719251070108941
Frame ID: 7D05BD6850678FD67AA74A38B2CC1254
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 11E4986555EB37455AA20F19E1B47B08
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826344166623
Frame ID: 341881C3B393376B091C31D26CAF2DF7
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=417635AF-411E-4338-B837-CCB15368A6CE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: E81EDFDE53BA83420E1087530C134094
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1p4YPtiSTmvNnU8_hppWaISdGmnNzENr2ZuODk0L
Frame ID: 4AE9699F756B13FD1137605932AF2E0E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Juno - My Juno Personalized Start Page - Sign in

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

185
Requests

90 %
HTTPS

30 %
IPv6

43
Domains

79
Subdomains

63
IPs

10
Countries

1882 kB
Transfer

5264 kB
Size

48
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://my.juno.com/

Search URL Search Domain Scan URL

URL: https://help.juno.com/support/errors/eb06-myacct.html
Title: ID?

Search URL Search Domain Scan URL

URL: https://account.juno.com/s/resetpassword
Title: Password?

Search URL Search Domain Scan URL

URL: https://www.juno.com/freeemail
Title: Create A New Account

Search URL Search Domain Scan URL

URL: https://www.newser.com/story/338521/both-expelled-members-of-tennessee-three-win-their-seats-back.html?utm_source=part&utm_medium=uol&utm_campaign=rss_world_img_b
Title: Both Expelled Members of 'Tennessee Three' Win Their Seats Back

Search URL Search Domain Scan URL

URL: https://www.newser.com/story/338500/desantis-promises-to-start-slitting-throats.html?utm_source=part&utm_medium=uol&utm_campaign=rss_world_img_b
Title: DeSantis' Threat to Slit Throats Draws Response

Search URL Search Domain Scan URL

URL: https://www.newser.com/story/338504/brewer-says-sales-are-steady-after-dylan-mulvaney-backlash.html?utm_source=part&utm_medium=uol&utm_campaign=rss_world_img_b
Title: Bud Light: We've Weathered the Storm

Search URL Search Domain Scan URL

URL: https://www.newser.com/story/338485/louisiana-inmates-race-against-time-to-avoid-execution.html?utm_source=part&utm_medium=uol&utm_campaign=rss_world_img_b
Title: 56 of State's 57 Death Row Inmates Seek Clemency

Search URL Search Domain Scan URL

URL: https://www.newser.com/story/338478/with-earnings-locked-up-etsy-sellers-threaten-strike.html?utm_source=part&utm_medium=uol&utm_campaign=rss_world_img_b
Title: With Earnings Locked Up, Etsy Sellers Threaten Strike

Search URL Search Domain Scan URL

URL: http://www.newser.com/section/2/world-news-headlines.html?utm_source=part&utm_medium=uol&utm_campaign=rss_world_more_img_b
Title: More >>

Search URL Search Domain Scan URL

URL: https://www.newser.com/article/65f166c05c88a154da0e0fc61d336c1b/diana-taurasi-becomes-first-wnba-player-to-reach-10000-points-scoring-season-high-42-for-mercury.html?utm_source=part&utm_medium=uol&utm_campaign=rss_sports_img_b
Title: Diana Taurasi Becomes First WNBA Player to Reach 10,000 Points, S...

Search URL Search Domain Scan URL

URL: https://www.newser.com/article/90a5b84aed50e64f3f4674fb14c0cc62/arizona-in-talks-to-join-big-12-big-ten-discussing-membership-with-oregon-wash-ap-sources-say.html?utm_source=part&utm_medium=uol&utm_campaign=rss_sports_img_b
Title: Arizona in Talks to Join Big 12; Big Ten Discussing Membership Wi...

Search URL Search Domain Scan URL

URL: https://www.newser.com/article/ef4f17250771ffd4cd0b80ddf4e1212d/lights-go-out-during-second-half-of-jets-browns-hall-of-fame-game.html?utm_source=part&utm_medium=uol&utm_campaign=rss_sports_img_b
Title: Lights Go Out During Second Half of Jets-Browns Hall of Fame Game

Search URL Search Domain Scan URL

URL: https://www.newser.com/article/32b768a3dae01770e3d11be33a872119/russell-henleys-strong-finish-gives-him-a-62-and-a-1-shot-lead-at-wyndham.html?utm_source=part&utm_medium=uol&utm_campaign=rss_sports_img_b
Title: Russell Henley's Strong Finish Gives Him a 62 and a 1-shot Lead a...

Search URL Search Domain Scan URL

URL: https://www.newser.com/article/dfc04197f79b90898cb626eb0bb28259/days-after-his-wedding-jalen-brunson-is-on-the-court-with-usa-basketball.html?utm_source=part&utm_medium=uol&utm_campaign=rss_sports_img_b
Title: Days After His Wedding, Jalen Brunson Is on the Court With USA Ba...

Search URL Search Domain Scan URL

URL: http://www.newser.com/section/8/sports-news-headlines.html?utm_source=part&utm_medium=uol&utm_campaign=rss_sports_more_img_b
Title: More >>

Search URL Search Domain Scan URL

URL: https://my.juno.com/start/sp.do
Title: My Juno

Search URL Search Domain Scan URL

URL: https://track.juno.com/s/lc?s=&u=https://account.juno.com/s/account
Title: My Account

Search URL Search Domain Scan URL

URL: https://account.juno.com/s/landing
Title: Our Services

Search URL Search Domain Scan URL

URL: https://www.juno.com/start/landing.do?page=www/legal/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.juno.com/start/landing.do?page=www/legal/privacy#III
Title: About Ads

Search URL Search Domain Scan URL

URL: https://www.juno.com/start/landing.do?page=www/legal/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.juno.com/start/landing.do?page=www/legal/yourprivacyrights
Title: Your Privacy Rights: Do Not Sell My Info

Search URL Search Domain Scan URL

URL: https://my.juno.com/start/landing.do?page=www/legal/cookie
Title: Cookie Policy.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://h.parrable.com/prebid?data=eyJlaWQiOm51bGwsInRyYWNrZXJzIjpbIjAwOWEzMmI3LWI1OGMtNGJlNC1iZGNjLTczZDAwYzUzYjY5MSJdLCJ1cmwiOiJodHRwczovL2RlcGVkbGFjYXJsb3RhLmNvbS9ob3NzL2p1bm8uY29tL1NpZ24taW4ucGhwLyIsInByZWJpZFZlcnNpb24iOiI3LjM5LjAiLCJpc0lmcmFtZSI6ZmFsc2UsInRwY1N1cHBvcnQiOm51bGx9&gdpr=0&_rand=0.2832674026167694&us_privacy=1--- HTTP 302
https://h.parrable.com/prebid?data=eyJlaWQiOiIwMS4xNjkxMTI1ODQzLjY2YTBmOGUwNDVjMDkwNDkyMDQ4NGI4MWIxMDhkZGZmNWFjMmVhNDU5NjdhN2E4NDQwM2E3NWExZWJhYmM1OWVhYTE0OTcwOGRjMTI4NzI2OWRhMDEwMTMyYWZmNGU1YTE1OWEwMjFkZjk0MzU3NWIyNGU3ODFmOTU4NWMxYjUyYmFlYzdjMjRjNDY2ZTA1YzA2OWYiLCJ0cmFja2VycyI6WyIwMDlhMzJiNy1iNThjLTRiZTQtYmRjYy03M2QwMGM1M2I2OTEiXSwidXJsIjoiaHR0cHM6Ly9kZXBlZGxhY2FybG90YS5jb20vaG9zcy9qdW5vLmNvbS9TaWduLWluLnBocC8iLCJwcmViaWRWZXJzaW9uIjoiNy4zOS4wIiwiaXNJZnJhbWUiOmZhbHNlLCJ0cGNTdXBwb3J0IjpudWxsfQ..&gdpr=0&_rand=0.2832674026167694&us_privacy=1---&_sr=1

Request Chain 95

https://gum.criteo.com/sid/json?origin=publishertag&domain=depedlacarlota.com&sn=ChromeSyncframe&so=0&topUrl=depedlacarlota.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=PP5YynxyUmZ2cytiUm9QK0FGZWxzWXBSY2JHc3lhVUZ6cmZYR1BRWEJmVUNKVHNLS3d1VG1VekQ3T0FGWE1iV05BMXJLei9DNTNuZnNUNXQ1Uk04Ri9vbUJDazFKU2pibTdsdVdPUHJwK3dENVFjQk51UFU3UlE5bjFxdzFmZFZOQlNEemZjQVlyYWVySi9yT2tyMFphMktMQ2loVDk3VnQxb29SWmJCZjJrMmtmTDdQSGFkZ2lFNi9PVFh4K2I2bWNOVHFVUklKbVZrcUM1MXZaY2pJVTg5SWNIYkFyTTJGa0FCZ3EvVDNlaFdlb25kOFZqZFZOSnJYeUVLSFFtOU56NU5SQjR4bElPTjRRRFQzQzdZY1N0VXF3UGdPMUJ4OXpQNllpTENXdmdWVnRZND18&cppv=2

Request Chain 139

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODA_Zzx0gEQwAEYwAEyCOt0MOiXZvHz HTTP 301
https://tpc.googlesyndication.com/simgad/3881364954747983681

Request Chain 162

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=424719251070108941

Request Chain 163

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 164

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826344166623

Request Chain 165

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=417635AF-411E-4338-B837-CCB15368A6CE&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=417635AF-411E-4338-B837-CCB15368A6CE&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 166

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1p4YPtiSTmvNnU8_hppWaISdGmnNzENr2ZuODk0L

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QXY1r0EeQzi4N8yxU2imzg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 169

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1755522020 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=417635AF-411E-4338-B837-CCB15368A6CE

Request Chain 170

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=417635AF-411E-4338-B837-CCB15368A6CE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NDRnd3JtMjhwLWdRY3FqMUl3RWZ1dWltUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=6857371849744593756&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDE3NjM1QUYtNDExRS00MzM4LUI4MzctQ0NCMTUzNjhBNkNF&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBA0uZH2fIerDwZCvkaZQ40&google_cver=1

Request Chain 174

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6857371849744593756

Request Chain 176

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtXNE5WWFEtMVAtNDhBRg==&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKCJv_h0HDYHW1jugFXAbOw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtXNE5WWFEtMVAtNDhBRg==&google_push=

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELiysYHLnEEWM6VwXXUVOnE&google_cver=1

Request Chain 178

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qJS2W44WS5G_vyr_gP315g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qJS2W44WS5G_vyr_gP315g

Request Chain 179

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uDnBgj9hQae7fI8fCdgaGg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uDnBgj9hQae7fI8fCdgaGg

Request Chain 181

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGJiYzY3MTA5N2IwMGQzMzI1MzlhNWFlYzk1YWYxODkwZWY1OTcwYQ&us_privacy=1---

Request Chain 182

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/PWCrWKMqKMTBzb4PLRAlusn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Y6RWFpxE2oIa.EAGx2JVzsktC.Tzp24e6Pr14A--~A

Request Chain 183

https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKW4NVXQ-1P-48AF&us_privacy=1---

185 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
depedlacarlota.com/hoss/juno.com/Sign-in.php/ 27 KB
9 KB 132ms
39ms Document
text/html 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

cd3f935ae27692c1a349dea244d728367595e58cd53d63bb267688d61619412d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-length: 8757
content-security-policy: upgrade-insecure-requests;
content-type: text/html
date: Fri, 04 Aug 2023 05:10:38 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: HIT
x-sucuri-id: 15007
x-xss-protection: 1; mode=block

GET
H2 404 pageview.js
depedlacarlota.com/common/js/ 0
0 612ms
611ms Script
text/html 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://depedlacarlota.com/common/js/pageview.js

Requested by

Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:39 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=iso-8859-1
x-sucuri-cache: EXPIRED
x-sucuri-id: 15007
content-length: 315
x-xss-protection: 1; mode=block

GET
H2 200 jQuery.js Show response
webmail.uolstatic.com/js_c/l/jq/1.12.4/ 95 KB
33 KB 1502ms
183ms Script
application/x-javascript 64.136.53.83
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.uolstatic.com/js_c/l/jq/1.12.4/jQuery.js
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.53.83 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: webmail.vgs.netzero.net
Software: Apache /
Resource Hash: b5e27fd7a1e52a127c658e4f6dab7986ba6efee03075fe387143608f82afd1c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:40 GMT
content-encoding: gzip
last-modified: Wed, 07 Aug 2019 09:31:26 GMT
server: Apache
etag: "8355-58f839ae8f780"
p3p: policyref="http://my.netzero.net/common/w3c/netzero.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
content-type: application/x-javascript
cache-control: max-age=31536000, private
accept-ranges: bytes
content-length: 33621
expires: Sat, 03 Aug 2024 05:10:40 GMT

GET
H/1.1 200
OK bootstrap.min.css
my.juno.com/redesign/common/css/ 99 KB
17 KB 594ms
126ms Stylesheet
text/css 64.136.45.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/redesign/common/css/bootstrap.min.css?v=42606
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.45.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.dca.juno.com
Software: Apache /
Resource Hash: 11c74aed50911d54c04455fe1d9c04f42c5f6cf438a94976f890f25f2a59f699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 05:10:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Oct 2014 05:19:27 GMT
Server: Apache
ETag: "18cdb-50674ca8155c0"
Content-Type: text/css
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 17247
Expires: Sat, 29 Jun 2024 05:10:39 GMT

GET
H/1.1 200
OK common-redesign.css
my.juno.com/redesign/common/css/ 22 KB
5 KB 594ms
127ms Stylesheet
text/css 64.136.45.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/redesign/common/css/common-redesign.css?v=50388
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.45.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.dca.juno.com
Software: Apache /
Resource Hash: 530a7ec85c99a87c16767bea53210c18c3ec6c45449c931931276271d5b58bbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 05:10:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Mar 2018 10:13:07 GMT
Server: Apache
ETag: "5982-566f809ddb2c0"
Content-Type: text/css
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 4945
Expires: Sat, 29 Jun 2024 05:10:39 GMT

GET
H/1.1 200
OK sp-redesign.css
my.juno.com/static/start/view/common/css/ 45 KB
10 KB 591ms
124ms Stylesheet
text/css 64.136.45.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/static/start/view/common/css/sp-redesign.css?v=46787
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.45.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.dca.juno.com
Software: Apache /
Resource Hash: 4326543f6822fa60a37c13f57bffe8696d990d4a4cd38565f17a38844d98884c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 05:10:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Feb 2023 04:43:30 GMT
Server: Apache
ETag: "b413-5f43d05bce080"
Content-Type: text/css
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 9842
Expires: Sat, 29 Jun 2024 05:10:39 GMT

GET
H/1.1 200
OK common-redesign.js Show response
my.juno.com/redesign/common/js/ 9 KB
3 KB 591ms
123ms Script
application/x-javascript 64.136.45.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/redesign/common/js/common-redesign.js?v=2345
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.45.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.dca.juno.com
Software: Apache /
Resource Hash: 293a55ecf8395b41ce9f3520d72cfc943bf09807aac64595855a8a380f76f19e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 05:10:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Jan 2019 03:46:52 GMT
Server: Apache
ETag: "235b-57f268ba6c300"
Content-Type: application/x-javascript
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 2679
Expires: Sat, 29 Jun 2024 05:10:39 GMT

GET
H/1.1 200
OK mobile-detect.min.js Show response
my.juno.com/static/start/view/common/js/ 35 KB
15 KB 592ms
124ms Script
application/x-javascript 64.136.45.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/static/start/view/common/js/mobile-detect.min.js
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.45.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.dca.juno.com
Software: Apache /
Resource Hash: 6ba6cfb901156845a6d571c65a55728e59509155f4c05f49a9fc42c2682ee367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 05:10:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2015 10:37:38 GMT
Server: Apache
ETag: "8b85-51ed55f392080"
Content-Type: application/x-javascript
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 14933
Expires: Sat, 29 Jun 2024 05:10:39 GMT

GET
H/1.1 200
OK j_logo.png
my.juno.com/redesign/common/images/ 10 KB
11 KB 123ms
123ms Image
image/png 64.136.45.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.juno.com/redesign/common/images/j_logo.png
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.45.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.dca.juno.com
Software: Apache /
Resource Hash: a3bd4d5f4d5b6ccc9573c2bdb34fda04e96aff2f99bf162f3784acff5ab0bb32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 05:10:39 GMT
Last-Modified: Wed, 22 Mar 2017 10:00:56 GMT
Server: Apache
ETag: "2983-54b4ed6278600"
Content-Type: image/png
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 10627
Expires: Sat, 29 Jun 2024 05:10:39 GMT

GET
H2 200 captcha.do.jpg
depedlacarlota.com/hoss/juno.com/Sign-in.php/ 27 KB
27 KB 223ms
222ms Image
text/html 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://depedlacarlota.com/hoss/juno.com/Sign-in.php/captcha.do.jpg

Requested by

Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:39 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html
x-sucuri-cache: BYPASS
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-sucuri-id: 15007
content-length: 8757
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK sp-text-feeds.js Show response
my.juno.com/static/start/view/common/js/ 11 KB
2 KB 123ms
123ms Script
application/x-javascript 64.136.45.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/static/start/view/common/js/sp-text-feeds.js?v=53513
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.45.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.dca.juno.com
Software: Apache /
Resource Hash: 35d54aea0904a49c26427aa821f53f9d5c5297a5b9455ab526164f48f836d4d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 05:10:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 13:34:37 GMT
Server: Apache
ETag: "2b5c-5b256a44d1540"
Content-Type: application/x-javascript
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1960
Expires: Sat, 29 Jun 2024 05:10:39 GMT

GET
H/1.1 200
OK speed-detector.js Show response
my.juno.com/redesign/common/js/vendor/ 3 KB
2 KB 122ms
122ms Script
application/x-javascript 64.136.45.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/redesign/common/js/vendor/speed-detector.js?v=20930
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.45.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.dca.juno.com
Software: Apache /
Resource Hash: d762c0ab92d46134c186e1a5c1c21ed4484836560ad255af4d3937c30dc983e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 05:10:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Aug 2018 04:30:23 GMT
Server: Apache
ETag: "c90-572d0da3195c0"
Content-Type: application/x-javascript
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1325
Expires: Sat, 29 Jun 2024 05:10:39 GMT

GET
H2 200 feed Show response
feed.untd.com/feed/ 35 KB
35 KB 704ms
183ms Script
application/javascript 64.136.52.17
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.untd.com/feed/feed?action=multifeed&synd=fd_newser_rss_entertainment,fd_newser_rss_topnews,fd_newser_rss_us_world,fd_newser_rss_sports,fd_newser_rss_science,fd_newser_rss_crime&format=jsonp&callback=jsoncallback&_=1691125840605
Requested by: Host: webmail.uolstatic.com
URL: https://webmail.uolstatic.com/js_c/l/jq/1.12.4/jQuery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.52.17 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: feed.vgs.untd.com
Software: /
Resource Hash: 9d48c5632f1135b68ed34c30220348156593a68ee4bc96a7131f30f6eed4c7db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: application/javascript
date: Fri, 04 Aug 2023 05:10:41 GMT
content-length: 35608
p3p: policyref="http://my.untd.com/common/w3c/untd.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"

GET
H/1.1 200
OK mobile-detect.min.js Show response
my.juno.com/static/start/view/common/js/ 35 KB
15 KB 124ms
124ms Script
application/x-javascript 64.136.45.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/static/start/view/common/js/mobile-detect.min.js
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.45.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.dca.juno.com
Software: Apache /
Resource Hash: 6ba6cfb901156845a6d571c65a55728e59509155f4c05f49a9fc42c2682ee367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 05:10:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2015 10:37:38 GMT
Server: Apache
ETag: "8b85-51ed55f392080"
Content-Type: application/x-javascript
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 14933
Expires: Sat, 29 Jun 2024 05:10:40 GMT

GET OmnesBlack-Italic.otf
my.juno.com/redesign/common/fonts/ 0
0

GET
H2 200 hdr_lg_new_accl_n.gif
webmail.netzero.net/images/headers/ 3 KB
3 KB 189ms
188ms Image
image/gif 64.136.53.83
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webmail.netzero.net/images/headers/hdr_lg_new_accl_n.gif?ts=1691125840755
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.53.83 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: webmail.vgs.netzero.net
Software: Apache /
Resource Hash: fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:40 GMT
last-modified: Fri, 25 Sep 2009 12:30:24 GMT
server: Apache
etag: "c27-474661cb5b800"
p3p: policyref="http://my.netzero.net/common/w3c/netzero.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3111
expires: Mon, 01 Aug 2033 05:10:40 GMT

GET
H2 200 as-3.1.12.min.js Show response
static.uolcontent.com/js_api/ 145 KB
47 KB 904ms
184ms Script
text/javascript 64.136.52.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Requested by: Host: webmail.uolstatic.com
URL: https://webmail.uolstatic.com/js_c/l/jq/1.12.4/jQuery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.52.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.vgs.untd.com
Software: lighttpd /
Resource Hash: 5a3112f7fd15b6e4ccb92bcab0878396af953c3511544098b2d0f8c909a60f9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:41 GMT
content-encoding: gzip
last-modified: Tue, 22 Mar 2022 05:43:57 GMT
server: lighttpd
etag: "280434415"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 47636
expires: Mon, 29 Jul 2024 05:10:41 GMT

GET
H2 200 hdr_lg_new_accl_n.gif
webmail.netzero.net/images/headers/ 3 KB
3 KB 188ms
187ms Image
image/gif 64.136.53.83
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webmail.netzero.net/images/headers/hdr_lg_new_accl_n.gif?ts=1691125840946
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.53.83 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: webmail.vgs.netzero.net
Software: Apache /
Resource Hash: fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:41 GMT
last-modified: Fri, 25 Sep 2009 12:30:24 GMT
server: Apache
etag: "c27-474661cb5b800"
p3p: policyref="http://my.netzero.net/common/w3c/netzero.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3111
expires: Mon, 01 Aug 2033 05:10:41 GMT

GET
H2 200 hdr_lg_new_accl_n.gif
webmail.netzero.net/images/headers/ 3 KB
3 KB 183ms
182ms Image
image/gif 64.136.53.83
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webmail.netzero.net/images/headers/hdr_lg_new_accl_n.gif?ts=1691125841138
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.53.83 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: webmail.vgs.netzero.net
Software: Apache /
Resource Hash: fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:41 GMT
last-modified: Fri, 25 Sep 2009 12:30:24 GMT
server: Apache
etag: "c27-474661cb5b800"
p3p: policyref="http://my.netzero.net/common/w3c/netzero.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3111
expires: Mon, 01 Aug 2033 05:10:41 GMT

GET
H/1.1 200 oasrdb
track.untd.com/s/ 43 B
434 B 935ms
194ms Image
image/gif 64.136.53.30
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.untd.com/s/oasrdb?pid=SDS&profile=1&ts=1691125841333
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.53.30 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: track.vgs.untd.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 05:10:42 GMT
Server
Content-Type: image/gif
P3P: policyref="http://my.untd.com/common/w3c/untd.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control: no-cache,post-check=0,pre-check=0
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 43
Expires: 0

GET
H2 200 fd_newser_rss_us_world.gif
content.uolstatic.com/feed/img/logo/ 1 KB
2 KB 491ms
185ms Image
image/gif 64.136.52.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.uolstatic.com/feed/img/logo/fd_newser_rss_us_world.gif
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.52.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.vgs.untd.com
Software: lighttpd /
Resource Hash: cd43e2ff94fccb39f756a6a4e87eeec4a2be6f40ce297fb8e122ac87d72a0355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:42 GMT
last-modified: Wed, 25 Jan 2017 06:19:18 GMT
server: lighttpd
etag: "2886228862"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1493
expires: Sun, 03 Sep 2023 05:10:42 GMT

GET
H2 200 fd_newser_rss_sports.gif
content.uolstatic.com/feed/img/logo/ 1 KB
2 KB 490ms
183ms Image
image/gif 64.136.52.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.uolstatic.com/feed/img/logo/fd_newser_rss_sports.gif
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.52.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.vgs.untd.com
Software: lighttpd /
Resource Hash: cd43e2ff94fccb39f756a6a4e87eeec4a2be6f40ce297fb8e122ac87d72a0355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:42 GMT
last-modified: Mon, 24 Dec 2018 11:26:02 GMT
server: lighttpd
etag: "2793063028"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1493
expires: Sun, 03 Sep 2023 05:10:42 GMT

GET
H2 200 aconfig Show response
static.uolcontent.com/cgi/ 26 KB
8 KB 551ms
184ms Fetch
application/json 64.136.52.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://static.uolcontent.com/cgi/aconfig?site=uolstart&apiVersion=3.1.12&brand=JU&format=json
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.52.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.vgs.untd.com
Software: lighttpd /
Resource Hash: e34a5dc7cc665acae94891933b79917b07a459cdef76b6911e7f1bc00b923e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:42 GMT
content-encoding: gzip
last-modified: Mon, 24 Apr 2023 07:15:03 GMT
server: lighttpd
etag: "3143398368"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 7574

GET
H2 200 spacer.gif
static.uolcontent.com/images/ 43 B
178 B 183ms
183ms Image
image/gif 64.136.52.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.uolcontent.com/images/spacer.gif?msg=AS%3AI%3AsessLog%3Auh%3D%26site%3Duolstart%26dnt%3D0%26dapp%3D0%26dnw%3D4g%26deval%3D0&command=ADLOG&count=1691125842374
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.52.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.vgs.untd.com
Software: lighttpd /
Resource Hash: 71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:42 GMT
last-modified: Wed, 04 Jan 2017 07:38:14 GMT
server: lighttpd
etag: "4030218971"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43
expires: Sun, 03 Sep 2023 05:10:42 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157483/3750/ 235 KB
78 KB 141ms
42ms Script
application/javascript 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157483/3750/pwt.js
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: daa54161f99fc0c8d5cd52f3704c5f0c92e0d476fdec49ac22cff9415579b3e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:04:19 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=23592
accept-ranges: bytes
content-length: 79447
expires: Fri, 04 Aug 2023 11:43:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 209ms
122ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3251288b9aea12273a3e89236d3ba25480172bc85071466afac758a5fde3f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27678
x-xss-protection: 0
server: cafe
etag: 924 / 19573 / m202307310101 / config-hash: 10861726234437032503
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:10:43 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 246 KB
60 KB 142ms
44ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 04:12:07 GMT
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront), 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 19:49:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1, FRA56-P6
age: 3517
x-amz-server-side-encryption: AES256
etag: W/"a7247ead77dd201b1e56acf0e565194b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: AIIAgquQmO6Mxo1ru-UcO7LmSKbHSCJFH0f0G-pyjuH_gwZGZA4x9g==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 127 KB
41 KB 183ms
90ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cfe5353a092600c0a14d95620f3dc6609bef7a0d3ea9a50d6bb4be26ecd33c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-1fa57"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 05 Aug 2023 05:10:43 GMT

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ 6 KB
3 KB 155ms
47ms Script
text/javascript 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13392629&uid=united_online
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 05:10:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 May 2023 18:01:56 GMT
Server: nginx
ETag: W/"64593914-17e9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Fri, 04 Aug 2023 06:10:43 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 31 B
541 B 146ms
54ms Fetch
application/json 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?ac=j&sd=1&v=7.2&s=190480&r=%7B%22id%22%3A%22433762889%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F%22%2C%22ref%22%3A%22%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22386418105%22%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21228205%2FLBT_TOP_LOG_ATF%23Top3%22%2C%22gpid%22%3A%22%2F21228205%2FLBT_TOP_LOG_ATF%23Top3%22%2C%22siteID%22%3A190480%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22271759305%22%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21228205%2FLBL_BTM_LOG_BTF%23Bottom4%22%2C%22gpid%22%3A%22%2F21228205%2FLBL_BTM_LOG_BTF%23Bottom4%22%2C%22siteID%22%3A190477%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22563468899%22%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21228205%2FMRT_TOP_LOG_ATF%23Left2%22%2C%22gpid%22%3A%22%2F21228205%2FMRT_TOP_LOG_ATF%23Left2%22%2C%22siteID%22%3A190476%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd883133a5d791c2d1a818e0380ff88b0d3cb7ba464c74273cd78ec3f59eb0c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNc1ykRnwYjF3MYvTIovvkwNmwSLdaMZLJxen3S9B%2FRQxn5L7M6PBuiuERfYXllITnqrfqTceJwJZ6EgA7QAyfk1M7zt2yhqeQCncxizOsgRExchNJlBGKgx0PmUIWqJbFnaM60b"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://depedlacarlota.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7f144ba7cae0699f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 507 B
2 KB 276ms
43ms Fetch
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20470&site_id=249838&p_screen_res=1600x1200&tk_flint=uol-ad.js-3.1.12&rp_secure=1&rp_floor=0.01&rf=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F&zone_id=1240574%3B1240558%3B1240550&size_id=2%3B2%3B15&p_pos=atf%3Batf%3Bbtf&x_source.tid=953315869%3B427824620%3B680317666&rand=001735897&slots=3&us_privacy=1---
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f37bca866f5cad4c9d7449e745eb103fda6649e5a1915b63655ef8f5277f4929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://depedlacarlota.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator
hbopenbid.pubmatic.com/ 0
0 170ms
54ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://depedlacarlota.com
date: Fri, 04 Aug 2023 05:10:43 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
uol-d.openx.net/w/1.0/ 72 B
378 B 154ms
52ms Fetch
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://uol-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.7&nocache=1691125843058&ns=0&aus=728x90%7C728x90%7C300x250&dddid=910857927%2C331302041%2C423128464&auid=540737102%2C540737103%2C540737100&us_privacy=1---
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 8125632f7d09f54a0bd0c7fcfdfd83db31bdf5b98f0df5c47ef076de58ddd1d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://depedlacarlota.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 jpt Show response
secure.adnxs.com/ 0
531 B 145ms
44ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?&id=10431377&size=728x90&us_privacy=1---&referrer=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F&_=1691125843060&callback=asJSONPCB_1691125842368

Requested by

Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
an-x-request-uuid: f71245e1-41ea-48e3-9060-f544eba09edc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.107; 80.255.7.107; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 jpt Show response
secure.adnxs.com/ 0
530 B 149ms
48ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?&id=10431373&size=728x90&us_privacy=1---&referrer=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F&_=1691125843060&callback=asJSONPCB_1691125842369

Requested by

Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
an-x-request-uuid: e4b407d8-0124-4aea-b06a-6011e63b9a79
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.107; 80.255.7.107; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 jpt Show response
secure.adnxs.com/ 0
530 B 145ms
45ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?&id=10431369&size=300x250&us_privacy=1---&referrer=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F&_=1691125843061&callback=asJSONPCB_1691125842370

Requested by

Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
an-x-request-uuid: bfa6ca7c-f07f-4d9d-a75c-0355e0d60bbe
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.107; 80.255.7.107; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 60 B
152 B 223ms
133ms Fetch
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cmYvqS1f0r64kDaKjGFx_2
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: ae3aca338efaa4d9fd95092fd1da6fe75f0e2e70dbd8a27075ae230022cebea7

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://depedlacarlota.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 60 B
152 B 228ms
138ms Fetch
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=crc8x21f0r64kDaKjGFx_2
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: ad7c8760b4603216ce9b59c3656676f1b53f9f55c89d089120642afc9d06eadc

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://depedlacarlota.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 60 B
316 B 222ms
132ms Fetch
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=a2Sl-k1f0r65XCaKlKyvbs
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: d981a9a97dff32486bd8b956cb51dd9548feb2b1da19dfbe21185941536154b2

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://depedlacarlota.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
573 B 128ms
39ms Fetch
application/json 18.196.251.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=uol-ad.js&v=3.1.12&us_privacy=1---&referrer=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F

Requested by

Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.196.251.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-251-166.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt
x-auction-status: 3, 3, 3
content-type: application/json; charset=utf-8
access-control-allow-origin: https://depedlacarlota.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 24
web.hb.ad.cpe.dotomi.com/s2s/header/ 0
0 191ms
42ms Fetch 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://depedlacarlota.com
pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: 0

POST
H2 204 24
web.hb.ad.cpe.dotomi.com/s2s/header/ 0
0 189ms
41ms Fetch 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://depedlacarlota.com
pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: 0

POST
H2 204 24
web.hb.ad.cpe.dotomi.com/s2s/header/ 0
0 188ms
41ms Fetch 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://depedlacarlota.com
pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 18 B
399 B 144ms
51ms Fetch
application/json 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=uol-ad.js-3.1.12
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 259ec1ae107a174e941ffbc7771dc2bc3b91269e15e56a3483cef01d2ed17a25

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 04 Aug 2023 05:10:43 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://depedlacarlota.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 18

GET
H2 404 blankPhnx.html Show response
depedlacarlota.com/start/viewhttps://my.juno.com/redesign/common/phoenix/ Frame D155 315 B
546 B 180ms
179ms Document
text/html 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://depedlacarlota.com/start/viewhttps://my.juno.com/redesign/common/phoenix/blankPhnx.html?v=34955

Requested by

Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 315
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=iso-8859-1
date: Fri, 04 Aug 2023 05:10:42 GMT
server: nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: EXPIRED
x-sucuri-id: 15007
x-xss-protection: 1; mode=block

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 123ms
44ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
date: Fri, 04 Aug 2023 05:10:43 GMT
x-amz-cf-pop: FRA56-P6
age: 53306
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: lFZCvhZ1s2hAJjQrfZznLqaOyAQsDPfOcPlhTsTd4-PsPK8A1_j-FQ==

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
505 B 488ms
361ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3406&u=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F&pid=WxWoT8PNB0wIM&cb=0&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22Top3%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2210022%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22Bottom4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2210015%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22Left2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2210007%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: 9QQ4A80J56SKR7CTXYTB
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://depedlacarlota.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: MLbZJ8GzYj10iol4cWxIyGi5TZa4yrHoi2t7DZgAdfkqby_fXpBECA==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223406%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
418 B 192ms
67ms Fetch
image/gif 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223406%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fdepedlacarlota.com%252Fhoss%252Fjuno.com%252FSign-in.php%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: QCDBKX7VFAZHZHGQ1TYR
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: 9QOlQMhOAQ_ewbMRvTyNuWzLxtG4EXJP5r0dOkZw_9qma8cN4Xo0Ow==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223406%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidError%22%2C%22feat%22%3... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
416 B 192ms
69ms Fetch
image/gif 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223406%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidError%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fdepedlacarlota.com%252Fhoss%252Fjuno.com%252FSign-in.php%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: MJJYPCZDWENMPW9XAWXT
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: k32HM0lGhoMDFW9AeBu78yvJfiLj_b5aCxEknlfu8JIQi4-AM9AU8Q==

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
197 B 146ms
42ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=139&profileId=184&cb=48800062212

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://depedlacarlota.com
date: Fri, 04 Aug 2023 05:10:42 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 151ms
49ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdepedlacarlota.com%2F&domain=depedlacarlota.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://depedlacarlota.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://depedlacarlota.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 04 Aug 2023 05:10:43 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 195474
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
377 B 145ms
49ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdepedlacarlota.com%2F&domain=depedlacarlota.com&cw=1&pbt=1&lsw=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157483/3750/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:42 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://depedlacarlota.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 152266
expires: 0

GET f
fid.agkn.com/ 0
0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
547 B 126ms
40ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157483/3750/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

dc355ade68d305d357c2bf683b812f0f3ed084a13676d3195c7e12b9533634a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://depedlacarlota.com
date: Fri, 04 Aug 2023 05:10:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
318 B 185ms
54ms XHR
application/json 52.214.214.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?us_privacy=1---&c=17207
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157483/3750/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.214.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-214-124.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://depedlacarlota.com
cache-control: no-cache
x-server: 10.45.27.3
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H/1.1

200

prebid Show response
h.parrable.com/
Redirect Chain

https://h.parrable.com/prebid?data=eyJlaWQiOm51bGwsInRyYWNrZXJzIjpbIjAwOWEzMmI3LWI1OGMtNGJlNC1iZGNjLTczZDAwYzUzYjY5MSJdLCJ1cmwiOiJodHRwczovL2RlcGVkbGFjYXJsb3RhLmNvbS9ob3NzL2p1bm8uY29tL1NpZ24taW4ucG...
https://h.parrable.com/prebid?data=eyJlaWQiOiIwMS4xNjkxMTI1ODQzLjY2YTBmOGUwNDVjMDkwNDkyMDQ4NGI4MWIxMDhkZGZmNWFjMmVhNDU5NjdhN2E4NDQwM2E3NWExZWJhYmM1OWVhYTE0OTcwOGRjMTI4NzI2OWRhMDEwMTMyYWZmNGU1YTE1OW...

265 B
572 B

408ms
144ms

XHR
application/json

35.196.86.86
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.parrable.com/prebid?data=eyJlaWQiOiIwMS4xNjkxMTI1ODQzLjY2YTBmOGUwNDVjMDkwNDkyMDQ4NGI4MWIxMDhkZGZmNWFjMmVhNDU5NjdhN2E4NDQwM2E3NWExZWJhYmM1OWVhYTE0OTcwOGRjMTI4NzI2OWRhMDEwMTMyYWZmNGU1YTE1OWEwMjFkZjk0MzU3NWIyNGU3ODFmOTU4NWMxYjUyYmFlYzdjMjRjNDY2ZTA1YzA2OWYiLCJ0cmFja2VycyI6WyIwMDlhMzJiNy1iNThjLTRiZTQtYmRjYy03M2QwMGM1M2I2OTEiXSwidXJsIjoiaHR0cHM6Ly9kZXBlZGxhY2FybG90YS5jb20vaG9zcy9qdW5vLmNvbS9TaWduLWluLnBocC8iLCJwcmViaWRWZXJzaW9uIjoiNy4zOS4wIiwiaXNJZnJhbWUiOmZhbHNlLCJ0cGNTdXBwb3J0IjpudWxsfQ..&gdpr=0&_rand=0.2832674026167694&us_privacy=1---&_sr=1
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: HTTP/1.1
Server: 35.196.86.86 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 86.86.196.35.bc.googleusercontent.com
Software: /
Resource Hash: ed90fe0b87ad869e2f6bc139d5693e277d5038adb252b90178e8fd9c059fec57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://depedlacarlota.com
Date: Fri, 04 Aug 2023 05:10:44 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Connection: close
Transfer-Encoding: chunked
Content-Type: application/json

Redirect headers

Location: /prebid?data=eyJlaWQiOiIwMS4xNjkxMTI1ODQzLjY2YTBmOGUwNDVjMDkwNDkyMDQ4NGI4MWIxMDhkZGZmNWFjMmVhNDU5NjdhN2E4NDQwM2E3NWExZWJhYmM1OWVhYTE0OTcwOGRjMTI4NzI2OWRhMDEwMTMyYWZmNGU1YTE1OWEwMjFkZjk0MzU3NWIyNGU3ODFmOTU4NWMxYjUyYmFlYzdjMjRjNDY2ZTA1YzA2OWYiLCJ0cmFja2VycyI6WyIwMDlhMzJiNy1iNThjLTRiZTQtYmRjYy03M2QwMGM1M2I2OTEiXSwidXJsIjoiaHR0cHM6Ly9kZXBlZGxhY2FybG90YS5jb20vaG9zcy9qdW5vLmNvbS9TaWduLWluLnBocC8iLCJwcmViaWRWZXJzaW9uIjoiNy4zOS4wIiwiaXNJZnJhbWUiOmZhbHNlLCJ0cGNTdXBwb3J0IjpudWxsfQ..&gdpr=0&_rand=0.2832674026167694&us_privacy=1---&_sr=1
Access-Control-Allow-Origin: https://depedlacarlota.com
Date: Fri, 04 Aug 2023 05:10:44 GMT
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
391 B 179ms
57ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157483/3750/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: d30efee02600bf3071762aa2a29aa80c5cc9f07d64691600fad14b434df0b828

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://depedlacarlota.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 03 Sep 2023 05:10:43 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/ 398 KB
126 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ba45f09154352c61c79884a4662a0bc6c74282798088571f5271cd290361d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:49:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30055
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129139
x-xss-protection: 0
server: cafe
etag: 14350311164880230944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 02 Aug 2024 20:49:48 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 40 B
68 B 153ms
72ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=depedlacarlota.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddb0dbffcb906bc22ab388ac57e6f4a9769d57dd97c4c88bc32a68d03aa2980d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
expires: Fri, 04 Aug 2023 05:10:43 GMT

GET
H2 200 spacer.gif
static.uolcontent.com/images/ 43 B
135 B 184ms
183ms Image
image/gif 64.136.52.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Arubicon%20bidding%20errors%3A%20Top3%3Aerror-15-internal-error%2CBottom4%3Aerror-15-internal-error%2CLeft2%3Aerror-15-internal-error&command=ADLOG&count=1691125843372
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.52.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.vgs.untd.com
Software: lighttpd /
Resource Hash: 71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
last-modified: Wed, 04 Jan 2017 07:38:14 GMT
server: lighttpd
etag: "4030218971"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43
expires: Sun, 03 Sep 2023 05:10:43 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
121 B 43ms
43ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 47ms
46ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 29 Jul 2024 05:10:43 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 45ms
45ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 29 Jul 2024 05:10:43 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
183 B 158ms
44ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=157483
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157483/3750/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:43 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://depedlacarlota.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
405 B 129ms
40ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157483/3750/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

387e903b87139788e890b1779db8705b589e12aa25fc70096cf190716503585f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://depedlacarlota.com
date: Fri, 04 Aug 2023 05:10:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 98ms
98ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a7c1ace940c0a0e0746d4b9cb585cd62b4723effa8eec7ae1b02d75404ad528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12364
x-xss-protection: 0
google-lineitem-id: 5401007683
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314675402
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://depedlacarlota.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2814 6 KB
3 KB 156ms
47ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://depedlacarlota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:10:43 GMT
expires: Sat, 03 Aug 2024 05:10:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200 658.json Show response
id5-sync.com/g/v2/ 276 B
689 B 124ms
42ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/658.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157483/3750/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

cbb059be49618778c98989db369709c42f767a23456b951490726fe5a334e125

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://depedlacarlota.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://depedlacarlota.com
date: Fri, 04 Aug 2023 05:10:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2FC2 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTJdis7TEcIRTHh9q7oIlKlHI0a_P3XjMIwkkf6IGMdsuhkmkuSbLCpO6wkwzj4orvpCDyNtUKsSjrPwO6ErOVnmPZnjJHSAQ7qCwMEyjcZdPD-rpCad3CB-1sOiFEmpvI8iw3dgU7E4Y_b9VJQnF6f2pll4mb7St8O1UIUfHtU2U2Mw8vfXF-0K4GzWsc47xV9b5hRbZSLk_yC2cMt8C3--cgnrD3s0V7LRFhQ5fH9R3qI8kat-c-ixwPpP0VAGRU4Uayo_utOOr0PZDCCccX98ps8p9jT0PuYR5_brVK5f8tb3pqCgmVUceZI9kLGdgjqinyr9jhyCye3hA&sai=AMfl-YSmGJ9jhpM5hscBJ90sgbvYlByzODtZ74f9jPoxczuxtNIGUA9ho0w-LaJvT-wIQQEYWHDkNiFD0xf-XvjHItqB_hOO-iDwlRgeuryPBDcMyA1hPz2FgyexBm4zjXmqodBN3Po9Y33vQoqHM2U&sig=Cg0ArKJSzN-5VqEp7xgkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Aug 2023 05:10:43 GMT

GET
H2 200 rciv.js Show response
cdn.tynt.com/ Frame 2FC2 16 KB
6 KB 140ms
46ms Script
application/javascript 104.18.19.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/rciv.js
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9543239aa50b032bc3b599ca6f5c5f09842dc0e79009cf471376a591aeb61db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 15:48:11 GMT
server: cloudflare
age: 132874
etag: W/"6410973b-41de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7f144babfa391c2e-FRA
expires: Mon, 07 Aug 2023 05:10:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FC2 179 KB
57 KB 142ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:10:43 GMT

GET
H2 200 aHvVWMte4r54oMaKlgYj8u.js Show response
sc.tynt.com/script/sc/ Frame 2FC2 3 KB
1 KB 67ms
50ms Script
text/javascript 104.18.19.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sc.tynt.com/script/sc/aHvVWMte4r54oMaKlgYj8u.js

Requested by

Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12240e221536be70eafd000fb14a003ced41d4c0f41da487a754285e17beac18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 426604
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: d662a913-4e05-44d6-829e-10bfefd2cf48
x-runtime: 0.002678
x-content-digest: 44dcb1860d0a2b116954dedbc81633d4dd3c3e73
last-modified: Sat, 29 Jul 2023 14:04:16 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public, s-maxage=172800
cf-ray: 7f144bac6abf1c2e-FRA
x-rack-cache: fresh
expires: Sat, 29 Jul 2023 23:43:40 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
228 B 408ms
131ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aHvVWMte4r54oMaKlgYj8u&lm=6&ts=1691125843918&dn=RCIV&iso=0&us_privacy=1---&pu=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F&t=Juno%20-%20My%20Juno%20Personalized%20Start%20Page%20-%20Sign%20in&chmob=0
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 04 Aug 2023 05:10:44 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
DATA 200
OK truncated
/ Frame 2FC2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b363220ccb1c1cb1673ca3bde162b34fd7ebb98b42c356f206a4c0f678b0b57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sic.js Show response
cdn-sic.33across.com/1/javascripts/ Frame 2FC2 447 KB
117 KB 152ms
47ms Script
application/javascript 104.18.24.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Love
Resource Hash: 9309112941d22c1b957fd05b840dc8611d52b7abe3bdd9e3587259c25a759351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 May 2023 18:56:29 GMT
server: cloudflare
age: 112689
etag: W/"6477985d-6fd56"
x-powered-by: Love
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 7f144bad9a25bbf1-FRA
expires: Fri, 04 Aug 2023 06:10:44 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
326 B 305ms
132ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=aHvVWMte4r54oMaKlgYj8u&dn=RCIV&cc=1&chmob=0&r=&us_privacy=1---&pu=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Fri, 04 Aug 2023 05:10:43 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 4
expires: Sat, 05 Aug 2023 05:10:44 GMT

GET
H2 200 sic.css
cdn-sic.33across.com/1/stylesheets/ 7 KB
2 KB 45ms
45ms Stylesheet
text/css 104.18.24.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Love
Resource Hash: 4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 May 2023 18:56:29 GMT
server: cloudflare
age: 112689
etag: W/"6477985d-1c90"
x-powered-by: Love
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 7f144baf0b6ebbf1-FRA
expires: Fri, 04 Aug 2023 06:10:44 GMT

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ Frame 5535 100 KB
34 KB 129ms
38ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3b72af59b1d95751583f25bee44592d7026c8b9f6922fd5bfff7ecd961c6859c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires: Tue, 11 Jul 2023 13:31:10 GMT
Date: Fri, 04 Aug 2023 05:10:44 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 56307
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 34495
X-Served-By: cache-lga21942-LGA, cache-fra-etou8220020-FRA
Last-Modified: Mon, 10 Jul 2023 13:28:42 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1691125844.431761,VS0,VE0
ETag: W/"64ac078a-19032"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 99702, 15704

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 7DC5 246 KB
60 KB 43ms
43ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 04:12:07 GMT
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront), 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 19:49:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1, FRA56-P6
age: 3518
x-amz-server-side-encryption: AES256
etag: W/"a7247ead77dd201b1e56acf0e565194b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: gjNuR6oORFqjHLRuw3ytvgButQru6BQzgSLHrvmbDGmblp49hZK-6Q==

GET
H2 200 authorize Show response
sic.33across.com/ 2 KB
2 KB 407ms
142ms Script
text/javascript 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://sic.33across.com/authorize?usPrivacy=1---&version=3.26.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&product=inview&userId=&lexId=&sessionId=&publisherURL=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F&referrerURL=&publisherId=aHvVWMte4r54oMaKlgYj8u&publisher=start.netzero.net&maxTouchPoints=0&navigatorPropsCount=63&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=1200&_=1691125844335&callback=_tynt_jp.af2so98ab

Requested by

Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.202.105.24 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip24.67-202-105.static.steadfastdns.net

Software

/ Love

Resource Hash

daed647021f79a17871a3f4d6a1f51a37577c10c72ee9e4392a38822273d436f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Love
etag: W/"697-rMu3+8phb+kzqbZwEpbGokL7e0M"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/javascript; charset=utf-8
status: 200 OK
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Authorization

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2FC2 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8qyEcAU8gsiPqqxhdqXkFyk6nhYF3nxLSBRk3Q7ISkEzk7qCirhLGuZh1_xGxvGKnHovwdPVrna4Vgr8D1xXzfYYmgvQN3RCxOyWt6VtTsFjQDXF_PulWQfHHcegViauorVLKVMO9xoMomAzoesO4R4KGoOVmIJdaMYXHc_17FvXkGLHuGIleeBEVgS1w_VIbfUf7i-jrHSDhTTV9OBNjlWFUwKY5wA0M_cvGGm5eZqpghsnSrkGvMuZzNH9-q-yAlZHmomMEofZ27E2MsInJVSAEbmokT9WIu461GvtjdyrdcIPiGARG6PEaHl88Def9XwXsnADDae0heuvREw&sai=AMfl-YTHEy2d_w6U_LNKz_Tn5oOgWM0UUIN7Ph2_TzReH4u-WAKTSNN1SM9tr-NtgupQA7_aZbTu4Yohfn30vIUKgCPTBK-OVqY2sdmfaDT7awU_WD786kcXms6RercUVGpvXdZCfw8aidqJ4zNFtrM&sig=Cg0ArKJSzMRux6IAayz-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Aug 2023 05:10:44 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
326 B 132ms
131ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&id=aHvVWMte4r54oMaKlgYj8u&dn=RCIV&cc=1&chmob=0&r=&us_privacy=1---&pu=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Fri, 04 Aug 2023 05:10:43 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 4
expires: Sat, 05 Aug 2023 05:10:44 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 132ms
131ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aHvVWMte4r54oMaKlgYj8u&lm=6&ts=1691125843918&dn=RCIV&iso=0&us_privacy=1---&pu=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F&t=Juno%20-%20My%20Juno%20Personalized%20Start%20Page%20-%20Sign%20in
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 04 Aug 2023 05:10:44 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 7DC5 6 KB
3 KB 41ms
41ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
date: Fri, 04 Aug 2023 05:10:43 GMT
x-amz-cf-pop: FRA56-P6
age: 53307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: b8F1cE2CJijfSYsZxs3_qFVrixKD-qonGsbbRVgDqfQusQL-WP1l8A==

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 132ms
131ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aHvVWMte4r54oMaKlgYj8u&lm=6&ts=1691125843918&dn=RCIV&iso=0&us_privacy=1---&pu=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 04 Aug 2023 05:10:44 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 132ms
132ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aHvVWMte4r54oMaKlgYj8u&lm=6&ts=1691125843918&dn=RCIV&iso=0&us_privacy=1---&pu=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 04 Aug 2023 05:10:44 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0FD9 81 KB
27 KB 120ms
120ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b65c8060506b694daa9e0e53727558483d6701360535078dc8479bec1847e79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27830
x-xss-protection: 0
server: cafe
etag: 697 / 19573 / 31076709 / config-hash: 10861726234437032503
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:10:44 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 132ms
131ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aHvVWMte4r54oMaKlgYj8u&lm=6&ts=1691125843918&dn=RCIV&iso=0&us_privacy=1---&pu=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 04 Aug 2023 05:10:44 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308020101/ Frame 0FD9 400 KB
126 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308020101/pubads_impl.js?cb=31076709

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b5eeeb211f2b120bf3f918a06f149d8e975a17a691b59e2108aefcc3d730686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 14:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54330
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129448
x-xss-protection: 0
server: cafe
etag: 2615405546215963376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 02 Aug 2024 14:05:14 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 0FD9 40 B
68 B 73ms
73ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=depedlacarlota.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddb0dbffcb906bc22ab388ac57e6f4a9769d57dd97c4c88bc32a68d03aa2980d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
expires: Fri, 04 Aug 2023 05:10:44 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C9C4 15 KB
6 KB 53ms
52ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=depedlacarlota.com&us_privacy=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://depedlacarlota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:10:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 295321
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 180ms
86ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d32905ea66f7c251d8b6bdc253b0a9ff98953cf373e72f8c62a6d2d39107a206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11683
x-xss-protection: 0

GET
H/1.1 204
No Content beacon
ce.lijit.com/ Frame 16FD 0
0 141ms
46ms Document
text/plain 216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13392629&uid=united_online
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://depedlacarlota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Fri, 04 Aug 2023 05:10:45 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap1ams1

GET
H2 200 spacer.gif
static.uolcontent.com/images/ 43 B
135 B 184ms
183ms Image
image/gif 64.136.52.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.uolcontent.com/images/spacer.gif?msg=AS%3AI%3Abids%3DTop3%3A12345%7C0%3B46224%7C0%3B46737%7C0%3B46700%7C0%3B46764%7C0%3B46250%7C0%3B48081%7C0%3B48178%7C0%3B46357%7C0%3B46470%7C0%3B46234%7C0%2CBottom4%3A12345%7C0%3B46222%7C0%3B46735%7C0%3B46698%7C0%3B46762%7C0%3B46248%7C0%3B48082%7C0%3B48177%7C0%3B46358%7C0%3B46473%7C0%3B46232%7C0%2CLeft2%3A12345%7C0%3B46221%7C0%3B46734%7C0%3B46697%7C0%3B46761%7C0%3B46247%7C0%3B48079%7C0%3B48180%7C0%3B46355%7C0%3B46474%7C0%3B46238%7C0%26tt%3D2031%7Ca9v2%3A714%7Cindex%3A149%7Crubicon%3A319%7Cpubmatic%3A177%7Copenx%3A161%7Cappnexus%3A2027%7C33across%3A318%7Ctriplelift%3A140%7Ccriteo%3A389%7Cconversant%3A228%7Csovrn%3A161%26du%3D0%26site%3Duolstart%26pn%3Ddesk%2Flogin%26fl%3D1%26ar%3D0&command=ADLOG&count=1691125845081
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.52.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.vgs.untd.com
Software: lighttpd /
Resource Hash: 71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:45 GMT
last-modified: Wed, 04 Jan 2017 07:38:14 GMT
server: lighttpd
etag: "4030218971"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43
expires: Sun, 03 Sep 2023 05:10:45 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 241 KB
56 KB 549ms
548ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=59161867693316&correlator=2422342242725701&eid=31072020%2C31076398%2C31075149&output=ldjh&gdfp_req=1&vrg=202307310101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21228205%2CLBT_TOP_LOG_ATF%2CLBL_BTM_LOG_BTF%2CMRT_TOP_LOG_ATF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%2C728x90%2C300x250&ifi=2&adks=448056637%2C1318404152%2C2464794028&sfv=1-0-40&sc=1&cookie=ID%3D1decb0ca06470b1f%3AT%3D1691125843%3ART%3D1691125843%3AS%3DALNI_MYrob8XNs2N8-6JHS2EPlXyrgm3OA&gpic=UID%3D00000c4c012b442e%3AT%3D1691125843%3ART%3D1691125843%3AS%3DALNI_MaTBJGs2U3Nirqahjf7u8_GyJTyUw&abxe=1&dt=1691125845089&lmt=1691125845&adxs=582%2C582%2C340&adys=10%2C1093%2C742&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F&frm=20&vis=1&psz=728x-1%7C728x-1%7C300x250&msz=728x-1%7C728x-1%7C300x0&fws=512%2C512%2C0&ohw=0%2C0%2C0&psts=AOrYGsmNYnMRRjq9hjD6-s-PgwAP8717NXcmlt4hPK8nsBQQU-ETIf59CkNjnQRFEBW1yIKXX0DGddtQ2SdPuuY&ga_vid=1236690969.1691125844&ga_sid=1691125844&ga_hid=197540688&ga_fc=false&dlt=1691125838721&idt=4775&prev_scp=UOL_POS%3DTop3%7CUOL_POS%3DBottom4%7CUOL_POS%3DLeft2&cust_params=uolpagename%3Ddesk%252Flogin%26uoldialup%3Dfalse%26uolbrand%3DJU%26uolrotate%3Dfalse

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23ef66d1d73a81ba6ac808f9d721bd4a13e6e033d97414040361d60e90a77c5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57459
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://depedlacarlota.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C9C4
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=depedlacarlota.com&sn=ChromeSyncframe&so=0&topUrl=depedlacarlota.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=PP5YynxyUmZ2cytiUm9QK0FGZWxzWXBSY2JHc3lhVUZ6cmZYR1BRWEJmVUNKVHNLS3d1VG1VekQ3T0FGWE1iV05BMXJLei9DNTNuZnNUNXQ1Uk04Ri9vbUJDazFKU2pibTdsdVdPUHJwK3dENVFjQk51UFU3UlE5bjFxdz...

478 B
684 B

154ms
50ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=PP5YynxyUmZ2cytiUm9QK0FGZWxzWXBSY2JHc3lhVUZ6cmZYR1BRWEJmVUNKVHNLS3d1VG1VekQ3T0FGWE1iV05BMXJLei9DNTNuZnNUNXQ1Uk04Ri9vbUJDazFKU2pibTdsdVdPUHJwK3dENVFjQk51UFU3UlE5bjFxdzFmZFZOQlNEemZjQVlyYWVySi9yT2tyMFphMktMQ2loVDk3VnQxb29SWmJCZjJrMmtmTDdQSGFkZ2lFNi9PVFh4K2I2bWNOVHFVUklKbVZrcUM1MXZaY2pJVTg5SWNIYkFyTTJGa0FCZ3EvVDNlaFdlb25kOFZqZFZOSnJYeUVLSFFtOU56NU5SQjR4bElPTjRRRFQzQzdZY1N0VXF3UGdPMUJ4OXpQNllpTENXdmdWVnRZND18&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

698352b802cacb9884c7959cb3175461f29f214d6a9d7d1b1bab1cdb1fc177fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1130735
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=PP5YynxyUmZ2cytiUm9QK0FGZWxzWXBSY2JHc3lhVUZ6cmZYR1BRWEJmVUNKVHNLS3d1VG1VekQ3T0FGWE1iV05BMXJLei9DNTNuZnNUNXQ1Uk04Ri9vbUJDazFKU2pibTdsdVdPUHJwK3dENVFjQk51UFU3UlE5bjFxdzFmZFZOQlNEemZjQVlyYWVySi9yT2tyMFphMktMQ2loVDk3VnQxb29SWmJCZjJrMmtmTDdQSGFkZ2lFNi9PVFh4K2I2bWNOVHFVUklKbVZrcUM1MXZaY2pJVTg5SWNIYkFyTTJGa0FCZ3EvVDNlaFdlb25kOFZqZFZOSnJYeUVLSFFtOU56NU5SQjR4bElPTjRRRFQzQzdZY1N0VXF3UGdPMUJ4OXpQNllpTENXdmdWVnRZND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 206629
content-length: 0
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 155ms
57ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 05:10:45 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2FC2 42 B
174 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudFdG49k4jgwgp6MxNuXayyl1jK4WPK1Zl-NKUAt6Y92G3hI6l9kgdEW1k65zViS-3JMZeuXcSVqdTmaoDxZ28amCc1vhyH4xmfnG_qYs3eOWTwwrr&sig=Cg0ArKJSzG_U0KjZl3tNEAE&id=lidar2&mcvt=1000&p=1178,1308,1179,1309&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230802&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3467785237&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691125843707&rpt=631&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E11E 13 KB
5 KB 44ms
39ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://depedlacarlota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 04:59:22 GMT
expires: Sat, 03 Aug 2024 04:59:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C45A 783 B
1 KB 144ms
48ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e541a2e25d5ac0a50e3630d2c58dc3e6ce043fa94e160b0098faeac18f4ad3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Pb32_nrr1l6fbiy-fhbPJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://depedlacarlota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-Pb32_nrr1l6fbiy-fhbPJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:10:45 GMT
expires: Fri, 04 Aug 2023 05:10:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame E11E 37 KB
14 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 20:18:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 20:18:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C45A 0
0 74ms
72ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307310101&jk=59161867693316&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 container.html Show response
734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6257 6 KB
3 KB 42ms
40ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://depedlacarlota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:10:43 GMT
expires: Sat, 03 Aug 2024 05:10:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307180709000/ Frame 379F 222 KB
62 KB 131ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 13:35:44 GMT
age: 228901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62064
x-xss-protection: 0
server: sffe
etag: "7c75c6afffb97d84"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 13:35:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 379F 15 KB
5 KB 245ms
154ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 13:35:44 GMT
age: 228901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5274
x-xss-protection: 0
server: sffe
etag: "b24c5d555100d699"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 13:35:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 379F 94 KB
28 KB 246ms
155ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 13:35:44 GMT
age: 228901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "908f04349b1b2df1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 13:35:44 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 379F 5 KB
2 KB 258ms
167ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 13:35:44 GMT
age: 228901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "5416cfef676738bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 13:35:44 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 379F 40 KB
13 KB 258ms
168ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 13:35:44 GMT
age: 228901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13013
x-xss-protection: 0
server: sffe
etag: "4da616cd662b7cdb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 13:35:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 379F 4 KB
1 KB 139ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Aug 2023 05:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 05:07:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Aug 2023 05:10:45 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307180709000/ Frame 8184 222 KB
61 KB 181ms
119ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 13:35:44 GMT
age: 228901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62064
x-xss-protection: 0
server: sffe
etag: "7c75c6afffb97d84"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 13:35:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 8184 15 KB
5 KB 166ms
165ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 13:35:44 GMT
age: 228901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5274
x-xss-protection: 0
server: sffe
etag: "b24c5d555100d699"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 13:35:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 8184 94 KB
28 KB 167ms
166ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 13:35:44 GMT
age: 228901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "908f04349b1b2df1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 13:35:44 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 8184 5 KB
2 KB 174ms
174ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 13:35:44 GMT
age: 228901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "5416cfef676738bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 13:35:44 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 8184 40 KB
13 KB 175ms
175ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 13:35:44 GMT
age: 228901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13013
x-xss-protection: 0
server: sffe
etag: "4da616cd662b7cdb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 13:35:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8184 6 KB
779 B 113ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Aug 2023 05:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 03:23:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Aug 2023 05:10:45 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 379F 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 21:26:59 GMT
x-content-type-options: nosniff
server: cafe
age: 27826
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 04 Aug 2023 21:26:59 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 379F 295 B
319 B 42ms
40ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 21:40:34 GMT
x-content-type-options: nosniff
server: cafe
age: 27011
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 04 Aug 2023 21:40:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 379F 0
0 49ms
47ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1goFJ7mm1G32DJ2olVo9AoNaZcgldVIpxMO2M9l4yaRssV7B_yhKfnxNh5rJtV5ZrzPy7
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8184 2 KB
2 KB 42ms
40ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 21:26:59 GMT
x-content-type-options: nosniff
server: cafe
age: 27826
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 04 Aug 2023 21:26:59 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8184 295 B
319 B 42ms
41ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 21:40:34 GMT
x-content-type-options: nosniff
server: cafe
age: 27011
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 04 Aug 2023 21:40:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8184 0
0 49ms
47ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-i3xduQhpcc63UJrCVWgDmOtdaxsDdWD2f_0LEk4sPqrdnj8mQIemggr-17vcOWQewfeP
Requested by: Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/11431162829911114024/ Frame 379F 37 KB
37 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11431162829911114024/6592766407814317453

Requested by

Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffe5c44ebe4999e46299b6b8d7dcb5e06e4ccb8bbc91005c217956ec7cba0b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:21:53 GMT
x-content-type-options: nosniff
age: 539332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37731
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 09:31:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 23:21:53 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15642189143192801057/ Frame 379F 1 KB
1 KB 57ms
56ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15642189143192801057/14763004658117789537?w=100&h=100

Requested by

Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f7f1621cb60a863689d4db0891e80afd1a81df6e1b53b44ef15b0ede1f8e501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:01:09 GMT
x-content-type-options: nosniff
age: 518976
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1158
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 12:10:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 05:01:09 GMT

GET
DATA 200
OK truncated
/ Frame 379F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4947874fe3a82597a8870907762e8bc41b5f0a01e063878af0604aa7ce4d803

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/18372396564982710871/ Frame 8184 31 KB
31 KB 51ms
51ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18372396564982710871/2076313506083323656

Requested by

Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

286e3eca6ee221988d3fcf8925c89b00453fb1ceb090ab8bfa467903995c2a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:09:18 GMT
x-content-type-options: nosniff
age: 597687
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31317
x-xss-protection: 0
last-modified: Tue, 11 May 2021 15:10:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 07:09:18 GMT

GET
DATA 200
OK truncated
/ Frame 8184 220 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30bfeecbe2f5b232216902c67974e67f6630e5bcf70b84f2810a77903d16e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8184 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dc950344f0c7eb7089586177f8d9608c7aa2b72c6a24beec07e6264211dadd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 6257 2 KB
892 B 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
URL: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:47:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 6257 23 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
URL: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:47:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 6257 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
URL: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:47:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 6257 20 KB
8 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
URL: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:47:33 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6257 0
0 52ms
50ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQa0bEBfUY-h72-YJvMJMHDRYd47QlwePpyyh_DAkV-5Ps_e0PCsCgnYCd2eTriY01Ggmr
Requested by: Host: 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
URL: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6257 179 KB
56 KB 55ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
URL: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:10:45 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 6257 33 KB
14 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
URL: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 20:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 20:05:07 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6257 22 KB
23 KB 143ms
39ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQzSJz4gtod-PDiuf9vOEF01anlIvCEMDKpsWIgHpbGRDcUR0JjEwQa73XP_A&usqp=CAI

Requested by

Host: 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
URL: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

770db21d3a14a399f29c904d4f1ccd6c01083d72c94b2358786421d48fb49e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 03:46:50 GMT
x-content-type-options: nosniff
age: 5036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22602
x-xss-protection: 0
last-modified: Wed, 09 Dec 2020 13:31:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 03 Aug 2024 03:46:50 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 6257 27 KB
28 KB 139ms
39ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSOlYKUGH6A0KN5If83bx8NrG1DxycHY_3EuwGAsy0s8zmDpT8xWM8QiJo-Bg&usqp=CAI

Requested by

Host: 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
URL: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6986bb7ba46ad1711513169fa268170228092ee86dcec85a0d1d3338d0af4b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 04:54:27 GMT
x-content-type-options: nosniff
age: 173779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27905
x-xss-protection: 0
last-modified: Sat, 02 Jan 2021 16:05:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 01 Aug 2024 04:54:27 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 6257 35 KB
35 KB 130ms
39ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRctNm1CS-riL53wILKBaE0jVdr-SDX2uXItcA48CbepNNpEKeIfHOyMYTemw&usqp=CAI

Requested by

Host: 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
URL: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72a42a64ed3d1c9f200a23b5d7a6be5dee82bd576b30fc5255b188b4f8be230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 09:36:56 GMT
x-content-type-options: nosniff
age: 502430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35771
x-xss-protection: 0
last-modified: Tue, 24 Nov 2020 00:52:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Jul 2024 09:36:56 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 6257 13 KB
13 KB 175ms
84ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQB6ELIZpBKdU8MeUm5GIfvmHY0nK-wx7fZKK8-DmsDg_Q_mGQ-2g8lTHnelg&usqp=CAI

Requested by

Host: 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
URL: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d43b1ce20fe88c2ea66a4ca9d74785a71cf0f7f3757ad01bb5d4341471289d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 19:56:42 GMT
x-content-type-options: nosniff
age: 292444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13606
x-xss-protection: 0
last-modified: Thu, 20 May 2021 11:41:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 30 Jul 2024 19:56:42 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 6257 24 KB
24 KB 181ms
81ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTazev3n5HvLCCQG9MSIJ0K9XF0evDto_D3I2P1AQjpBT3eYrtK&usqp=CAI

Requested by

Host: 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
URL: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

639c3ebdb9c14a3fa26b9da8b4984e0496a74b4bdc44903cb942fa5bf6963d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:01:47 GMT
x-content-type-options: nosniff
age: 539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24092
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 08:09:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 03 Aug 2024 05:01:47 GMT

GET
H3

200

3881364954747983681
tpc.googlesyndication.com/simgad/ Frame 6257
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODA_Zzx0gEQwAEYwAEyCOt0MOiXZvHz
https://tpc.googlesyndication.com/simgad/3881364954747983681

11 KB
11 KB

40ms
39ms

Image
image/png

2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3881364954747983681

Requested by

Host: 734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
URL: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d0e3eeb555641cfcd0a77995b79821f3749449b9c1c6137e89516d9f4448882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:35:08 GMT
x-content-type-options: nosniff
age: 516937
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10916
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 13:48:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 05:35:08 GMT

Redirect headers

date: Thu, 03 Aug 2023 22:36:55 GMT
x-content-type-options: nosniff
server: cafe
age: 23630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3881364954747983681
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Sep 2023 22:36:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 379F 15 KB
16 KB 172ms
82ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://depedlacarlota.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 488007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 13:37:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 379F 15 KB
16 KB 127ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://depedlacarlota.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 3834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 04:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8184 15 KB
16 KB 183ms
97ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://depedlacarlota.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 488007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 13:37:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8184 15 KB
15 KB 134ms
49ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://depedlacarlota.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 568071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 15:22:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E11E 0
11 B 39ms
38ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?b9cpoA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 6257 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf39f3d4ccd16d61f6dcbb9f0888f8d1573b13b43c913cf1596c2ed02059f2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 236 KB
73 KB 147ms
45ms Script
text/javascript 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157483/3750/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding: br
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
date: Thu, 03 Aug 2023 12:10:06 GMT
last-modified: Thu, 08 Jun 2023 08:56:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 61241
x-amz-server-side-encryption: AES256
etag: W/"a23e5e8674928ef24c6825d63b8d2927"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: Thh4Ti1ZHCe4FwK9LgtpTV69vkfz0PqakLMLKqm8MVwyEdUeWAn3vw==

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 08BF 281 B
554 B 137ms
39ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://depedlacarlota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Aug 2023 05:10:46 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 9027 39 KB
14 KB 40ms
39ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer: https://depedlacarlota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=83772
content-encoding: gzip
content-length: 14445
content-type: text/html
date: Fri, 04 Aug 2023 05:10:46 GMT
expires: Sat, 05 Aug 2023 04:26:58 GMT
last-modified: Tue, 21 Mar 2023 06:09:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame F98E 0
0 142ms
129ms Document
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=chfiOU1f0r64kDaKjGFx_2&us_privacy=1---
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP013 /
Resource Hash

Request headers

Referer: https://depedlacarlota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Fri, 04 Aug 2023 05:10:45 GMT
server: 33XP013
x-33x-status: 2000208

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame C122 0
0 142ms
129ms Document
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=crc8x21f0r64kDaKjGFx_2&us_privacy=1---
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP014 /
Resource Hash

Request headers

Referer: https://depedlacarlota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Fri, 04 Aug 2023 05:10:45 GMT
server: 33XP014
x-33x-status: 2000208

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 4363 0
0 140ms
129ms Document
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a2Sl-k1f0r65XCaKlKyvbs&us_privacy=1---
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP012 /
Resource Hash

Request headers

Referer: https://depedlacarlota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Fri, 04 Aug 2023 05:10:45 GMT
server: 33XP012
x-33x-status: 2000208

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 3AFF 0
0 140ms
130ms Document
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cmYvqS1f0r64kDaKjGFx_2&us_privacy=1---
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP011 /
Resource Hash

Request headers

Referer: https://depedlacarlota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Fri, 04 Aug 2023 05:10:45 GMT
server: 33XP011
x-33x-status: 2000208

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 8236 0
0 139ms
130ms Document
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cvYZ0g1f0r64kDaKjGFx_2&us_privacy=1---
Requested by: Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP015 /
Resource Hash

Request headers

Referer: https://depedlacarlota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Fri, 04 Aug 2023 05:10:45 GMT
server: 33XP015
x-33x-status: 2000208

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 123ms
41ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?&px=1&src=uol-ad.js&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6257 0
0 81ms
81ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYPowVYjMZPbWCZjJ7_UP_86V4AbJx--yTa-y9YLsD5KZ3O77NhABIK2xqyFglcqrgrQHoAGVh8b6A8gBCakCA7dZa_pfsj7gAgCoAwHIA8sEqgSNAk_QU1wYaCwt1zQg6W6HQ22UEQfubMcUOFHE83yFcn2sqYNbeMeqoeHQH19C3nmxu4hLAlHQCT0Dp8EU_q6euXmfhwLiFkBojcj6BjeeN2t4EhMMFvEdOvfDg7HGk-XUTsiz3o8mw1R-jimn6a5mAVF4Gdkp1m_qDF4gfCXaMFJa4D69Ns6RzVcCrkbTEHfwcstzbxHVjKcUH42-NgQaDyZDLc70csgPMWMojr48qGhrosY8Ct4KcNGbxJIX8wumn2KM5jH0VsZLgsYQHmeiZ_Gbt3O9j_nEyxcKM6KBp3Gh4OUUEdRasP3N8u2NY4oMHwRgAJfy1_rLtog0fMD73_OamLAJNDVUJy0ydgASwATT8eqqR-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfT-LkFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEELanFNIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwGiDAgqBgoEw7CxAtgTDYgUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0wNDY4NTUwMzczOTcxMDg4GK3PFg&sigh=UpQL1WkyP5Q&uach_m=[UACH]&cid=CAQSOwBpAlJWuo7UFMur6nQpF6H-7sJwh5Jj5SmqaZZxPJqAIABMR_JxKuf5tm8FQVcA7AxSK0QbTDwO5-yyGAE&template_id=494&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame C597 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: depedlacarlota.com
URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 20:18:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 20:18:48 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9027 2 KB
3 KB 131ms
41ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36564038&p=157483&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 2c2947428159b2a8035b255833abb998744cdc92e3151f7eb76604cdbbd47b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 04 Aug 2023 05:10:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 379F 0
0 79ms
79ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_U5uVYjMZPfWCZjJ7_UP_86V4Aa4upvDcZ3Av_rBEdzZHhABIK2xqyFglcqrgrQHoAHQqZb0KcgBCakCA7dZa_pfsj7gAgCoAwHIAwqqBKACT9BSZrIxJSdKVhFMdu5KL6KDfJqH5XonK_NIcNezsaKsj2U5YGr7ixDxPxDQ6RYS0K9X5dawzuelKkzYeKFWF243CLXzEOW4UMEjg7Ex7FkHER3lwXE6GtKvV3HCTKU53D6-1Dh8XHhLpbjZiLqzS4Z_mXKNMd5iV8fzmuhEfosIcWbtCQWtgadFD60F-GDXNuXDNmjbTJbjObh14IsqJ2EaIeKKH3CABpvzPFVSnDiwtQhBbspg_msNODwQn8w2Bf1ysJf8lr4P4_7hasMA8FI4ZkI3PXu5nxXAFqc_47Ku1qg0_0vgOjSqzX9b1uF5KpW7sOs6J2DwLD9YwkOt9b0_ArML6lxeZYD-FkYyhbTO-QZBbzciunP-JKkBYunNwASOs6bDtQTgBAGgBi6AB9Dh5tMEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQvtwk0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAaIMCCoGCgTDsLECuBPkA9gTA4gUA9AVAYAXAbIXHgocCAASFHB1Yi0wNDY4NTUwMzczOTcxMDg4GK3PFg&sigh=rPM6KlvwlDs&uach_m=[]&cid=CAQSOwBpAlJWuo7UFMur6nQpF6H-7sJwh5Jj5SmqaZZxPJqAIABMR_JxKuf5tm8FQVcA7AxSK0QbTDwO5-yyGAE&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8184 0
0 83ms
83ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CC3A7VYjMZPjWCZjJ7_UP_86V4Aa8l9nLccTsjd72DdzZHhABIK2xqyFglcqrgrQHoAH44PT6A8gBCakCA7dZa_pfsj7gAgCoAwHIAwqqBJECT9A3miUV4nTXac8VNombvthiK6DGv0SaNZtyFXev0_Js41g3h1KktjyjsO69RE8EmWOWzKh-BQm96RZ2EzvF3KcTxzy1zvEcoVheaRenreHd4kDxGdM48AnK0epXakOorIj5aggoh7AgFjWbQn3v74a93z1uygsJEOkEQotvc4oGckFE690PP-UdZ81Ja8aJ7jdCe-ib9Gek-s9X08_JeXtbiyKthqyZZCnQMpA0AbusAYcGgnjM3uSpH75XXq6lFaVQN10_cPQC8PXOV4Anx8IMCtP4g8GBDJ__-Kc2pvKmlykAkkQsA86TBE6XlVG8sqka7lwbT3il44Baod6rvbee8YJFC3a9DEn1lu-uRDBKwATA--K5xQPgBAGSBQQIBBgBkgUECAUYBKAGLoAH8J6LBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENLNK9IIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwGiDAgqBgoEw7CxArgT5APYEw2IFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItMDQ2ODU1MDM3Mzk3MTA4OBitzxY&sigh=yDWYkcl4QsY&uach_m=[]&cid=CAQSOwBpAlJWuo7UFMur6nQpF6H-7sJwh5Jj5SmqaZZxPJqAIABMR_JxKuf5tm8FQVcA7AxSK0QbTDwO5-yyGAE&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 08BF 34 KB
10 KB 40ms
40ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4a52a0201748dd82b033cfee0104e548bc12cf6d36e803d62d4699e72d68faaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 05:10:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Aug 2023 10:48:30 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=20202
Connection: keep-alive
Content-Length: 10114
Expires: Fri, 04 Aug 2023 10:47:28 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
609 B 131ms
39ms Fetch
application/json 13.32.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-35.fra60.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 01:27:25 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront), 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 13401
x-amzn-requestid: e5bbbc6e-4ca6-4ab4-99b7-9353a07cad52
x-amzn-trace-id: Root=1-64cc53fd-1bd6229316bffd773b0a945b;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: JHIPlHjBDoEF2NA=
content-length: 28
x-amz-cf-id: gbAAh8V9tWGf4ilHBtvN5tKm9qTuTitZZkXPp57a4ZdTehB2DqY0Sw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 7D05
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=424719251070108941

42 B
273 B

85ms
50ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=424719251070108941
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 04 Aug 2023 05:10:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=424719251070108941
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 11E4
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

164ms
48ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 04 Aug 2023 05:10:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:10:45 GMT
expires: Fri, 04 Aug 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 921264
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3418
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826344166623

42 B
273 B

48ms
46ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826344166623
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 04 Aug 2023 05:10:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Fri, 04 Aug 2023 05:10:46 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826344166623
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame E81E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=417635AF-411E-4338-B837-CCB15368A6CE&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=417635AF-411E-4338-B837-CCB15368A6CE&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

232ms
214ms

Document
image/gif

52.95.126.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=417635AF-411E-4338-B837-CCB15368A6CE&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 04 Aug 2023 05:10:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: V466EHVY0GERDG2W8QTQ

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 04 Aug 2023 05:10:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=417635AF-411E-4338-B837-CCB15368A6CE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 51XA96M3B0DS9X7BPMK2

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4AE9
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1p4YPtiSTmvNnU8_hppWaISdGmnNzENr2ZuODk0L

42 B
568 B

172ms
47ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1p4YPtiSTmvNnU8_hppWaISdGmnNzENr2ZuODk0L
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 04 Aug 2023 05:10:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Fri, 04 Aug 2023 05:10:46 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1p4YPtiSTmvNnU8_hppWaISdGmnNzENr2ZuODk0L
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9027
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QXY1r0EeQzi4N8yxU2imzg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

42ms
42ms

Image
text/html

184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=137564
accept-ranges: bytes
content-length: 5606
expires: Sat, 05 Aug 2023 19:23:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 9027 49 B
265 B 70ms
55ms Image
image/gif 52.214.214.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=417635AF-411E-4338-B837-CCB15368A6CE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.214.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-214-124.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:46 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.105
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 9027
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1755522020
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=417635AF-411E-4338-B837-CCB15368A6CE

0
284 B

151ms
47ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=417635AF-411E-4338-B837-CCB15368A6CE
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:46 GMT
via: 1.1 google
last-modified: Fri, 04 Aug 2023 05:10:46 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=417635AF-411E-4338-B837-CCB15368A6CE
date: Fri, 04 Aug 2023 05:10:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame 9027
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=417635AF-411E-4338-B837-CCB15368A6CE
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NDRnd3JtMjhwLWdRY3FqMUl3RWZ1dWltUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=6857371849744593756&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

117ms
117ms

Image
image/png

54.144.249.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Server: 54.144.249.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-249-67.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 05:10:47 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 04 Aug 2023 05:10:47 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9027
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDE3NjM1QUYtNDExRS00MzM4LUI4MzctQ0NCMTUzNjhBNkNF&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

154ms
52ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 04 Aug 2023 05:10:45 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9027
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBA0uZH2fIerDwZCvkaZQ40&google_cver=1

42 B
268 B

150ms
49ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBA0uZH2fIerDwZCvkaZQ40&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 04 Aug 2023 05:10:45 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBA0uZH2fIerDwZCvkaZQ40&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 9027 43 B
610 B 144ms
44ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 03 Aug 2023 05:10:46 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9027
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6857371849744593756

42 B
324 B

65ms
49ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6857371849744593756
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 04 Aug 2023 05:10:46 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6857371849744593756
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9027 70 B
264 B 58ms
57ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 04 Aug 2023 05:10:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08BF
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtXNE5WWFEtMVAtNDhBRg==&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKCJv_h0HDYHW1jugFXAbOw&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtXNE5WWFEtMVAtNDhBRg==&google_push=

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtXNE5WWFEtMVAtNDhBRg==&google_push=

Protocol

Server

142.250.186.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtXNE5WWFEtMVAtNDhBRg==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 08BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELiysYHLnEEWM6VwXXUVOnE&google_cver=1

0
239 B

173ms
41ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELiysYHLnEEWM6VwXXUVOnE&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELiysYHLnEEWM6VwXXUVOnE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 08BF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qJS2W44WS5G_vyr_gP315g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qJS2W44WS5G_vyr_gP315g

43 B
479 B

122ms
121ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qJS2W44WS5G_vyr_gP315g

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 05:10:47 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2NXEMGK1KG67FJNADYXZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qJS2W44WS5G_vyr_gP315g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 08BF
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uDnBgj9hQae7fI8fCdgaGg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uDnBgj9hQae7fI8fCdgaGg

43 B
479 B

70ms
70ms

Image
image/gif

52.95.126.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uDnBgj9hQae7fI8fCdgaGg

Protocol

HTTP/1.1

Server

52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 05:10:46 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1YHZY04ECY398FCKY9NX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uDnBgj9hQae7fI8fCdgaGg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 08BF 70 B
264 B 58ms
57ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 04 Aug 2023 05:10:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 08BF
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGJiYzY3MTA5N2IwMGQzMzI1MzlhNWFlYzk1YWYxODkwZWY1OTcwYQ&us_privacy=1---

170 B
243 B

51ms
48ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGJiYzY3MTA5N2IwMGQzMzI1MzlhNWFlYzk1YWYxODkwZWY1OTcwYQ&us_privacy=1---

Protocol

Server

142.250.186.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGJiYzY3MTA5N2IwMGQzMzI1MzlhNWFlYzk1YWYxODkwZWY1OTcwYQ&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 08BF
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/PWCrWKMqKMTBzb4PLRAlusn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Y6RWFpxE2oIa.EAGx2JVzsktC.Tzp24e6Pr14A--~A

0
239 B

42ms
40ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Y6RWFpxE2oIa.EAGx2JVzsktC.Tzp24e6Pr14A--~A
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 04 Aug 2023 05:10:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Y6RWFpxE2oIa.EAGx2JVzsktC.Tzp24e6Pr14A--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 08BF
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKW4NVXQ-1P-48AF&us_privacy=1---

0
645 B

279ms
185ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKW4NVXQ-1P-48AF&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:46 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: AA6AF481A70F45C89E2F6CB5DD2F45C0 Ref B: FRAEDGE1819 Ref C: 2023-08-04T05:10:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCEetfD2mfcUKziZKPtA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKW4NVXQ-1P-48AF&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307310101&jk=59161867693316&bg=!iIuli9_NAAZGOVy5Zjk7ADkAdvg8WpWh3h6SLs4IngcU7SoGinSnm0uuDRXRorFNhuLt9b_ZHi_G_L56ATRhbkGxYjVHOswbZnsCAAABXVIAAAAHaAEHCgAfMR4ubpkMMia4WkDhUJZcXD3XTYLtGbja40yq-gZicJkCs3jWlPuxzggdquAMDiY19002zO227rgDV20zzHvc-0AK-PESu6qA_AjiA5JcGR7h1lZlUtvSWwv4x_wbNtzqMTEiiESVV7NJYd7u18DyO0-6N-EsyJbAoQPwTDRhUQFjt64bT6aOAxgWcPF9Bp41XLdue5443P5Nx2lEcAFeMhFhAG6m6R8AEOtCP1ji7DVMyDWIFn-Y28GwVKwD6Mz28vSNiewx7qRefFtu8svSJBPpePKYFhiE4-0bxvX2PexjBhHbVgPFjEfrKCTOWC8y5ISXdGX6lS0hRb39WtXAUiJS1Pl2MrAzoKJUl_cmFDXM8bnA3UuUe5G4BlaPLQhZ8Btmga2DRwrDaV1iAisqHOe-ipvuGdze2RJz6cmxQj2beSaN-6nN-XrW_St86MKNNxPQw2BMQf8VLO0BW8ZCiN8o1hg-PwgxJFh22KSOANDm1tufn3VWk_uWLDt_xQ59BstSYFvfWD7hJPxK8gO7wMseSCrAMvsgunxA75ROdwR0GYXDYLK6yT6_JJlf7gdBBI9mzR21IFQOJHdvzbl5nZN-JbvsHPNGHfgCk6K3Y4TwPM-YTdzlqSd5oQRuJDNk9uSLIJkfYzvuCBBvytaDGNjuCGbmNbAXs6nGKb3hj3AxiAIGQ3O3KXBv0LmWp6avzUuZnah1dj7iuUAYQvC_bHhCzLFx7TZN0kzm_3ESxlOMFtZrrxxF9WtTx7FBLx0Y19Jq-WQ8Joa5Ue7FCcdU5qtoudmDi1RJlrv6c1E3lNQfvumRUdz_guuiZ37NmM73kbPZgRo6mbQWpNIR0zlK2a_nsTq0-7CdYukUpKKzFrFoEbdX-8_NBjHHO1UDulT14hhyFSSBYt-x2Cgl6BR-O7ma0ZGFXXmkTzQFvOiEI37OEkqhQC9GvxSmkK_MMnoGJ-XBUxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6257 42 B
64 B 85ms
85ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMyohcrVRQ3BHozRyYzMK_QoV8BTusZOwcFZXSSJpWdwtxpk6Jth5AbtmmnOxj--Qytzfmh9zv8-5PJqNyYdAQUUXVxW1R3MEtv8mRLxyBUXJOyWw2uknbn_-K-bOcOzXwJlQCp5MOZ5kLFfla5DeomAPegkpKe4PDqZpjuDU&sai=AMfl-YRXDiJJ2JCVY4YrSUMPQh0zqsc7vTr3ZMFGOvif5WfD7QOb_49GUgOVof6JsVnq8OC9lnz7uCfPhGUOFgeEdgQmtm-mWr0xjiNBKrBiV9kxwDJdbV1YmPre04M&sig=Cg0ArKJSzEpYjRNmUUmgEAE&cid=CAQSOwBpAlJWuo7UFMur6nQpF6H-7sJwh5Jj5SmqaZZxPJqAIABMR_JxKuf5tm8FQVcA7AxSK0QbTDwO5-yyGAE&id=lidar2&mcvt=1000&p=10,582,100,1310&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230802&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=448056637&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691125845712&rpt=424&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 379F 42 B
64 B 77ms
76ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssatOs8cqp5uRwgKkbtLCA-Z_X2e4WrpJ77VTvOWEN19BAciNIqXgRsSlDwT-yUW8BA2fvmcnCVuU2MPwK4L6cjBp7gbchZX8IoEeBBo4NjV6VGYururAyQ6kEJSJ2-W8xoUsi7Zao9hYQ4n7lBXa2HVdoNcTxevXn728QnKQBaOgcCm9YhD4N0VdBVf4pc3TKRQH4YRpAkMiXzCNC0V0xMiAYAEgieZIx4b-Fl9saMy0VLOQnkCGRZQzBtPANwzkG4m9hvX4bBQbZX0IEC-MZsWnVDg3JkzNke38G7r7Tq4u5hth7APLOBDQhADt7jrODuIS8uNMIM1glg7XK7ZnX0oIe_LMh51nvydYoWMUPN1bMpD0o6DCMRKMHyT1Bwm2Qx3Dhq7MVPCcC03p5Lf5PfvSWhjT4WYXIPVC17hlZcYqNKpE3otK35BCtYQfDUMIJhZWb3jME2a7m37nXhmEWMpKiKaUdoMxyohhg0hUroyOOzRJB1Dnw6dA_lXaX6fUtMzQF9IGZbGJ3cWvdhFm5iYcKQJEiJZN8cTyM66ND0U6VfPXleKphGlxB1NoCOl2XMErvl2QW2kZFXPjcY9ccEc62ZRwpe8sNP3D5Vdes-tvBFDZI04akWQNLG51LwhkhMPRxFY-p1JUobIOCOlhIpDK-XfPuGxZTUeaffTliAgptoyelH_DFTFfVjGNzdGGHJReUA4KsgpDypfIgkm5BGKeR0WXwEJXJ_VoJ3jcELLohBXsdnQmEUf1S8pGznkcrmS741gXcgnUmL2vXAWEdAMR5MFrbJoFargsZSArEjlyu5ciBU8nex2qIWqrGQJdUQdjG8OUfn-XSqRkb6ZMuSnp6OTssSMCaNiZ-6RvoJb4pisLmEMdD8oFYz4FXp4f-fa3Cc_O4Yge-CcFtgvCPK40Yw-ucVWm5KfZLL-wYVuHBr2g2cBtAdFOw_e4Wq5rh1yQAOR8gRBiFSW8MXKm-qyEkv8nXj4iFq_mAmwaDUeVZxgQL9-KbGUEn5IjQ2Rl5RHGMixKCixusvGIYVFAuY0OK7mvP8Vjvmpqr60KzcG-8RACVk3ezNqtpVzPTptVOKzN9UDyn_Osz1n_yyTPSf4uO9n6BHGPt5Ir3_T70KZjYIBjR1-t6ZrIKgI6R6NLBH40BCHHDUXFHMMA&sai=AMfl-YTiIbPhWLKo87ts4c6bOOc1Xu5dctP88Hs6eZ6X4yNii-CcUdOckatDAgmBdckl5mjTAP5Z3s6mGHqcTLDfjSh2q5fkYunvqR_AloQvo1teoW5C7siSYRRmWLZocGDMoZjLLXcmc5ZU&sig=Cg0ArKJSzNTM3Z8TdALjEAE&cid=CAQSOwBpAlJWuo7UFMur6nQpF6H-7sJwh5Jj5SmqaZZxPJqAIABMR_JxKuf5tm8FQVcA7AxSK0QbTDwO5-yyGAE&id=ampim&o=582,1093&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=443&tls=1443&g=100&h=100&tt=1443&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8184 42 B
64 B 81ms
81ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqsmlAzBx43O_sPZTODfuafiKKwn8MR526edv_jsiEGweBIwGpzIvOvPFJST8DSYTrCC4Iodx07NDxNOKrQZPCX-WfW8E0WkG052_UMKLYDfUpw5MFdKN2aZud7k8dsCRK3ZpO_QubEX93b0iIgn-kxY0GyanYkm-vLkfVocsb&sai=AMfl-YQHRXhHeZ4UgrDLY3egeN2HM9BbGQ5Nyp_96jpR9z_GrctVxqxsoKSaEwS7XJBIwxG7k7UY2BKtNNbwh4FvStqU95BV_SIgaC09tVG90tu3HQwkKsGzFMP4tzs&sig=Cg0ArKJSzO7DwCAuxQ2dEAE&cid=CAQSOwBpAlJWuo7UFMur6nQpF6H-7sJwh5Jj5SmqaZZxPJqAIABMR_JxKuf5tm8FQVcA7AxSK0QbTDwO5-yyGAE&id=ampim&o=340,742&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=420&tls=1420&g=100&h=100&tt=1421&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://depedlacarlota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:10:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 9027 0
260 B 148ms
41ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=157483&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:10:46 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: my.juno.com
URL: https://my.juno.com/redesign/common/fonts/OmnesBlack-Italic.otf

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3406&u=https%3A%2F%2Fdepedlacarlota.com

Domain: fid.agkn.com
URL: https://fid.agkn.com/f?apiKey=2345742925&r=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F&r=https%3A%2F%2Fmy.juno.com%2F

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Juno (Telecommunication)

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
depedlacarlota.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 26742ttin9hei5dlkc9sv61f27
.depedlacarlota.com/	1970-01-20 14:28:37	Name: UOL-A-TKN-HASH Value: 996adaac4035f0eecbb6c9a1f962afe6
depedlacarlota.com/	1970-01-20 14:28:37	Name: _pbjs_userid_consent_data Value: 3524755945110770
.rubiconproject.com/	1970-01-20 22:31:01	Name: khaos Value: LKW4NVXQ-1P-48AF
.rubiconproject.com/	1970-01-20 22:31:01	Name: audit Value: 1\|naVuGyos1qrQoF8GlKVzGgNb0fGVcfL/XWaA1sYWTLE9gLr7Yht2fdR5V93NE/Ts2j9E88AshQw03/z3WyIRIPPzJ6cr+j5/I68WgYmS8HcLDlwVNfQsxCKPLRELhl3x0A+VO7RH1E0=
.depedlacarlota.com/	1970-01-20 18:04:37	Name: _pubcid Value: ad2f0468-46f8-48d9-8432-1a85a682955a
depedlacarlota.com/	1970-01-20 15:11:49	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-08-04T05%3A10%3A43%22%7D
.depedlacarlota.com/	1970-01-20 23:07:01	Name: __gads Value: ID=1decb0ca06470b1f:T=1691125843:RT=1691125843:S=ALNI_MYrob8XNs2N8-6JHS2EPlXyrgm3OA
.depedlacarlota.com/	1970-01-20 23:07:01	Name: __gpi Value: UID=00000c4c012b442e:T=1691125843:RT=1691125843:S=ALNI_MaTBJGs2U3Nirqahjf7u8_GyJTyUw
.doubleclick.net/	1970-01-20 23:07:01	Name: IDE Value: AHWqTUmeK1XuN8cHzF9Aqz24kgH-Xd--7BzHoKKqU6Mmic_U2zhcEEd5ZTPJuXGrp_A
.h.parrable.com/	1970-01-20 13:46:52	Name: _test_cookie Value: true
depedlacarlota.com/	1970-01-20 22:29:35	Name: _parrable_id Value: eid%253A01.1691125844.4fc756e1e2a79971b91287a8b635477d767ab4c3b8a6e100c2fbba71fbf1025ec5e1027c9f33d413910db5eb84243c665c2beeac56921d7763316c58d3a0a8281499afb715b1a57632f9%252Ctpc%253A0%252CtpcUntil%253A1691212244
sic.33across.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: dsic-015-chi~7swrhw3h-k4cfxz1l-e5c0xvrj-ebknqyq1
.criteo.com/	1970-01-20 23:07:01	Name: uid Value: cf486360-993c-4375-a2f7-b558ee327e85
.depedlacarlota.com/	1970-01-20 23:07:01	Name: cto_bundle Value: PO8z4V9aeGhHc2dXODlxbHI5Q3IlMkJMJTJCJTJCeE85QXVjNndpRkNrRzglMkJFbjFURFd0WEQwa3d5d0E0MEFja2FFaGw4QmtnRnoyczklMkZ4bnlQdUNlVFBFSTlWdmZjazlWSiUyQkdCZkMlMkYxaGRhZ2twbDNsJTJGbFJnbzNvcHhwTEZNM1NwY3NCUEw2dGxNYTlVbzc0VVY1WU9raVBBSzYlMkZhVUVERiUyRmJWJTJCNzJGRU9IMmM1SkRhdUFZJTNE
.pubmatic.com/	1970-01-20 22:31:01	Name: KADUSERCOOKIE Value: 417635AF-411E-4338-B837-CCB15368A6CE
.pubmatic.com/	1970-01-20 15:55:01	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 13:46:52	Name: pi Value: 157483:2
.pubmatic.com/	1970-01-20 15:55:01	Name: DPSync3 Value: 1692316800%3A235_201_245_241
.pubmatic.com/	1970-01-20 15:55:01	Name: SyncRTB3 Value: 1692316800%3A13_161_56_54_251_220_21_46_8%7C1692403200%3A35
depedlacarlota.com/	1970-01-20 13:46:52	Name: _lr_geo_location Value: DE
.quantserve.com/	1970-01-20 15:55:01	Name: d Value: ELkBCwHQKfijAA
.quantserve.com/	1970-01-20 23:15:40	Name: mc Value: 64cc8856-74bf0-5d7a4-f8691
.weborama.fr/	1970-01-20 23:11:21	Name: AFFICHE_W Value: EqJ8WGYluaQS61
.adform.net/	1970-01-20 14:30:04	Name: C Value: 1
.simpli.fi/	1970-01-20 22:32:28	Name: suid Value: 89516244A269451096A6DCCB81B9C644
.de17a.com/	1970-01-20 22:23:49	Name: guid Value: 1.424719251070108941
.adform.net/	1970-01-20 15:11:49	Name: uid Value: 6857371849744593756
.pubmatic.com/	1970-01-20 15:55:01	Name: KRTBCOOKIE_153 Value: 1923-1p4YPtiSTmvNnU8_hppWaISdGmnNzENr2ZuODk0L&KRTB&19420-1p4YPtiSTmvNnU8_hppWaISdGmnNzENr2ZuODk0L&KRTB&22979-1p4YPtiSTmvNnU8_hppWaISdGmnNzENr2ZuODk0L&KRTB&23403-1p4YPtiSTmvNnU8_hppWaISdGmnNzENr2ZuODk0L
.pubmatic.com/	1970-01-20 15:55:01	Name: KRTBCOOKIE_80 Value: 22987-CAESEBA0uZH2fIerDwZCvkaZQ40&KRTB&23025-CAESEBA0uZH2fIerDwZCvkaZQ40&KRTB&23386-CAESEBA0uZH2fIerDwZCvkaZQ40
.pubmatic.com/	1970-01-20 14:28:37	Name: KRTBCOOKIE_336 Value: 5844-424719251070108941
.rfihub.com/	1970-01-20 23:07:01	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjM2MTE0MzMzMhbiM9Q1y6vUjcwptXBJKfUGAP68u8AlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjM2MTE0MzMzMhbiM9Q1y6vUjcwptXBJKfUGAP68u8AlAAAA
.rfihub.com/	1970-01-20 23:07:01	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmloaGRqYWJmZmoAAOQLLfQQAAAA
.pubmatic.com/	1970-01-20 14:28:37	Name: KRTBCOOKIE_391 Value: 22924-6857371849744593756&KRTB&23263-6857371849744593756&KRTB&23481-6857371849744593756
.pubmatic.com/	1970-01-20 15:55:01	Name: KRTBCOOKIE_18 Value: 22947-5141210826344166623
.pubmatic.com/	1970-01-20 14:28:37	Name: PugT Value: 1691125844
.yahoo.com/	1970-01-20 22:31:23	Name: A3 Value: d=AQABBFaIzGQCEODSILI2LxHrpk0dvB7_IjIFEgEBAQHZzWTWZAAAAAAA_eMAAA&S=AQAAAtFNzkpt4qhjC8ktDEViHNw
.amazon-adsystem.com/	1970-01-20 23:21:25	Name: ad-privacy Value: 0
.audrte.com/	1970-01-20 14:07:01	Name: arcki2 Value: 44gwrm28p-gQcqj1IwEfuuimQ!20220908!1691125846787!ip#80.255.7.107
.audrte.com/	1970-01-20 14:07:01	Name: arcki2_pubmatic Value: 417635AF-411E-4338-B837-CCB15368A6CE!20220908!1691125846791
.linkedin.com/	1970-01-20 22:31:01	Name: bcookie Value: "v=2&c77b7b4c-3fa5-495c-88cb-7db0bf04b6e6"
.linkedin.com/	1970-01-20 18:04:37	Name: li_gc Value: MTswOzE2OTExMjU4NDY7MjswMjHdlRRE2f3g0uali22kjaiaATrFDpxuoW/CW7UnshjPgw==
.linkedin.com/	1970-01-20 13:46:52	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3055:u=1:x=1:i=1691125846:t=1691212246:v=2:sig=AQEV0hD-EigRgB0i9rsSBoc-Wd7wDUfs"
.audrte.com/	1970-01-20 14:07:01	Name: arcki2_ddp2 Value: 44gwrm28p-gQcqj1IwEfuuimQ!20220908!1691125846971
.amazon-adsystem.com/	1970-01-20 19:32:28	Name: ad-id Value: AwLaVXa9EUYRjcsHKdaD41U
.audrte.com/	1970-01-20 14:07:01	Name: arcki2_adform Value: 6857371849744593756!20220908!1691125847147
.pubmatic.com/	1970-01-20 14:28:37	Name: SPugT Value: 1691125846

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://depedlacarlota.com/common/js/pageview.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/ Message: Refused to execute script from 'https://depedlacarlota.com/common/js/pageview.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
javascript	error	URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/ Message: Access to font at 'https://my.juno.com/redesign/common/fonts/OmnesBlack-Italic.otf' from origin 'https://depedlacarlota.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://my.juno.com/redesign/common/fonts/OmnesBlack-Italic.otf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://depedlacarlota.com/start/viewhttps://my.juno.com/redesign/common/phoenix/blankPhnx.html?v=34955 Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://depedlacarlota.com/start/viewhttps://my.juno.com/redesign/common/phoenix/blankPhnx.html?v=34955 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	error	URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/ Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=3406&u=https%3A%2F%2Fdepedlacarlota.com' from origin 'https://depedlacarlota.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3406&u=https%3A%2F%2Fdepedlacarlota.com Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://depedlacarlota.com/hoss/juno.com/Sign-in.php/ Message: Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2345742925&r=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F&r=https%3A%2F%2Fmy.juno.com%2F' from origin 'https://depedlacarlota.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://fid.agkn.com/f?apiKey=2345742925&r=https%3A%2F%2Fdepedlacarlota.com%2Fhoss%2Fjuno.com%2FSign-in.php%2F&r=https%3A%2F%2Fmy.juno.com%2F Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=417635AF-411E-4338-B837-CCB15368A6CE&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

734477f9209c4f80d80925de3ab55491.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ap.lijit.com
ats.rlcdn.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn-sic.33across.com
cdn.ampproject.org
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
content.uolstatic.com
cr.frontend.weborama.fr
d5p.de17a.com
de.tynt.com
depedlacarlota.com
dis.criteo.com
dmp.adform.net
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.untd.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
gum.criteo.com
h.parrable.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ic.tynt.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
match.adsrvr.org
mug.criteo.com
my.juno.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
sc.tynt.com
secure.adnxs.com
securepubads.g.doubleclick.net
sic.33across.com
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
static.criteo.net
static.uolcontent.com
sync.crwdcntrl.net
t.pubmatic.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.untd.com
um.simpli.fi
uol-d.openx.net
web.hb.ad.cpe.dotomi.com
webmail.netzero.net
webmail.uolstatic.com
www.google.com
www.googletagservices.com
www.gstatic.com
c.amazon-adsystem.com
fid.agkn.com
my.juno.com
104.18.19.219
104.18.24.112
104.18.24.185
108.138.1.25
13.32.99.35
141.95.98.64
141.95.98.65
142.250.186.98
143.204.98.4
151.101.1.108
178.250.7.11
178.250.7.13
18.196.251.166
18.66.138.185
184.30.16.195
184.30.22.30
185.64.189.112
185.64.189.226
185.64.191.210
185.89.210.180
192.124.249.57
193.0.160.131
198.47.127.19
198.47.127.20
213.155.156.183
216.52.2.6
216.52.2.91
2602:803:c003:200::45
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:802::2001
2a00:1450:4001:806::2003
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:830::200e
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::d
2a02:fa8:8806:16::1460
2a05:d018:d29:3601:9ed9:69f8:bfd6:471c
34.111.129.221
34.111.131.239
34.149.20.76
34.98.64.218
35.196.86.86
35.204.74.118
37.157.5.132
52.214.214.124
52.223.40.198
52.46.155.104
52.95.126.138
54.144.249.67
64.136.45.46
64.136.52.17
64.136.52.49
64.136.53.30
64.136.53.83
67.202.105.24
67.202.105.31
69.173.144.139
69.173.144.165
76.223.111.18
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
11c74aed50911d54c04455fe1d9c04f42c5f6cf438a94976f890f25f2a59f699
12240e221536be70eafd000fb14a003ced41d4c0f41da487a754285e17beac18
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b65c8060506b694daa9e0e53727558483d6701360535078dc8479bec1847e79
23ef66d1d73a81ba6ac808f9d721bd4a13e6e033d97414040361d60e90a77c5c
240ba45f09154352c61c79884a4662a0bc6c74282798088571f5271cd290361d
259ec1ae107a174e941ffbc7771dc2bc3b91269e15e56a3483cef01d2ed17a25
286e3eca6ee221988d3fcf8925c89b00453fb1ceb090ab8bfa467903995c2a98
293a55ecf8395b41ce9f3520d72cfc943bf09807aac64595855a8a380f76f19e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b5eeeb211f2b120bf3f918a06f149d8e975a17a691b59e2108aefcc3d730686
2c2947428159b2a8035b255833abb998744cdc92e3151f7eb76604cdbbd47b2e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35d54aea0904a49c26427aa821f53f9d5c5297a5b9455ab526164f48f836d4d3
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
387e903b87139788e890b1779db8705b589e12aa25fc70096cf190716503585f
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b72af59b1d95751583f25bee44592d7026c8b9f6922fd5bfff7ecd961c6859c
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
4326543f6822fa60a37c13f57bffe8696d990d4a4cd38565f17a38844d98884c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a52a0201748dd82b033cfee0104e548bc12cf6d36e803d62d4699e72d68faaf
4b363220ccb1c1cb1673ca3bde162b34fd7ebb98b42c356f206a4c0f678b0b57
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c
530a7ec85c99a87c16767bea53210c18c3ec6c45449c931931276271d5b58bbc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a3112f7fd15b6e4ccb92bcab0878396af953c3511544098b2d0f8c909a60f9d
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984
5f7f1621cb60a863689d4db0891e80afd1a81df6e1b53b44ef15b0ede1f8e501
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332
639c3ebdb9c14a3fa26b9da8b4984e0496a74b4bdc44903cb942fa5bf6963d1d
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
698352b802cacb9884c7959cb3175461f29f214d6a9d7d1b1bab1cdb1fc177fc
6ba6cfb901156845a6d571c65a55728e59509155f4c05f49a9fc42c2682ee367
6d0e3eeb555641cfcd0a77995b79821f3749449b9c1c6137e89516d9f4448882
6d43b1ce20fe88c2ea66a4ca9d74785a71cf0f7f3757ad01bb5d4341471289d6
6e541a2e25d5ac0a50e3630d2c58dc3e6ce043fa94e160b0098faeac18f4ad3f
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3
770db21d3a14a399f29c904d4f1ccd6c01083d72c94b2358786421d48fb49e00
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8125632f7d09f54a0bd0c7fcfdfd83db31bdf5b98f0df5c47ef076de58ddd1d6
8a7c1ace940c0a0e0746d4b9cb585cd62b4723effa8eec7ae1b02d75404ad528
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc950344f0c7eb7089586177f8d9608c7aa2b72c6a24beec07e6264211dadd5
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
9309112941d22c1b957fd05b840dc8611d52b7abe3bdd9e3587259c25a759351
9543239aa50b032bc3b599ca6f5c5f09842dc0e79009cf471376a591aeb61db6
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9d48c5632f1135b68ed34c30220348156593a68ee4bc96a7131f30f6eed4c7db
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3bd4d5f4d5b6ccc9573c2bdb34fda04e96aff2f99bf162f3784acff5ab0bb32
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ad7c8760b4603216ce9b59c3656676f1b53f9f55c89d089120642afc9d06eadc
ae3aca338efaa4d9fd95092fd1da6fe75f0e2e70dbd8a27075ae230022cebea7
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5e27fd7a1e52a127c658e4f6dab7986ba6efee03075fe387143608f82afd1c4
b72a42a64ed3d1c9f200a23b5d7a6be5dee82bd576b30fc5255b188b4f8be230
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
cbb059be49618778c98989db369709c42f767a23456b951490726fe5a334e125
cd3f935ae27692c1a349dea244d728367595e58cd53d63bb267688d61619412d
cd43e2ff94fccb39f756a6a4e87eeec4a2be6f40ce297fb8e122ac87d72a0355
cd883133a5d791c2d1a818e0380ff88b0d3cb7ba464c74273cd78ec3f59eb0c9
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe5353a092600c0a14d95620f3dc6609bef7a0d3ea9a50d6bb4be26ecd33c10
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d30bfeecbe2f5b232216902c67974e67f6630e5bcf70b84f2810a77903d16e4b
d30efee02600bf3071762aa2a29aa80c5cc9f07d64691600fad14b434df0b828
d3251288b9aea12273a3e89236d3ba25480172bc85071466afac758a5fde3f46
d32905ea66f7c251d8b6bdc253b0a9ff98953cf373e72f8c62a6d2d39107a206
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d762c0ab92d46134c186e1a5c1c21ed4484836560ad255af4d3937c30dc983e7
d981a9a97dff32486bd8b956cb51dd9548feb2b1da19dfbe21185941536154b2
daa54161f99fc0c8d5cd52f3704c5f0c92e0d476fdec49ac22cff9415579b3e3
daed647021f79a17871a3f4d6a1f51a37577c10c72ee9e4392a38822273d436f
dc355ade68d305d357c2bf683b812f0f3ed084a13676d3195c7e12b9533634a3
ddb0dbffcb906bc22ab388ac57e6f4a9769d57dd97c4c88bc32a68d03aa2980d
e34a5dc7cc665acae94891933b79917b07a459cdef76b6911e7f1bc00b923e16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6986bb7ba46ad1711513169fa268170228092ee86dcec85a0d1d3338d0af4b8
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334
ed90fe0b87ad869e2f6bc139d5693e277d5038adb252b90178e8fd9c059fec57
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf
f37bca866f5cad4c9d7449e745eb103fda6649e5a1915b63655ef8f5277f4929
f4947874fe3a82597a8870907762e8bc41b5f0a01e063878af0604aa7ce4d803
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85
fbf39f3d4ccd16d61f6dcbb9f0888f8d1573b13b43c913cf1596c2ed02059f2a
ffe5c44ebe4999e46299b6b8d7dcb5e06e4ccb8bbc91005c217956ec7cba0b80

depedlacarlota.com Open in urlscan Pro 192.124.249.57 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

185 Requests

90 %HTTPS

30 %IPv6

43 Domains

79 Subdomains

63 IPs

10 Countries

1882 kBTransfer

5264 kBSize

48 Cookies

24 Outgoing links

Redirected requests

185 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

depedlacarlota.com Open in urlscan Pro
192.124.249.57 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

185
Requests

90 %
HTTPS

30 %
IPv6

43
Domains

79
Subdomains

63
IPs

10
Countries

1882 kB
Transfer

5264 kB
Size

48
Cookies

185 HTTP transactions
5 data transactions