extra.com.co Open in urlscan Pro
92.204.132.34 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://extra.com.co/
Submission Tags: tranco_l324
Submission: On November 11 via api (November 11th 2021, 10:43:28 am UTC) from DE — Scanned from DE

Summary HTTP 433 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 64 IPs in 11 countries across 60 domains to perform 433 HTTP transactions. The main IP is 92.204.132.34, located in Warrenton, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is extra.com.co.

This is the only time extra.com.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
98	92.204.132.34 92.204.132.34	398108 (GO-DADDY-...) (GO-DADDY-COM-LLC)
4	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
5	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	89.108.122.252 89.108.122.252	197695 (AS-REG) (AS-REG)
1	3.129.250.65 3.129.250.65	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
10	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2	3.68.1.119 3.68.1.119	16509 (AMAZON-02) (AMAZON-02)
5 5	18.157.198.157 18.157.198.157	16509 (AMAZON-02) (AMAZON-02)
18 23	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
7 18	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
10	146.20.128.133 146.20.128.133	27357 (RACKSPACE) (RACKSPACE)
26	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
26	146.20.132.43 146.20.132.43	27357 (RACKSPACE) (RACKSPACE)
25	146.20.128.137 146.20.128.137	27357 (RACKSPACE) (RACKSPACE)
6 6	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	217.79.188.10 217.79.188.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	217.79.188.54 217.79.188.54	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
11 19	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
11 15	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
3	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
9	18.159.16.69 18.159.16.69	16509 (AMAZON-02) (AMAZON-02)
1 4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3	2600:9000:206... 2600:9000:206f:e000:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
2	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1 4	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
1 4	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
15	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	51.178.130.209 51.178.130.209	16276 (OVH) (OVH)
2 2	80.158.66.20 80.158.66.20	34086 (SCZN-AS) (SCZN-AS)
6	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	13.32.22.102 13.32.22.102	16509 (AMAZON-02) (AMAZON-02)
3	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2600:9000:206... 2600:9000:206f:7400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
3 4	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
2 2	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
6	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
9	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
20	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
2	51.68.117.182 51.68.117.182	16276 (OVH) (OVH)
2	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	52.218.121.9 52.218.121.9	16509 (AMAZON-02) (AMAZON-02)
2	3.141.243.179 3.141.243.179	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 3	52.215.68.151 52.215.68.151	16509 (AMAZON-02) (AMAZON-02)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.190.87 185.64.190.87	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	2a05:d018:d29... 2a05:d018:d29:3605:5ad:a774:ca1b:74c5	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.178.101 35.210.178.101	19527 (GOOGLE-2) (GOOGLE-2)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	() ()
1 1	18.134.84.26 18.134.84.26	() ()
1	209.54.177.54 209.54.177.54	() ()
1 1	162.55.6.210 162.55.6.210	() ()
433	64

98 92.204.132.34 (Warrenton, United States)

ASN398108 (GO-DADDY-COM-LLC, US)
PTR: ns1003685.ip-92-204-132.us

extra.com.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.122.252 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d11592.col.agava.net

world-weather.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.world-weather.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.1.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-1-119.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.157.198.157 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-198-157.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.184.226 (United States) 18 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2.18.234.233 (Frankfurt am Main, Germany) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 146.20.128.133 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 146.20.132.43 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 146.20.128.137 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:678:cb4:bbbb::11 (United Kingdom) 6 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com

ad13.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2.18.234.21 (Frankfurt am Main, Germany) 11 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.252.172.36 (Frankfurt am Main, Germany) 11 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.159.16.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-16-69.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

vidoomy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:e000:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.149.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.47 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

ad2.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.70.9 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

ad17.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.239.217 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.178.130.209 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ns3169999.ip-51-178-130.eu

creative.mlsat02.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.mlsat02.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.158.66.20 (Germany) 2 redirects

ASN34086 (SCZN-AS, DE)

ebs08.telekom.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-102.fra56.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:7400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.29 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.112.63 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.68.117.182 (France)

ASN16276 (OVH, FR)

aaa.artefact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.218.121.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com

rechtstexte.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.141.243.179 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-243-179.us-east-2.compute.amazonaws.com

vid-io-cle.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.215.68.151 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-68-151.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:5ad:a774:ca1b:74c5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (None, )

ASN- ()

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.134.84.26 (None, ) 1 redirects

ASN- ()

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.54.177.54 (None, )

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.210 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
98	extra.com.co extra.com.co	16 MB
71	lkqd.net ad.lkqd.net v.lkqd.net t.lkqd.net cs.lkqd.net	293 KB
52	googlesyndication.com 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	289 KB
38	pubmatic.com vpaid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com image4.pubmatic.com simage2.pubmatic.com vid.pubmatic.com aktrack.pubmatic.com aud.pubmatic.com	220 KB
38	doubleclick.net 18 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	314 KB
30	adform.net 3 redirects track.adform.net c1.adform.net s1.adform.net	252 KB
20	stickyadstv.com 7 redirects ads.stickyadstv.com cdn.stickyadstv.com	154 KB
19	casalemedia.com 11 redirects dsum-sec.casalemedia.com	17 KB
15	adnxs.com 11 redirects ib.adnxs.com secure.adnxs.com Failed	14 KB
10	ad-srv.net 2 redirects ad.ad-srv.net ad2.ad-srv.net ad17.ad-srv.net	13 KB
9	advertising.com ads.adaptv.advertising.com	4 KB
7	adition.com 1 redirects imagesrv.adition.com ad13.adfarm1.adition.com dsp.adfarm1.adition.com	23 KB
6	mlsat02.de 4 redirects creative.mlsat02.de tracking.mlsat02.de	3 KB
6	turn.com 6 redirects ad.turn.com	3 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	231 KB
5	springserve.com vpaid.springserve.com vid-io-cle.springserve.com	261 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
5	google.com www.google.com adservice.google.com	2 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	2 KB
4	amazonaws.com rechtstexte.s3.amazonaws.com	172 KB
4	awin1.com 2 redirects www.awin1.com	2 KB
4	openx.net 1 redirects vidoomy-d.openx.net	1 KB
4	googletagservices.com www.googletagservices.com	146 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org	1 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	42 KB
3	spotxchange.com search.spotxchange.com	4 KB
3	vidoomy.com ads.vidoomy.com a.vidoomy.com	6 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	744 B
2	artefact.com aaa.artefact.com	2 KB
2	exelator.com 2 redirects loada.exelator.com	2 KB
2	onaudience.com 1 redirects pixel.onaudience.com	736 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	telekom.de 2 redirects ebs08.telekom.de	1 KB
2	2mdn.net s0.2mdn.net	76 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	600 B
2	world-weather.info world-weather.info static.world-weather.info	5 KB
1	loopme.me 1 redirects csync.loopme.me	216 B
1	amazon-adsystem.com s.amazon-adsystem.com	556 B
1	fwmrm.net 1 redirects 1f2e7.v.fwmrm.net	511 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	zeotap.com mwzeom.zeotap.com	455 B
1	quantserve.com 1 redirects pixel.quantserve.com	542 B
1	simpli.fi um.simpli.fi	616 B
1	criteo.com dis.criteo.com	334 B
1	google.de adservice.google.de	792 B
0	gumgum.com Failed rtb.gumgum.com Failed
0	deepintent.com Failed match.deepintent.com Failed
0	tribalfusion.com Failed a.tribalfusion.com Failed
0	iprom.net Failed core.iprom.net Failed
0	adgrx.com Failed cm.adgrx.com Failed
0	ad4m.at Failed ad4m.at Failed
0	audrte.com Failed a.audrte.com Failed
433	60

	Domain	Requested by
98	extra.com.co	extra.com.co
26	t.lkqd.net	ad.lkqd.net
26	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com extra.com.co googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
25	cs.lkqd.net	ad.lkqd.net
23	cm.g.doubleclick.net	18 redirects googleads.g.doubleclick.net extra.com.co
21	tpc.googlesyndication.com	extra.com.co 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
20	s1.adform.net	tracking.mlsat02.de s1.adform.net extra.com.co
19	dsum-sec.casalemedia.com	11 redirects googleads.g.doubleclick.net
18	ads.stickyadstv.com	7 redirects extra.com.co ad.lkqd.net vpaid.springserve.com cdn.stickyadstv.com
15	ib.adnxs.com	11 redirects googleads.g.doubleclick.net
10	v.lkqd.net	ad.lkqd.net
10	ad.lkqd.net	extra.com.co ad.lkqd.net
9	simage2.pubmatic.com	ads.pubmatic.com
9	ads.adaptv.advertising.com	ad.lkqd.net vpaid.springserve.com
7	ads.pubmatic.com	vpaid.pubmatic.com ads.pubmatic.com
6	image2.pubmatic.com	ads.pubmatic.com
6	track.adform.net	ad2.ad-srv.net ad17.ad-srv.net s1.adform.net
6	vpaid.pubmatic.com	vpaid.springserve.com blank
6	googleads.g.doubleclick.net	795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com extra.com.co
6	ad.turn.com	6 redirects
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	x.bidswitch.net	5 redirects
5	795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	securepubads.g.doubleclick.net	extra.com.co securepubads.g.doubleclick.net
4	rechtstexte.s3.amazonaws.com	ad2.ad-srv.net ad17.ad-srv.net
4	c1.adform.net	3 redirects ads.pubmatic.com
4	tracking.mlsat02.de	2 redirects ad2.ad-srv.net ad17.ad-srv.net
4	www.awin1.com	2 redirects ad2.ad-srv.net ad17.ad-srv.net
4	ad17.ad-srv.net	1 redirects 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com ad17.ad-srv.net
4	ad2.ad-srv.net	1 redirects 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com ad2.ad-srv.net
4	vidoomy-d.openx.net	1 redirects extra.com.co ad.lkqd.net
4	googleads4.g.doubleclick.net	extra.com.co
4	www.googletagservices.com	795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com extra.com.co
4	ad13.adfarm1.adition.com	795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com ad13.adfarm1.adition.com
4	www.google.com	extra.com.co 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com tpc.googlesyndication.com
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	match.adsrvr.org	3 redirects ads.pubmatic.com
3	image6.pubmatic.com	ads.pubmatic.com
3	vpaid.springserve.com	ad.lkqd.net
3	search.spotxchange.com	ad.lkqd.net
3	fonts.googleapis.com	extra.com.co securepubads.g.doubleclick.net
2	cdn.stickyadstv.com	ad.lkqd.net cdn.stickyadstv.com
2	a.volvelle.tech	2 redirects
2	pr-bh.ybp.yahoo.com	ads.pubmatic.com
2	ups.analytics.yahoo.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	visitor.fiftyt.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	vid-io-cle.springserve.com	vpaid.springserve.com
2	aktrack.pubmatic.com	extra.com.co
2	vid.pubmatic.com	vpaid.pubmatic.com
2	aaa.artefact.com	ad2.ad-srv.net ad17.ad-srv.net
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	1 redirects ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	d5p.de17a.com	2 redirects
2	ebs08.telekom.de	2 redirects
2	creative.mlsat02.de	2 redirects
2	ad.ad-srv.net	extra.com.co
2	s0.2mdn.net	extra.com.co
2	imagesrv.adition.com	795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
2	a.vidoomy.com	extra.com.co
2	pixel-sync.sitescout.com	2 redirects
1	csync.loopme.me	1 redirects
1	s.amazon-adsystem.com
1	1f2e7.v.fwmrm.net	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	extra.com.co
1	static.world-weather.info	world-weather.info
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.gstatic.com	www.google.com
1	ads.vidoomy.com	extra.com.co
1	world-weather.info	extra.com.co
0	rtb.gumgum.com Failed	ads.pubmatic.com
0	secure.adnxs.com Failed	ads.pubmatic.com
0	match.deepintent.com Failed	ads.pubmatic.com
0	a.tribalfusion.com Failed	ads.pubmatic.com
0	core.iprom.net Failed	ads.pubmatic.com
0	cm.adgrx.com Failed	ads.pubmatic.com
0	ad4m.at Failed	ads.pubmatic.com
0	a.audrte.com Failed	ads.pubmatic.com
433	93

This site contains links to these domains. Also see Links.

Domain
refpa.top
www.facebook.com
twitter.com
world-weather.info
www.hsbradio.com.co
admisiones.univalle.edu.co
www.geotab.com
elperiodicodeportivo.com.co
diariodelsur.com.co
diariodelcauca.com.co

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.world-weather.info Sectigo RSA Domain Validation Secure Server CA	`2021-01-11` - `2022-01-11`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
ad.lkqd.net R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2021-04-15` - `2022-05-17`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2021-05-21` - `2022-06-22`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.springserve.com Amazon	`2021-04-30` - `2022-05-29`	a year	crt.sh
ad-srv.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
tracking.mlsat02.de Sectigo RSA Organization Validation Secure Server CA	`2019-09-06` - `2021-12-04`	2 years	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
aaa.artefact.com R3	`2021-09-25` - `2021-12-24`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-03-22` - `2022-03-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh

This page contains 65 frames:

Primary Page: http://extra.com.co/
Frame ID: B04E4299B4031883F8231E0E2B2F0A90
Requests: 146 HTTP requests in this frame

Frame: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F054CD10B03562438CA81219EA99D443
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 3BFF8237460473D43A96AD501F10A40F
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 45F2C6B49B43338BC5A19FBAB11592B9
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 1A2CC86A4E7A673F25C6550D0DD29AEE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: AAA62AAD1A934D44FF2D996FECD938BC
Requests: 16 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 626A62D0D951668BAD388B9D8A2F72D6
Requests: 6 HTTP requests in this frame

Frame: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C793326422C637D690AEAEA45C1B72AF
Requests: 14 HTTP requests in this frame

Frame: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ED52707916A98FEDE1486349DF9C31F6
Requests: 15 HTTP requests in this frame

Frame: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4963D890EDAD8049B08502BECCF81445
Requests: 1 HTTP requests in this frame

Frame: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 07409A0941DA618258338556BD14B16C
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: DCB43F32B4D1AD3602986072EB30E1CB
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 9A7A3FEE8CA9604F01845F16D0656464
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 3C34534D52B1F2413888AA9FB3CA23F2
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 71E552E4A94D36A352D39B3E9E869EBE
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 20D73509FC4993BEB715BD1B51BE4243
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 267B7FB97EF3CDC31C19A42563AC75A7
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiIq7-6ATAB&v=APEucNVYtyY_U84uMnMbi-J2oQJ-_Yp_2tOC1VC6aZni8ep999XChG-x-7bFNKd9phL3lsJZa-id-N33bHjaELabqJW3nZ7s-gx4sMF3_NXG8qXCHBb1eTwRVHkDM6S3e5PTuMpRixvcurIQFRV2s2NetovqGHRjcw0mACZgn8EyHZKCitWAQjw
Frame ID: 9C1DF9FCF304DC3D9DA5E6513C6D8D7F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiIq7-6ATAB&v=APEucNVZj0LykTGmTjZvH_5_4Ig4nMFepZvU7mmZTow1VeiVDooZ83yEG_XYpp2PW7-oJvkPG97G1MlElCilS1-icAkdAYEz-nU9LFRvvq45NicjHvVVdEg5doDr4d4BcKMMIbX_2-TCv4MDhieqYm3-cKttk2dSsErAjw-K_szDTb7RjiOLUGI
Frame ID: F8A3B7A26A6A9598A723A917A399543B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhjDkP-5ATAB&v=APEucNUXo5LG5MNJrc35c0DHOnisrnKAZ5ZG-0iXqm3TXWFsjcZTFyz9gEEr8MS7jOlhvJW0u1Tc_q6keI0eJhZzEP-EpXnL5y6MsNaipig5sap2AAOrGvmOjwmGXvK3nOHYovbHBoC-egL2fMNbKCxKKl4ErIRflfEGpAIvmKaeI_AiOGfLI3g
Frame ID: 6D51658C65F4A317974868CA6FB63838
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js
Frame ID: 117B5A072100FC47F7CC680F52FA66D2
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhiOypq5ATAB&v=APEucNUxTDSYjZajZFCoP_U0suUZ20lQYan_v1sMTtIoQOQEp-FBVd3IjqJe0crhvjPGql4ysW-1Q1x1vMTEyMXKewSCliP3FGIGVNWSWzHAfdHEzveCGSCjPeTqHMIOhc2NXZSb9BZHLDPMIJxO1aeIN4Erk_ao5AatTkEDmt2GnVrTnKUEQzY
Frame ID: 114869DC5B080E7EB5EF663986F8A04F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js
Frame ID: B027A9CD34C60792B7B868FEF35A2B06
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7D057B530664FCB3C63374BE7724C808
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 831F7E9E38F6447A865F8A000210D908
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 28B7DE7E58923626A2D9B21CBCA41A63
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F287CB5EDDDAEF882011B1FC40B2A799
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Frame ID: 6E778123B08373A8E72C7B28B04ECB12
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627402649,,
Frame ID: 303B3C9B284FD5C0F722962F621DB5B7
Requests: 3 HTTP requests in this frame

Frame: https://tracking.mlsat02.de/onepixel.gif
Frame ID: A1EC8A7EC2F356043D0A723369795604
Requests: 1 HTTP requests in this frame

Frame: https://ad2.ad-srv.net/request_content.php?s=37829900059883500383828011775002&a=d86f8321
Frame ID: 9C0A8F371AFC62397E1C54004C602B65
Requests: 9 HTTP requests in this frame

Frame: https://tracking.mlsat02.de/onepixel.gif
Frame ID: 1627355FB18C67BF65D0EA29EF3B48D7
Requests: 1 HTTP requests in this frame

Frame: https://ad17.ad-srv.net/request_content.php?s=38593600072139500383828011775017&a=56a5b190
Frame ID: 86DA2B842CD728F1718DECE2E212FBAC
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3B888045ADFD4F1E7CDD389B4E7494B9
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03
Frame ID: EB1E217847F41B6969FC30B2605B67CA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4963301923403430068
Frame ID: A6C005B0E44F19FD692F8C5B10C80FEA
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2FD2322BEA7E930C988B682EED936A6B
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2068258/10483164/10483164.js?ADFassetID=10483164&bv=514
Frame ID: C39523F4099ED498011F25194E1E70C7
Requests: 7 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2068258/10502500/10502500.js?ADFassetID=10502500&bv=514
Frame ID: D8261A75A4E1D1CB4B380B594AF37BE3
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1D8029B8F1B2EB11A6D0485AE801F4F6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DCCDFD9E5D6FFEF476F4193DCE9FB9BB
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 7F9E0FD17A2AAFB77FCDF14B4E6C3EE4
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 20377245E826E6CCB89F2AFF0778FB02
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: F9B04E438286E80D9B3F2D9FB5985A1B
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Frame ID: 398DB3B257C628ED9D164077313FD402
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627405863,,
Frame ID: AC4E1F3BDBC772259CA8B4AAD4462BC8
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A0476BD1EAD7F60B889003EDF84DCC07
Requests: 13 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029261167349531878
Frame ID: 290A2CD8F2D8F3232B63033E70309C84
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYzzzgADuegckQAz&gdpr=0&gdpr_consent=&_test=YYzzzgADuegckQAz
Frame ID: 3BECE92F01109E1AF620490125306604
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: BC054E6FAA2DC1E15C8711F522131648
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 588A029DDD958DD170F480EEDCCFA125
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 9A3F362B9E8C488BC05B9EA12401727B
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 5DFD3017C7585CEDB5394E768CA48A74
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 7989F6D62FFAB71A69D8A147B94BAE9E
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Frame ID: A32E8646EED8C03853A023991BA0B036
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627408063,,
Frame ID: C653170D532E9967D896E7AADBA1E6B9
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3F631E4407298463404896CC67F6F2E9
Requests: 4 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 7735F5073E5838BCE6EB3E4C6C234BBF
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: F080CC794E51913E2B6B04DF36DA61F7
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 7D5B95DEC76CC8B2D93E9839C635E124
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3109247413
Frame ID: DE181C01B2A63C79FDDBAF4B994633E0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=FhVGt0rqmwm7sNP37gYSXzID
Frame ID: 63EC1650BA7B5CCD953B697B7AD519B6
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 8389DA62D60642B58FF42860F97863B6
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2D78702E581A40CF3CC4A831AE8A7DD0
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: EA9F3E08228360F4E7E89F14BA34A379
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

| EXTRA

Page Statistics

433
Requests

61 %
HTTPS

25 %
IPv6

60
Domains

93
Subdomains

64
IPs

11
Countries

18957 kB
Transfer

24019 kB
Size

78
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://refpa.top/L?tag=d_1241379m_97c__[]general[]_d60003_l58371_banner&site=1241379&ad=97

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HSBnoticias/

Search URL Search Domain Scan URL

URL: https://twitter.com/HSBnoticias

Search URL Search Domain Scan URL

URL: https://world-weather.info/forecast/colombia/bogota/
Title: Bogotá+10°ThursdayTh+18°+11°FridayFr+16°+12°SaturdaySa+17°+12°SundaySu+17°+11°MondayMo+17°+12°TuesdayTu+17°+11°WednesdayWe+17°+12°

Search URL Search Domain Scan URL

URL: https://www.hsbradio.com.co/

Search URL Search Domain Scan URL

URL: https://admisiones.univalle.edu.co/new/_new/posgrados#oferta

Search URL Search Domain Scan URL

URL: https://www.geotab.com/es-latam/?utm_campaign=null_null_la_null&utm_content=970x250&utm_medium=banner&utm_source=https://hsbnoticias.com/&utm_term=Oct+mx

Search URL Search Domain Scan URL

URL: https://elperiodicodeportivo.com.co/

Search URL Search Domain Scan URL

URL: https://diariodelsur.com.co/

Search URL Search Domain Scan URL

URL: http://diariodelcauca.com.co/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

Request Chain 118

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=550154113.89562451655435440.7169383 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=550154113.89562451655435440.7169383 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c&google_hm=ZWM3NDY4M2ItYjRjNS00MzkyLTllN2ItNWM4ZWMxYTc4NjBj HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEG9wIAzIazpLyxfP5G8C5bc&google_cver=1&ssp=vidoomy&bsw_param=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c

Request Chain 151

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3834067528268243937

Request Chain 156

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3617894746154460129

Request Chain 165

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3689952340192388065

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1&C=1

Request Chain 210

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzzysq-A0H05d73kGi92AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELk7oLvk8Pw_QvwUvL9VCd8%26google_cver%3D1

Request Chain 212

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1&C=1

Request Chain 214

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzzysq-A0H05d73kGi92AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1

Request Chain 216

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1&C=1

Request Chain 219

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzzysq-A0H05d73kGi92AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1

Request Chain 221

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D

Request Chain 225

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fextra.com.co%2F&cb=2113488083&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C81824011043432112391809931811,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fextra.com.co%2F&cb=2113488083&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C81824011043432112391809931811,, HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGEwZGFiNjMtZTJmNS02ZmRmLTYyM2YtY2NhNzk2YTQ0MWZi

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1

Request Chain 231

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzzysq-A0H05d73kGi92AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1

Request Chain 233

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D

Request Chain 242

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fextra.com.co%2F&cb=2113488083&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C81824011043432112391809931811,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fextra.com.co%2F&cb=2113488083&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C81824011043432112391809931811,,

Request Chain 256

https://ad2.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=f2e6ba3e4a&subid=&uid=e75ab0cfa1ef42eb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=http%3A%2F%2Fextra.com.co%2F&ancestorOrigins=http%3A%2F%2Fextra.com.co&random=1415193675117&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad2.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=f2e6ba3e4a&subid=&uid=e75ab0cfa1ef42eb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=http%3A%2F%2Fextra.com.co%2F&ancestorOrigins=http%3A%2F%2Fextra.com.co&random=1415193675117&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 257

https://ad17.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=2ee90b2087&subid=&uid=2460c6c1b22d3876&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=http%3A%2F%2Fextra.com.co%2F&ancestorOrigins=http%3A%2F%2Fextra.com.co&random=1202229261790&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad17.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=2ee90b2087&subid=&uid=2460c6c1b22d3876&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=http%3A%2F%2Fextra.com.co%2F&ancestorOrigins=http%3A%2F%2Fextra.com.co&random=1202229261790&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 261

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=37829900059883500383828011775002&gdpr=&gdpr_consent= HTTP 302
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1636627403_&cachebuster=1636627403&awv=11430_473322_1636627403_31a7c680-42dc-11ec-9ee2-2231fc5720ae&gdpr=&gdpr_consent= HTTP 301
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NTEwMjE4MDM7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzY2Mjc0MDNfMzFhN2M2ODAtNDJkYy0xMWVjLTllZTItMjIzMWZjNTcyMGFlOw..&target=https%3A%2F%2Ftracking.mlsat02.de%2Fonepixel.gif HTTP 302
https://tracking.mlsat02.de/onepixel.gif

Request Chain 264

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=38593600072139500383828011775017&gdpr=&gdpr_consent= HTTP 302
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1636627403_&cachebuster=1636627403&awv=11430_473322_1636627403_31ab48f0-42dc-11ec-9ee2-2231fc5720ae&gdpr=&gdpr_consent= HTTP 301
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NTEwMjE4MDM7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzY2Mjc0MDNfMzFhYjQ4ZjAtNDJkYy0xMWVjLTllZTItMjIzMWZjNTcyMGFlOw..&target=https%3A%2F%2Ftracking.mlsat02.de%2Fonepixel.gif HTTP 302
https://tracking.mlsat02.de/onepixel.gif

Request Chain 269

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad2.ad-srv.net%2Fc%2Fckqvsgrcvf103ag%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1 HTTP 301
https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad2.ad-srv.net%2Fc%2Fckqvsgrcvf103ag%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__

Request Chain 272

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad17.ad-srv.net%2Fc%2Fcajzljrroftf9vw%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1 HTTP 301
https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad17.ad-srv.net%2Fc%2Fcajzljrroftf9vw%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__

Request Chain 283

https://c1.adform.net/serving/cookie/match?party=14&cid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03

Request Chain 284

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4963301923403430068

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4lotaQwERfi6Hl5SyP17Aw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 287

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f57e618c-f3cb-4800-9c64-be483d4dc889

Request Chain 288

https://pixel.onaudience.com/?partner=214&mapped=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=eea4d2da1de04e99fd52af7ebfd8d7aa

Request Chain 289

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTI1QTJENjktMEMwNC00NUY4LUJBMUUtNUU1MkM4RkQ3QjAz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 290

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKsl0xswVLgYk9aa-UEkcrk&google_cver=1

Request Chain 292

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a370618c-f3cb-4800-a483-d154c4359647&gdpr=0&gdpr_consent=

Request Chain 293

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3287583082620706528

Request Chain 294

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3407eb1d-2814-4550-832f-6d0dccd0a331

Request Chain 295

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8725330688953216047&gdpr=0&gdpr_consent=

Request Chain 296

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jGFy3NxjKd2XNXOHgmlnidlgc46XM3mMjmnLMvlm

Request Chain 352

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3689952340192388065

Request Chain 372

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029261167349531878

Request Chain 373

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YYzzzgADuegckQAz HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYzzzgADuegckQAz&gdpr=0&gdpr_consent=&_test=YYzzzgADuegckQAz

Request Chain 374

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHSjJrN0RHZWdBQUNpOUlDcWg0QQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 375

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&addseg=19,36,42

Request Chain 376

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 378

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03 HTTP 302
https://a.audrte.com/p

Request Chain 379

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1RdMqtZE2uWra_ogKonJZz_C5wX8QIo-~A&gdpr=0&gdpr_consent=

Request Chain 381

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=b7fffd01-0c92-48d5-a7a4-012877b937c5&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 383

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3689952340192388065&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 384

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 385

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:297c08c8-ef2a-45b2-b34e-f7eac6cb329b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 402

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3689952340192388065

Request Chain 418

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5acd38c5253a98247de1d78da9940e1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0de2_7029261193097971383 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NWFjZDM4YzUyNTNhOTgyNDdkZTFkNzhkYTk5NDBlMQ==&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHdjQk5pbvSgFmww09eIRO4&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3407eb1d-2814-4550-832f-6d0dccd0a331 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8725330688953216047 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/5acd38c5253a98247de1d78da9940e1&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=

Request Chain 421

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWFjZDM4YzUyNTNhOTgyNDdkZTFkNzhkYTk5NDBlMQ==&gdpr=0&gdpr_consent=

Request Chain 422

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5acd38c5253a98247de1d78da9940e1&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 432

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 435

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3109247413

Request Chain 436

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=FhVGt0rqmwm7sNP37gYSXzID

Request Chain 440

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

433 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
extra.com.co/ 85 KB
86 KB 314ms
305ms Document
text/html 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

e04266cfe34016c06d30cc0d3df09b5e310c2539b52cf254f98cc8f905dedf5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 11 Nov 2021 10:43:20 GMT
Server: Apache
Cache-Control: must-revalidate, no-cache, private
X-Drupal-Dynamic-Cache: UNCACHEABLE
Link: <http://extra.com.co/>; rel="canonical", <http://extra.com.co/>; rel="shortlink"
X-UA-Compatible: IE=edge
Content-language: es
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Expires: Sun, 19 Nov 1978 05:00:00 GMT
X-Generator: Drupal 8 (https://www.drupal.org)
X-Drupal-Cache: HIT
Keep-Alive: timeout=5, max=300
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK css_1sNL7IrcwzmkUAMR_HBs1oRaHIjAk6jTpAfy52Z0E1Y.css
extra.com.co/sites/default/files/css/ 12 KB
3 KB 189ms
189ms Stylesheet
text/css 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/sites/default/files/css/css_1sNL7IrcwzmkUAMR_HBs1oRaHIjAk6jTpAfy52Z0E1Y.css

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

d6c34bec8adcc339a4500311fc706cd6845a1c88c093a8d3a407f2e766741356

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Oct 2021 16:03:03 GMT
Server: Apache
Vary: Accept-encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=300
Content-Length: 2924
Expires: Thu, 25 Nov 2021 10:43:20 GMT

GET
H/1.1 200
OK css_l48AyeoABjj36ARbuT8NBAUzScWAas7xm_kW1BAkEvo.css
extra.com.co/sites/default/files/css/ 90 KB
15 KB 198ms
197ms Stylesheet
text/css 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/sites/default/files/css/css_l48AyeoABjj36ARbuT8NBAUzScWAas7xm_kW1BAkEvo.css

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

978f00c9ea000638f7e8045bb93f0d04053349c5806acef19bf916d4102412fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Nov 2021 12:16:41 GMT
Server: Apache
Vary: Accept-encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=300
Content-Length: 15402
Expires: Thu, 25 Nov 2021 10:43:20 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
969 B 38ms
17ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b80d81bcdcba7b6f787cad8c103d520eb4b68ce9299abd52195c99f6c100900

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Thu, 11 Nov 2021 10:43:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 57ms
19ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

d3e9515bc54110b70de9ee4a3750c758af01a58c4c1b2e9b220ffc1aed42a614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1040 / 793 of 1000 / last-modified: 1636623690"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26973
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 Nov 2021 10:43:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
886 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anton&display=swap

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91bb9babf9b922d9670efbad516ad7b026cc8bf763e1b5aaccb2e58c451e060a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 08:52:59 GMT
server: ESF
date: Thu, 11 Nov 2021 10:43:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 10:43:20 GMT

GET
H/1.1 200
OK 1st_dep_bonus_728x90%20%281%29_0.gif
extra.com.co/sites/default/files/inline-images/ 247 KB
247 KB 147ms
95ms Image
image/gif 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/inline-images/1st_dep_bonus_728x90%20%281%29_0.gif

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

3916a45d392a0e3fd36d03acf46dbf88c70ed76caf3aa743ae25330ddef5c73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Nov 2021 13:26:43 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=298
Content-Length: 252527
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK logo.png
extra.com.co/sites/default/files/ 5 KB
6 KB 244ms
95ms Image
image/png 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/logo.png

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

e7c9ddcfc95f4d0252b90e684c59ed3668608391a60d9d4a69bf549232a1ed6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Jul 2021 18:22:11 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=299
Content-Length: 5313
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H2 200 wwinformer.php Show response
world-weather.info/ 17 KB
3 KB 247ms
62ms Script
application/javascript 89.108.122.252
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://world-weather.info/wwinformer.php?userid=d3b90c8145e18ecf8e0a3daaf73d1576

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

89.108.122.252 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

d11592.col.agava.net

Software

nginx /

Resource Hash

55154fdbaeba2a00a729dc0871c57c444748ebacf1bc1cc0cf178402f297b80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK hsb_radio.jpg
extra.com.co/sites/default/files/inline-images/ 32 KB
33 KB 315ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/inline-images/hsb_radio.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

8dc2a93e9294201b588b81b4b467ab7a23eb679b703cc522752b69a19743da55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 29 May 2021 03:28:14 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=298
Content-Length: 32936
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK declaraci%C3%B3n.jpg
extra.com.co/sites/default/files/2021-11/ 234 KB
234 KB 225ms
96ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/declaraci%C3%B3n.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

2b5b9f52ef0666c83260be0a0bb7f593afce43bebf92b91f3f6dd176c693b313

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 17:21:49 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=299
Content-Length: 239519
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK nota%204.jpg
extra.com.co/sites/default/files/2021-11/ 12 KB
12 KB 304ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/nota%204.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

9e13d94d564f3b6d420fbf4a863b273917852e9667780c0fda46743d7e3cf177

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Nov 2021 22:08:34 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=297
Content-Length: 12226
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK Nota%202%20%281%29_0.jpg
extra.com.co/sites/default/files/2021-11/ 46 KB
47 KB 314ms
94ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/Nota%202%20%281%29_0.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

2ef821ed88d760004ab602d3e8226f7426c292b2f4859d9a04eced0b3643b1f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Nov 2021 22:05:35 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=297
Content-Length: 47555
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK nota%201%20%289%29.jpeg
extra.com.co/sites/default/files/2021-11/ 122 KB
122 KB 271ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/nota%201%20%289%29.jpeg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

bdb4a75eabcd7cca59fe6a9d106d267a4ebd18b5f40ef05c5c3f69f9b25c48de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Nov 2021 22:01:38 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=298
Content-Length: 124542
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK nota%202_8.jpg
extra.com.co/sites/default/files/2021-11/ 53 KB
53 KB 232ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/nota%202_8.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

b139c83887b3f327152b436c171ff8dd9efafdf3b37cb8c81b2b402e4aacb3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Nov 2021 21:56:54 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=299
Content-Length: 53958
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK banner-maestria-2022_univalle.png
extra.com.co/sites/default/files/inline-images/ 163 KB
163 KB 101ms
100ms Image
image/png 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/inline-images/banner-maestria-2022_univalle.png

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

228c7a3b7a8444a7b26e356b34d237a67314aa935fbfd508ced159fff2c96df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Oct 2021 14:54:03 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=294
Content-Length: 166550
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK 002.jpg
extra.com.co/sites/default/files/2021-10/ 448 KB
448 KB 99ms
98ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-10/002.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

78aee0c2d476350567e4eea2d0457e04462c5b246562a1adb3ca4b7297461512

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 15 Oct 2021 12:14:20 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=296
Content-Length: 458752
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK 003.jpeg
extra.com.co/sites/default/files/2021-10/ 107 KB
107 KB 96ms
96ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-10/003.jpeg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

cbfcc0ee832db2027c315073370060a6e54b854d536351108b401c605f44cbbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Oct 2021 12:23:40 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=295
Content-Length: 109445
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK 4_0.JPG
extra.com.co/sites/default/files/2021-10/ 5 MB
5 MB 99ms
97ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-10/4_0.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

fd99fd66d7985e2f5c9581a1194b957e381c111477397f06ffb25e0c80e7f49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Oct 2021 12:18:30 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=298
Content-Length: 5013606
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK 8%20yo%20me%20llamo_0.JPG
extra.com.co/sites/default/files/2021-11/ 36 KB
37 KB 97ms
96ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/8%20yo%20me%20llamo_0.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

6dad143b545c409589079184c5458f1933645f61d8c788f799879f3181d7b2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 23:57:37 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=294
Content-Length: 37119
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK Desconvocados%20Colombia%20-%20Noviembre%2009.jpg
extra.com.co/sites/default/files/2021-11/ 399 KB
399 KB 107ms
107ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/Desconvocados%20Colombia%20-%20Noviembre%2009.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

6c74da117fba1d0129407532920d62611afc70677198b0916c4a88ec77bb954b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 23:49:43 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=293
Content-Length: 408574
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK Copia%20de%20NOTA%201%20A%20%28OCCISO%29%20-%20NOVIEMBRE%2002.jpeg
extra.com.co/sites/default/files/2021-11/ 49 KB
49 KB 96ms
96ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/Copia%20de%20NOTA%201%20A%20%28OCCISO%29%20-%20NOVIEMBRE%2002.jpeg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

b95712d483518fe6ed60d00dd48bb65392135f90b7197b510787fe8c1befb889

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 23:41:52 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=293
Content-Length: 49750
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK NOTA%202%20-%20NOVIEMBRE%202.jpeg
extra.com.co/sites/default/files/2021-11/ 130 KB
131 KB 194ms
192ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/NOTA%202%20-%20NOVIEMBRE%202.jpeg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

6a5cd2f24106411506bf61f061a11d85328dad36c7c628ec1f9b00dffcfdb4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 23:26:38 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=300
Content-Length: 133422
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK CUBNA777.JPG
extra.com.co/sites/default/files/2021-11/ 64 KB
65 KB 200ms
196ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/CUBNA777.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

59556e9cb4cd756448d1e3fac54b2de1a76aa1a26cbc4feb850de2769bc1eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 23:24:22 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=300
Content-Length: 65935
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK piezas.JPG
extra.com.co/sites/default/files/2021-11/ 44 KB
44 KB 95ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/piezas.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

19a2abf413dc83d919a124f85468c2cec7304077718fa90630a810475496bc8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 23:11:20 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=292
Content-Length: 44708
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK 12%20CAMNBIO.JPG
extra.com.co/sites/default/files/2021-11/ 56 KB
56 KB 95ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/12%20CAMNBIO.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

0c75bd70c8ca4242721d97c541d4a35633a0f75e98f3d04cd0bafdc637030e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 22:50:21 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=295
Content-Length: 57376
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK poli9999.JPG
extra.com.co/sites/default/files/2021-10/ 42 KB
43 KB 100ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-10/poli9999.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

ae482924e9dc6bc4994990150f0d018c6da2aedc81bdb9b467a9e0baf1133e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 24 Oct 2021 19:28:18 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=292
Content-Length: 43240
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK vision8.JPG
extra.com.co/sites/default/files/2021-10/ 29 KB
29 KB 95ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-10/vision8.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

6d547266cf42e22e21fe94c97f9b82622b0c6891662ef3dbe202ffc174b8be1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 14 Oct 2021 19:21:10 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=291
Content-Length: 29544
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK TROMBOSIS%208_0.JPG
extra.com.co/sites/default/files/2021-10/ 33 KB
33 KB 96ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-10/TROMBOSIS%208_0.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

b9e0566efe009fd4fa2bb62647532bd51249326a792a47ddbaf94c7cf5550d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Oct 2021 19:44:51 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=294
Content-Length: 33317
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK lennon88.JPG
extra.com.co/sites/default/files/2021-10/ 23 KB
24 KB 99ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-10/lennon88.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

1643bd17cca9ee46983021d951bdea62a31f23089cd5df12478fe5263ee12408

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 09 Oct 2021 20:26:52 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=291
Content-Length: 23765
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK cauidado%20paliativos.JPG
extra.com.co/sites/default/files/2021-10/ 36 KB
37 KB 97ms
97ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-10/cauidado%20paliativos.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

94ebeacfbab6ea6e93345f504a2d91b152f9587ed8f9e04da8dc1a8ef3fe9b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 09 Oct 2021 17:48:35 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=290
Content-Length: 37367
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK bruno8888.JPG
extra.com.co/sites/default/files/2021-10/ 33 KB
33 KB 95ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-10/bruno8888.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

b563c8b0d1aba5211f9cefeca8ffbd7ea7570fe86369d9ab9c9a5eb1ce26de5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Oct 2021 16:27:31 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=293
Content-Length: 33823
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK elite-barber-shop.jpg
extra.com.co/sites/default/files/2021-09/ 27 KB
28 KB 99ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-09/elite-barber-shop.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

3ff08ef63b7a5f96d52c357773f5e396737af1b1b655d8bb24336904cf4bf302

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Sep 2021 21:02:03 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=290
Content-Length: 27972
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK topbannercolombia_0.jpg
extra.com.co/sites/default/files/inline-images/ 35 KB
36 KB 95ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/inline-images/topbannercolombia_0.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

1aaf80a6d762daf3ad592a1eeb48c50f118ba349beb04eb97218b55d80ecdd7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 15:01:02 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=289
Content-Length: 36201
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK 10-1.jpeg
extra.com.co/sites/default/files/styles/large/public/2021-11/ 10 KB
11 KB 100ms
100ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/10-1.jpeg?itok=fsoPWwQj

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

719b626fbf8729ff6ddbfa61061324229bcaf9452a3339c3e1e77d032a4b6671

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Nov 2021 03:53:05 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=299
Content-Length: 10602
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK plantilla_6.jpg
extra.com.co/sites/default/files/styles/large/public/2021-11/ 20 KB
20 KB 95ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/plantilla_6.jpg?itok=Qfab7rIm

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

896bb1f91a1157af27f43fb671666c0ffe66fe82bc6e2fa29ab25694ce986ceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Nov 2021 00:52:39 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=292
Content-Length: 20102
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK plantilla_5.jpg
extra.com.co/sites/default/files/styles/large/public/2021-11/ 28 KB
28 KB 99ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/plantilla_5.jpg?itok=8UrNL29M

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

0aa75e8bd8205d9bf3584ec5654cc3ca63af780c831d9d69eed354540b0a2829

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Nov 2021 00:38:07 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=289
Content-Length: 28743
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK 8%20yo%20me%20llamo_0.JPG
extra.com.co/sites/default/files/styles/large/public/2021-11/ 12 KB
12 KB 96ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/8%20yo%20me%20llamo_0.JPG?itok=USnqNnXK

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

1ce15eaef3b62cb4f87528055ccf08f7aca283e9e7824ceaae2509c2c538c39b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Nov 2021 00:00:30 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=288
Content-Length: 12074
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK SANTIAGO%20PE%C3%91A999_0.JPG
extra.com.co/sites/default/files/styles/large/public/2021-11/ 16 KB
16 KB 97ms
97ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/SANTIAGO%20PE%C3%91A999_0.JPG?itok=C5KImWGB

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

85ad10df28ecebe2639fae67915a3517d38ea52851ebb2d891948de480208a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 22:34:16 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=299
Content-Length: 16426
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK FILBO888.JPG
extra.com.co/sites/default/files/styles/large/public/2021-11/ 27 KB
27 KB 100ms
100ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/FILBO888.JPG?itok=Zh1s8e0b

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

5dc96422b6edd26534d13a1ac4be9a5b91e075748d9a48619eeb4b8d5df580f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 22:14:00 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=298
Content-Length: 27633
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK lopez.JPG
extra.com.co/sites/default/files/styles/large/public/2021-11/ 21 KB
21 KB 97ms
96ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/lopez.JPG?itok=JkUMspSY

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

f7553a57450bb94eda9cf2ee1138a0ff3bbfe599b0c2510312a9130b54088575

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 21:06:07 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=291
Content-Length: 21414
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK tom.JPG
extra.com.co/sites/default/files/styles/large/public/2021-11/ 15 KB
16 KB 102ms
102ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/tom.JPG?itok=MJbvWYEI

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

29862a809afafde6b5717ef6f98085e4281bf79a773c15da0d6fd708dbabdd2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 20:35:13 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=288
Content-Length: 15725
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK condecoraci%C3%B3n.jpg
extra.com.co/sites/default/files/2021-11/ 295 KB
296 KB 98ms
98ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/condecoraci%C3%B3n.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

438cc19a46ebaf1bc6199c9cff95220c9fbc0ae60b9b940d7bcfc20f62ca675f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 20:37:33 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=287
Content-Length: 302341
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK nueva-directora-ambiente.jpg
extra.com.co/sites/default/files/2021-11/ 45 KB
45 KB 105ms
105ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/nueva-directora-ambiente.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

8a1b761b14693a18b6b91ff12f3133bdb4f17b03c147ccd65ef226ef682afcce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 18:21:06 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=298
Content-Length: 45744
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK 618439932188f.jpeg
extra.com.co/sites/default/files/2021-11/ 47 KB
47 KB 102ms
100ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/618439932188f.jpeg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

6afbfa79e861f9bf86b47168cf84414a18de2dbf7052b1d7b5aaea1c321302d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 18:26:30 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=297
Content-Length: 48183
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK 5bbd8a5647301.jpeg
extra.com.co/sites/default/files/2021-11/ 35 KB
35 KB 97ms
96ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/5bbd8a5647301.jpeg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

63ce8a51efee6ab6775b8b30b8f198f418a66f14ac7f752ceec6f3f9d8bc359e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 18:29:39 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=290
Content-Length: 35854
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK apu%C3%B1alado.jpg
extra.com.co/sites/default/files/2021-11/ 29 KB
30 KB 102ms
100ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/apu%C3%B1alado.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

df8736effd13f92c1d341a2a0bc5a32029ace6112b05bfea2bceb94207dee776

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 18:37:28 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=287
Content-Length: 29933
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK ibagu%C3%A9.JPG
extra.com.co/sites/default/files/2021-11/ 40 KB
41 KB 98ms
97ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/ibagu%C3%A9.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

1b9698375b11cc72fff2d96f220310a0f31ceb22e387b45c8327c76b2a730e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 22:28:07 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=297
Content-Length: 41411
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK Bocado%27s.jpg
extra.com.co/sites/default/files/2021-11/ 46 KB
47 KB 97ms
96ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/Bocado%27s.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

4dfe90f77e4748a50637fe0160cbcfc406d72025a1a0496d7393877cf4cf0e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 21:26:07 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=289
Content-Length: 47322
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK NOTA2%20VILLA%20EMMA%20BOSA.jpg
extra.com.co/sites/default/files/2021-11/ 1 MB
1 MB 100ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/NOTA2%20VILLA%20EMMA%20BOSA.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

0fd7146446731e7ae7be2d909df0df861b0269dbe65a96dae926b51260a733df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 21:24:28 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=296
Content-Length: 1294706
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK Nota%201%20%C3%89L.jpg
extra.com.co/sites/default/files/2021-11/ 94 KB
94 KB 100ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/Nota%201%20%C3%89L.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

00c091e8bdd669f53f7e4db393b2599a1fdaa11e1f49ee2b7680ec4786819695

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 21:22:25 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=286
Content-Length: 95853
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK NOTA2%20MOTERO%20COMPARTIR%20SOACHA.jpg
extra.com.co/sites/default/files/2021-11/ 3 MB
3 MB 96ms
96ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/NOTA2%20MOTERO%20COMPARTIR%20SOACHA.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

de3ed9a3208501d34f05f048fc420e1eb2370327374f965bb0ad00295de876da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 21:17:23 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=286
Content-Length: 3440165
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK descarga%20%2811%29_0.jpg
extra.com.co/sites/default/files/2021-11/ 7 KB
7 KB 98ms
97ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/descarga%20%2811%29_0.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

b8263731dc9f4c729f0e5ae7d3ea0b5040618bbbab11623670a4ea6ee57dc021

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 19:04:10 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=296
Content-Length: 7293
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK 5decegve0.png
extra.com.co/sites/default/files/2021-11/ 83 KB
83 KB 97ms
96ms Image
image/png 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/5decegve0.png

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

e341be23dbcd93f8641dd04cd2b04474c03b5b33383043f44e06b0f330bb7648

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 18:59:46 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=288
Content-Length: 85130
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK ovni9.JPG
extra.com.co/sites/default/files/2021-08/ 13 KB
13 KB 103ms
102ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-08/ovni9.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

2f300b6bccf8bd28b3310dea3ced9abf9f197ab2253f06edb5083fcecaaf08f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 27 Aug 2021 19:52:28 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=285
Content-Length: 13397
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK edificio-miami-dade.jpg
extra.com.co/sites/default/files/2021-07/ 153 KB
153 KB 100ms
98ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-07/edificio-miami-dade.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

241fbb32903266f0dec16a97db9ddefe8854394d7018e1b4144e77cd107988b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Jul 2021 05:16:01 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=295
Content-Length: 156589
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK EXTRA%20BOGOT%C3%81_2.PNG
extra.com.co/sites/default/files/2021-11/ 162 KB
163 KB 99ms
98ms Image
image/png 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/EXTRA%20BOGOT%C3%81_2.PNG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

bfac38d0f2e125ddcdbc55aee747a4fc84a0d671c3984815f2c37878c0f54e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Nov 2021 12:48:43 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=287
Content-Length: 166182
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK EXTRA%20BOYAC%C3%81_2.PNG
extra.com.co/sites/default/files/2021-11/ 193 KB
193 KB 101ms
100ms Image
image/png 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/EXTRA%20BOYAC%C3%81_2.PNG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

6f597a8935f725a3efe74c2d8eabeed4425ab80b5ac46b49b66fe63726fdb987

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Nov 2021 12:48:43 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=284
Content-Length: 197622
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK EXTRA%20CASANARE_2.PNG
extra.com.co/sites/default/files/2021-11/ 306 KB
306 KB 99ms
96ms Image
image/png 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/EXTRA%20CASANARE_2.PNG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

b8729542b8524ec597e9f8c04663363bc8ffe91712a7d4386d6f8015173cbcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Nov 2021 12:48:43 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=286
Content-Length: 313207
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK EXTRA%20GIRARDOT_2.PNG
extra.com.co/sites/default/files/2021-11/ 340 KB
340 KB 99ms
99ms Image
image/png 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/EXTRA%20GIRARDOT_2.PNG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

53fcdd5b00ed2bf8e298ce4545639bf2b7ced00ecbd4a075cd207df43a04e4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Nov 2021 12:48:43 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=283
Content-Length: 347828
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK EXTRA%20HUILA_2.PNG
extra.com.co/sites/default/files/2021-11/ 206 KB
206 KB 99ms
97ms Image
image/png 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/EXTRA%20HUILA_2.PNG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

db69830237fe091b27e19bac98efce09c799334fef1a679829121900a773f7bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Nov 2021 12:48:43 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=294
Content-Length: 210689
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK EXTRA%20LLANO_2.PNG
extra.com.co/sites/default/files/2021-11/ 155 KB
155 KB 101ms
101ms Image
image/png 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/EXTRA%20LLANO_2.PNG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

8df7d21c96fac7c52fcd1a3a38abd27ebcacda1f2001552d0fd33801708df1d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Nov 2021 12:48:43 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=295
Content-Length: 158693
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK 8%20yo%20me%20llamo.JPG
extra.com.co/sites/default/files/styles/large/public/2021-11/ 12 KB
12 KB 95ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/8%20yo%20me%20llamo.JPG?itok=Mci1KNtg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

1ce15eaef3b62cb4f87528055ccf08f7aca283e9e7824ceaae2509c2c538c39b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Nov 2021 00:00:30 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=285
Content-Length: 12074
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK CUBA.JPG
extra.com.co/sites/default/files/styles/large/public/2021-11/ 11 KB
12 KB 95ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/CUBA.JPG?itok=M6ImYXbv

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

29b37a1d10afc11a115ee3f57db3f52f4d8ef782cc10b883a26f696ced5884af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 23:30:35 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=285
Content-Length: 11653
Expires: Thu, 25 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK piezas_0.JPG
extra.com.co/sites/default/files/styles/large/public/2021-11/ 18 KB
19 KB 99ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/piezas_0.JPG?itok=Ihrl0dfg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

1481fbe65f967d136d0513010e30963c8d123b4336be2a9bcdb310815050cf21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 23:13:27 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=282
Content-Length: 18678
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK china%20888.JPG
extra.com.co/sites/default/files/styles/large/public/2021-11/ 15 KB
16 KB 97ms
97ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/china%20888.JPG?itok=dgEBgYjJ

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

5961999eddfe63fbc099323990a1c709ee433778b6acce546fa8330512e240c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 23:01:40 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=293
Content-Length: 15561
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK SANTIAGO%20PE%C3%91A999.JPG
extra.com.co/sites/default/files/styles/large/public/2021-11/ 16 KB
16 KB 97ms
97ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/SANTIAGO%20PE%C3%91A999.JPG?itok=VZMVOU8B

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

85ad10df28ecebe2639fae67915a3517d38ea52851ebb2d891948de480208a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 22:34:17 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=297
Content-Length: 16426
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK FILBO888_0.JPG
extra.com.co/sites/default/files/styles/large/public/2021-11/ 27 KB
27 KB 99ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/FILBO888_0.JPG?itok=o3yx7xp7

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

5dc96422b6edd26534d13a1ac4be9a5b91e075748d9a48619eeb4b8d5df580f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 22:14:01 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=294
Content-Length: 27633
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK tino%20portada_0.JPG
extra.com.co/sites/default/files/styles/large/public/2021-11/ 19 KB
20 KB 96ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/styles/large/public/2021-11/tino%20portada_0.JPG?itok=OaGWQIPA

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

46e4bdc0763b48505bed80a282e7fba11ddc58195336172ad771a41ff429a76d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 21:38:18 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=284
Content-Length: 19766
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK 2_6.jpg
extra.com.co/sites/default/files/2021-11/ 123 KB
123 KB 95ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/2_6.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

3500838e8c3373187e8fa45c758bb06fa8497589a8a66b570a9ebe5472c962d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 12:44:09 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=284
Content-Length: 125820
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK foto%202_2.jpeg
extra.com.co/sites/default/files/2021-11/ 110 KB
110 KB 99ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/foto%202_2.jpeg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

0d9c23fb8c352834873e45dddb2fa58c3f53b86480deaa302a898052d7699edf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 12:12:15 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=281
Content-Length: 112718
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK GATO%20777_0.JPG
extra.com.co/sites/default/files/2021-10/ 36 KB
36 KB 97ms
97ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-10/GATO%20777_0.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

1055cd6e19914bca8605142fa2e84b1cad8622a73bdfcdbe83962b90d7b0f80c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 29 Oct 2021 20:44:04 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=292
Content-Length: 36551
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK banner_Mesa%20de%20trabajo%201.jpg
extra.com.co/sites/default/files/inline-images/ 141 KB
141 KB 97ms
97ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/inline-images/banner_Mesa%20de%20trabajo%201.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

62a0bc9c6b3a6de80215fd42b2a4e03b87225ea3ac521fb32c623e13c5be0ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Jul 2021 21:12:54 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=296
Content-Length: 144152
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK tino%20portada.JPG
extra.com.co/sites/default/files/2021-11/ 51 KB
51 KB 95ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/tino%20portada.JPG

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

cb0629b810643064d3bda7c1746175c4505c1b82d27d46e4c9f1a0a842e56d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 21:27:43 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=283
Content-Length: 52206
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK HSB-COLOMBIA3_0.jpg
extra.com.co/sites/default/files/inline-images/ 72 KB
72 KB 99ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/inline-images/HSB-COLOMBIA3_0.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

abf7cccc17c1191c2be8827178005b218abec637f14eb9ee4c1ec5e4299acb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 19:52:27 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=293
Content-Length: 73315
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK 716929_1140x516.jpg
extra.com.co/sites/default/files/2021-11/ 57 KB
58 KB 96ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/716929_1140x516.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

587c7ddf0cdc5ae130a1538251e9bdce6f72b96b16bd62a73f8425df54bf11fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Nov 2021 23:29:44 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=283
Content-Length: 58745
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK Komi-san-wa-Komyushou-Desu-min-1.jpg
extra.com.co/sites/default/files/2021-11/ 123 KB
123 KB 100ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/Komi-san-wa-Komyushou-Desu-min-1.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

c4151b484ac51e68c1582eefdedb3071e791de1b0fe5bdd9cc77501133a8b14a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 01 Nov 2021 21:11:18 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=280
Content-Length: 125988
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK plantilla_4.jpg
extra.com.co/sites/default/files/2021-11/ 60 KB
60 KB 97ms
97ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/plantilla_4.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

5d87214af029d6b7eb099c8f9e94c97c8bfe064fa561844749ee3efab78cc5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Nov 2021 00:27:14 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=291
Content-Length: 61222
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK pancreas-artificial--644x362.jpg
extra.com.co/sites/default/files/2021-11/ 33 KB
33 KB 95ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/pancreas-artificial--644x362.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

6fc367483fbcfdcfa431eadf7480b963cd409423b1a70f237f85a19eb158d434

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 22:54:26 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=282
Content-Length: 33918
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK aceite%20de%20recino.jpg
extra.com.co/sites/default/files/2021-11/ 302 KB
302 KB 99ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/aceite%20de%20recino.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

cff7205c58418050635f4d8b08a131b1d4db8c90cbb11b7dfe68d25b66e413f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 16:39:15 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=292
Content-Length: 309067
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK 1_0.jpeg
extra.com.co/sites/default/files/2021-11/ 109 KB
109 KB 95ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/2021-11/1_0.jpeg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

58714c2ed841d13f641976b01cf4350da63b1665924f6cf77cf17f0d2b6f05ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 12:30:58 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=282
Content-Length: 111373
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK colombia21.jpg
extra.com.co/sites/default/files/inline-images/ 15 KB
15 KB 99ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/inline-images/colombia21.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

2e706bdbefc49b370526fe49b647d3ba50738cfd96e91f2fac4f5ca4b9945699

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Nov 2021 17:11:28 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=279
Content-Length: 15254
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK logo_deportivo.jpg
extra.com.co/sites/default/files/inline-images/ 19 KB
19 KB 97ms
97ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/inline-images/logo_deportivo.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

922258a74ca2d3cb9b7b7edee041e9b723a4676ef2198c136668066cf0b726bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 08 Jul 2021 04:16:20 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=290
Content-Length: 19573
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK logo_diario_sur.jpg
extra.com.co/sites/default/files/inline-images/ 18 KB
19 KB 95ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/inline-images/logo_diario_sur.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

4052f2fadbe7f650c9f4934b24b11cf61b74da461c1d334bc444dbbaeab55021

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 08 Jul 2021 04:16:53 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=281
Content-Length: 18712
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK logo_diario_cauca.jpg
extra.com.co/sites/default/files/inline-images/ 22 KB
23 KB 100ms
99ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/inline-images/logo_diario_cauca.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

7a8c0a1ec472ba44f5dda890e32fbf12ec12b59e5af784dca8adee90f5400dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 08 Jul 2021 04:17:18 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=291
Content-Length: 22873
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK logo_extra.jpg
extra.com.co/sites/default/files/inline-images/ 27 KB
28 KB 96ms
95ms Image
image/jpeg 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/inline-images/logo_extra.jpg

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

adccb209f2d056d82971427202ed93cd28ae03931619f1129e967ec058869b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 08 Jul 2021 04:17:37 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=281
Content-Length: 28041
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK footer-logo.png
extra.com.co/sites/default/files/ 49 KB
50 KB 100ms
99ms Image
image/png 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://extra.com.co/sites/default/files/footer-logo.png

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

ae6349b7ffcc89a763b936e130d1af24142fe04feec19c2ca8935a82df2fb3d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 29 Jul 2021 04:53:53 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=278
Content-Length: 50608
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK jquery.min.js Show response
extra.com.co/core/assets/vendor/jquery/ 87 KB
88 KB 96ms
95ms Script
application/javascript 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/core/assets/vendor/jquery/jquery.min.js?v=3.5.1

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Sep 2021 16:14:58 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=299
Content-Length: 89476
Expires: Thu, 25 Nov 2021 10:43:20 GMT

GET
H/1.1 200
OK object.assign.js Show response
extra.com.co/core/misc/polyfills/ 921 B
1 KB 101ms
100ms Script
application/javascript 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/core/misc/polyfills/object.assign.js?v=8.9.19

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

982231f7830f7b07b50df253c19844b81f1d41af7bbd7b0274cb2b34f37fc737

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Sep 2021 16:14:58 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=299
Content-Length: 921
Expires: Thu, 25 Nov 2021 10:43:20 GMT

GET
H/1.1 200
OK jquery.once.min.js Show response
extra.com.co/core/assets/vendor/jquery-once/ 908 B
1 KB 95ms
94ms Script
application/javascript 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/core/assets/vendor/jquery-once/jquery.once.min.js?v=2.2.3

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Sep 2021 16:14:58 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=299
Content-Length: 908
Expires: Thu, 25 Nov 2021 10:43:20 GMT

GET
H/1.1 200
OK drupalSettingsLoader.js Show response
extra.com.co/core/misc/ 519 B
879 B 191ms
184ms Script
application/javascript 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/core/misc/drupalSettingsLoader.js?v=8.9.19

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

5f8f69ec521f7998af455985a8ede6d8dcf3527b43795fe3d26f1f1b57a5a554

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Sep 2021 16:14:58 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=300
Content-Length: 519
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK es_wvBK2qwgrB7hGFuVBYefheM88XVQrN5h3dryVpvaZhQ.js Show response
extra.com.co/sites/default/files/languages/ 13 KB
14 KB 199ms
190ms Script
application/javascript 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/sites/default/files/languages/es_wvBK2qwgrB7hGFuVBYefheM88XVQrN5h3dryVpvaZhQ.js?r2dfw4

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

c2f04adaac20ac1ee1185b9505879f85e33cf17550acde61dddaf2569bda6614

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 29 Jul 2021 19:40:34 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=300
Content-Length: 13561
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK drupal.js Show response
extra.com.co/core/misc/ 6 KB
7 KB 194ms
184ms Script
application/javascript 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/core/misc/drupal.js?v=8.9.19

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

990fda61c1303a87f6317b47fef824552d611209f0537bd4faaa9648d3de1363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Sep 2021 16:14:58 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=300
Content-Length: 6312
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK drupal.init.js Show response
extra.com.co/core/misc/ 727 B
1 KB 220ms
99ms Script
application/javascript 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/core/misc/drupal.init.js?v=8.9.19

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

41683e0bdfed00e74de14d86441e289271ca70b2a94c721653b9a49dc32fb24e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Sep 2021 16:14:58 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=296
Content-Length: 727
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 404
Not Found bootstrap.min.js
extra.com.co/themes/custom/hsb/lib/ 0
0 446ms
445ms Script
text/html 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/themes/custom/hsb/lib/bootstrap.min.js?r2dfw4

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-language: es
X-Generator: Drupal 8 (https://www.drupal.org)
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate, no-cache, private
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=296
X-UA-Compatible: IE=edge

GET
H/1.1 404
Not Found tether.min.js
extra.com.co/themes/custom/hsb/lib/ 0
0 435ms
434ms Script
text/html 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/themes/custom/hsb/lib/tether.min.js?r2dfw4

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-language: es
X-Generator: Drupal 8 (https://www.drupal.org)
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate, no-cache, private
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=298
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK slick.min.js Show response
extra.com.co/themes/custom/hsb/lib/ 42 KB
42 KB 95ms
95ms Script
application/javascript 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/themes/custom/hsb/lib/slick.min.js?r2dfw4

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 24 May 2021 00:40:13 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=297
Content-Length: 42863
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK main.js Show response
extra.com.co/themes/custom/hsb/js/ 5 KB
6 KB 100ms
99ms Script
application/javascript 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/themes/custom/hsb/js/main.js?r2dfw4

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

9e8abc90b695e141497f695d581cece4def4ac1b7e096b34656483d04330b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Sep 2021 15:09:53 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=295
Content-Length: 5299
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK js.cookie.min.js Show response
extra.com.co/core/assets/vendor/js-cookie/ 1 KB
2 KB 96ms
96ms Script
application/javascript 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/core/assets/vendor/js-cookie/js.cookie.min.js?v=3.0.0-rc0

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Sep 2021 16:14:58 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=297
Content-Length: 1500
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK jquery.cookie.shim.js Show response
extra.com.co/core/misc/ 3 KB
3 KB 97ms
96ms Script
application/javascript 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/core/misc/jquery.cookie.shim.js?v=8.9.19

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

06d0a04ed772b74f7368b66d8433a8265efa1d71b051028cc5347aa689cf4100

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Sep 2021 16:14:58 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=296
Content-Length: 2684
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H/1.1 200
OK eu_cookie_compliance.js Show response
extra.com.co/modules/eu_cookie_compliance/js/ 54 KB
54 KB 97ms
96ms Script
application/javascript 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/modules/eu_cookie_compliance/js/eu_cookie_compliance.js?v=1.9

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

567ff37b81376ff48f2fab29c0dd3beb02d304fa027aa3aa087efc186c7e8e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Jul 2021 21:41:30 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=289
Content-Length: 55231
Expires: Thu, 25 Nov 2021 10:43:23 GMT

GET
H/1.1 200
OK extra_6357.js Show response
ads.vidoomy.com/ 5 KB
6 KB 351ms
116ms Script
application/javascript 3.129.250.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/extra_6357.js
Requested by: Host: extra.com.co
URL: http://extra.com.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: eb211d0226a467ca840580e1ae6f97a1b5c68b6afc1f0dfbd868c8f0586ee22f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:21 GMT
Server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 5342

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
883 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,900;1,900&family=Source+Serif+Pro:wght@700&display=swap

Requested by

Host: extra.com.co
URL: http://extra.com.co/sites/default/files/css/css_l48AyeoABjj36ARbuT8NBAUzScWAas7xm_kW1BAkEvo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be9109112c49041568ad8154e8d1c00e2bcd17fb1ba63f7310fb419fb617dd32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 10:43:20 GMT
server: ESF
date: Thu, 11 Nov 2021 10:43:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 10:43:20 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/ 346 KB
136 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

519f71e8a6cac156c0290fb5b79372191890e23d46a94cbe3a744e6470f074c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://extra.com.co/
Origin: http://extra.com.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138756
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 18:13:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 11 Nov 2022 10:11:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,900;1,900&family=Source+Serif+Pro:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://extra.com.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:46:25 GMT
x-content-type-options: nosniff
age: 561415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 22:46:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 32ms
11ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,900;1,900&family=Source+Serif+Pro:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://extra.com.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 05:35:04 GMT
x-content-type-options: nosniff
age: 18496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 05:35:04 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
extra.com.co/themes/custom/hsb/fonts/ 75 KB
76 KB 157ms
100ms Font
font/woff2 92.204.132.34
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://extra.com.co/themes/custom/hsb/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: extra.com.co
URL: http://extra.com.co/sites/default/files/css/css_l48AyeoABjj36ARbuT8NBAUzScWAas7xm_kW1BAkEvo.css

Protocol

HTTP/1.1

Server

92.204.132.34 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),

Reverse DNS

ns1003685.ip-92-204-132.us

Software

Apache /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://extra.com.co/sites/default/files/css/css_l48AyeoABjj36ARbuT8NBAUzScWAas7xm_kW1BAkEvo.css
Origin: http://extra.com.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 24 May 2021 01:37:35 GMT
Server: Apache
Content-Type: font/woff2
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=298
Content-Length: 77160
Expires: Thu, 25 Nov 2021 10:43:21 GMT

GET
H2 200 neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v11/ 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v11/neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,900;1,900&family=Source+Serif+Pro:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b365f9b216aaa185d338b3d83f9c7ceda2fe7d56564a5efc047e98505a0f0048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://extra.com.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:32:02 GMT
x-content-type-options: nosniff
age: 191479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:41:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Nov 2022 05:32:02 GMT

GET
H2 200 pubads_impl_2021110801.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 16ms
16ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

447ffe4040fc9d0761f896e3ef3b37e2220744f4d3e3760ffe1f216f3d0e4e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118396
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 09:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 Nov 2021 10:43:21 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 180 B
140 B 31ms
15ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=extra.com.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

b3e809f009aecfc273974d59fc675eeadd49eaf726f967d28953373e6f07abf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 10:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 0
expires: Thu, 11 Nov 2021 10:43:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 39ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=extra.com.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 10:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=extra.com.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 10:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 520 KB
137 KB 643ms
642ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4138850398379320&correlator=1528741921724569&output=ldjh&impl=fifs&eid=31063406%2C31063675%2C21068767&vrg=2021110801&ptt=17&sc=0&sfv=1-0-38&ecs=20211111&iu_parts=22061829665%2CEXTRA_HOME_DESKTOP_TOPBANNER%2CEXTRA_HOME_DESKTOP_LATERALIZQUIERDO%2CEXTRA_HOME_DESKTOP_BANNERMEDIO%2CEXTRA_HOME_DESKTOP_BANNERMEDIO_1%2CEXTRA_HOME_DESKTOP_BANNERMEDIO_2%2CEXTRA_HOME_DESKTOP_ROBAPAGINA%2CEXTRA_HOME_DESKTOP_ROBAPAGINA_1%2CEXTRA_HOME_DESKTOP_BARRAFIJAALSCROLL%2CEXTRA_INTERNA_DESKTOP_TOPBANNER%2CEXTRA_INTERNA_DESKTOP_LATERALDERECHO%2CEXTRA_INTERNA_DESKTOP_LATERALIZQUIERDO%2CEXTRA_INTERNA_DESKTOP_BANNERMEDIO%2CEXTRA_INTERNA_DESKTOP_ROBAPAGINA%2CEXTRA_INTERNA_DESKTOP_INTEXT%2CEXTRA_INTERNA_DESKTOP_CARRUSEL_1%2CEXTRA_INTERNA_DESKTOP_CARRUSEL_2%2CEXTRA_INTERNA_DESKTOP_CARRUSEL_3%2CEXTRA_HOME_DESKTOP_MEDIAPAGINA%2CEXTRA_INTERNA_DESKTOP_MEDIAPAGINA&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18%2C%2F0%2F19&prev_iu_szs=970x90%7C970x250%7C728x90%2C160x600%2C728x90%7C970x90%2C728x90%7C970x90%2C728x90%7C970x90%2C300x250%2C300x250%2C728x90%7C970x40%2C728x90%7C970x90%2C160x600%2C160x600%2C728x90%7C970x90%2C300x250%2C300x250%7C1x1%7C640x480%7C300x400%2C300x250%2C300x250%2C300x250%2C300x600%2C300x600&eri=4&cookie_enabled=1&cdm=extra.com.co&bc=23&abxe=1&dt=1636627400751&dlt=1636627400201&idt=515&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C-9%2C-9%2C436%2C436%2C-9%2C-9%2C-9%2C-9%2C1440%2C0%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=294%2C-9%2C-9%2C3669%2C17024%2C-9%2C-9%2C-9%2C-9%2C236%2C236%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=2549754916%2C690817913%2C2107672240%2C4118767379%2C238383211%2C2157838992%2C2336726021%2C548648595%2C444816170%2C4040942019%2C3386063186%2C3564354408%2C1084798611%2C1576142445%2C301927475%2C410705012%2C3313475767%2C4169716620%2C3118635422&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj&ad_type=image&color_bg=%23ffffff&color_border=%23ffffff&color_link=%230000ff&color_text=%23000000&color_url=%23008000&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fextra.com.co%2F&loc=http%3A%2F%2Fextra.com.co%2F&vis=1&scr_x=0&scr_y=0&psz=970x0%7C0x-1%7C0x-1%7C1600x0%7C1600x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C160x-1%7C160x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=970x0%7C0x-1%7C0x-1%7C1600x0%7C1600x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C160x-1%7C160x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1398195648.1636627401&ga_sid=1636627401&ga_hid=209597192&ga_fc=false&fws=0%2C2%2C2%2C0%2C0%2C2%2C2%2C2%2C2%2C512%2C512%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C-1%7C-1%7C1%7C2%7C-1%7C-1%7C-1%7C-1%7C0%7C0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

cae4ac0c98a716f2693759830797c683a3257272cd1b88617953928c1f75c740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140149
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://extra.com.co
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H2 200 container.html Show response
795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F054 6 KB
4 KB 76ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 11 Nov 2021 10:43:21 GMT
expires: Fri, 11 Nov 2022 10:43:21 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2.css
static.world-weather.info/css/informers/25/ 13 KB
2 KB 143ms
79ms Stylesheet
text/css 89.108.122.252
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://static.world-weather.info/css/informers/25/2.css

Requested by

Host: world-weather.info
URL: https://world-weather.info/wwinformer.php?userid=d3b90c8145e18ecf8e0a3daaf73d1576

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

89.108.122.252 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

d11592.col.agava.net

Software

nginx /

Resource Hash

c976872ea724a2528135606141174cadb04180b5e6643ef2fae011a3876dbbf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:21 GMT
content-encoding: gzip
last-modified: Wed, 29 Jan 2020 15:10:43 GMT
server: nginx
etag: "5e31a073-5fe"
strict-transport-security: max-age=31536000;
content-type: text/css
cache-control: max-age=2592000
content-length: 1534
expires: Sat, 11 Dec 2021 10:43:21 GMT

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 3BFF 118 KB
35 KB 38ms
8ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: extra.com.co
URL: http://extra.com.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:21 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1636627401.cds140.fr8.hn,1636627401.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 45F2 118 KB
35 KB 38ms
21ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: extra.com.co
URL: http://extra.com.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:21 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1636627401.cds140.fr8.hn,1636627401.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2

200

cookie Show response
a.vidoomy.com/api/rtbserver/ Frame 1A2C
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

43 B
290 B

46ms
9ms

Document
image/gif

3.68.1.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by: Host: extra.com.co
URL: http://extra.com.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.1.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-1-119.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
content-type: image/gif
content-length: 43
content-encoding: none
vary: Origin

Redirect headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length: 0
date: Thu, 11 Nov 2021 10:43:21 GMT
server: AC1.1

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=550154113.89562451655435440.7169383
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=550154113.89562451655435440.7169383
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c&google_hm=ZWM3NDY4M2ItYjRjNS00MzkyLTllN2ItNWM4ZWMxYTc4NjBj
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEG9wIAzIazpLyxfP5G8C5bc&google_cver=1&ssp=vidoomy&bsw_param=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c

43 B
368 B

9ms
9ms

Image
image/gif

3.68.1.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c
Requested by: Host: extra.com.co
URL: http://extra.com.co/
Protocol: H2
Server: 3.68.1.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-1-119.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c
Date: Thu, 11 Nov 2021 10:43:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
596 B 144ms
26ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: extra.com.co
URL: http://extra.com.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1636627401976028-382
Expires: Thu, 11 Nov 2021 10:43:22 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame AAA6 190 KB
55 KB 51ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 239757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame AAA6 13 KB
5 KB 44ms
16ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 239757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame AAA6 89 KB
28 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 239757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame AAA6 4 KB
2 KB 309ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 239758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame AAA6 40 KB
13 KB 308ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 239758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AAA6 3 KB
674 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 10:02:45 GMT
server: ESF
date: Thu, 11 Nov 2021 10:43:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 10:43:21 GMT

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AAA6 3 KB
3 KB 36ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 01:44:16 GMT
x-content-type-options: nosniff
server: cafe
age: 32346
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Fri, 12 Nov 2021 01:44:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AAA6 295 B
399 B 34ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 02:57:40 GMT
x-content-type-options: nosniff
server: cafe
age: 27942
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 12 Nov 2021 02:57:40 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame AAA6 0
0 22ms
21ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaTGHfEvMILYIa113MoVxzxjBzqIN9GBGpSYke_UEqBgiRqccigA7c1sjlYl-bnIckHTvLL9eI_zEJJ0AibWcEmvgot1MQ
Requested by: Host: extra.com.co
URL: http://extra.com.co/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AAA6 0
0 53ms
52ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLmIoyfOMYbqUEMji3wOkibyQC__nqMVkz7uVk-8Ov-EeEAEgpKzRfWCVgoCAxAegAZ3NpfsCyAEJqQJmIz6w8UGzPuACAKgDAcgDCqoEgAJP0IgOd9xvXhWATKG2Grtd8006FofD1XGFMMleLmRmPHT8PfNPKqcTMS8GIUBE3neS00y7C73vBkhXaFq2Jsd1RlrIYbyYBt0Fw8GYNGAknlRSLBQcR_ZRxi7fhn1Y36T0PDKmtPbmorrKAawYtiKSg0tGWxGwL9HSHKFHom6QJ9rxlxf-hVls8dYgTiJ0PUtQY7WaN_NVKVWA0waxsFH7t22rTWcpKl64Yc26djAs52rDgE0wb9t1wO_ZQgFjIRnccvIQkYBKNuLdDwlrWWfaBP47O92ECSmXzhAk1rQa4Ynl8050prhNTYb34hNlv-OJUh4LGH5TsWd9_gHh2zthwATwlcWxpgPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHy7LahAGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDBmAnSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTI2MjMwMjM3MTM5OTQwMTGACgPICwG4E4gn2BMLiBQB0BUBmBYBgBcBshceChwIABIUcHViLTQwNzkwNTM3Nzc4OTU0NDEYw592&sigh=a28EVMyb3es&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: extra.com.co
URL: http://extra.com.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 626A 5 KB
2 KB 10ms
9ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 11 Nov 2021 10:43:21 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1636627401.cds140.fr8.hn,1636627401.cds288.fr8.c
access-control-allow-origin: *

GET
H/1.1 200
OK ad Show response
v.lkqd.net/ Frame 3BFF 2 KB
2 KB 191ms
178ms XHR
application/xml 146.20.128.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://v.lkqd.net/ad?pid=430&sid=1143831&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fextra.com.co%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C55941%2C1%2C&c5=&c6=55941&rnd=82971339&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: HTTP/1.1
Server: 146.20.128.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ed043166450ec4d47d3de4f4d620b28875be1160381c8372a4e37de88053558

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml; charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1342

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 69ms
42ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=extra.com.co&host=extra.com.co&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C793 6 KB
3 KB 550ms
248ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 11 Nov 2021 10:43:21 GMT
expires: Fri, 11 Nov 2022 10:43:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ED52 6 KB
3 KB 545ms
250ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 11 Nov 2021 10:43:21 GMT
expires: Fri, 11 Nov 2022 10:43:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4963 6 KB
3 KB 536ms
251ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 11 Nov 2021 10:43:21 GMT
expires: Fri, 11 Nov 2022 10:43:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0740 6 KB
3 KB 532ms
252ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 11 Nov 2021 10:43:21 GMT
expires: Fri, 11 Nov 2022 10:43:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15525403708390976009/ Frame AAA6 18 KB
18 KB 308ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15525403708390976009/downsize_200k_v1?w=195&h=102

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aadcbb202e998809e7b3a0b6007f0f3e439354840f9d6eb657ec01cedbc0795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 23:27:34 GMT
x-content-type-options: nosniff
age: 126948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17933
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 17:40:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Nov 2022 23:27:34 GMT

GET
DATA 200
OK truncated
/ Frame AAA6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AAA6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9416990aac785337e7029ff36f8087438ae4110bc8872b23732b41b326ba8b66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame AAA6 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://extra.com.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:45:31 GMT
x-content-type-options: nosniff
age: 561471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 22:45:31 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame AAA6 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://extra.com.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:11:08 GMT
x-content-type-options: nosniff
age: 563534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 22:11:08 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame DCB4 5 KB
2 KB 10ms
9ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1636627402.cds140.fr8.hn,1636627402.cds288.fr8.c
access-control-allow-origin: *

GET
H/1.1 200
OK ad Show response
v.lkqd.net/ Frame 45F2 180 B
472 B 262ms
261ms XHR
application/xml 146.20.128.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://v.lkqd.net/ad?pid=430&sid=1143832&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fextra.com.co%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C55941%2C1%2C&c5=&c6=55941&rnd=90555506&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: HTTP/1.1
Server: 146.20.128.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml; charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 150

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 291ms
99ms Preflight
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:22 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: http://extra.com.co

POST
H2 200 t Show response
t.lkqd.net/ Frame 9A7A 0
161 B 281ms
92ms XHR
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:22 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 3C34 230 KB
61 KB 9ms
9ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1636627402.cds140.fr8.hn,1636627402.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 cs
cs.lkqd.net/ Frame 626A 43 B
309 B 305ms
88ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 626A 43 B
308 B 306ms
89ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 626A 43 B
308 B 307ms
91ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 626A 43 B
308 B 306ms
90ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 626A
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3834067528268243937

43 B
308 B

206ms
93ms

Image
image/gif

146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3834067528268243937
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3834067528268243937
pragma: no-cache
date: Thu, 11 Nov 2021 10:43:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 cs
cs.lkqd.net/ Frame DCB4 43 B
308 B 294ms
92ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame DCB4 43 B
308 B 294ms
92ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame DCB4 43 B
308 B 297ms
96ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame DCB4 43 B
308 B 294ms
93ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame DCB4
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3617894746154460129

43 B
308 B

190ms
94ms

Image
image/gif

146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3617894746154460129
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3617894746154460129
pragma: no-cache
date: Thu, 11 Nov 2021 10:43:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 71E5 5 KB
2 KB 10ms
10ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1636627402.cds140.fr8.hn,1636627402.cds288.fr8.c
access-control-allow-origin: *

POST
H/1.1 200
OK ad Show response
v.lkqd.net/ Frame 3C34 48 KB
5 KB 132ms
132ms XHR
application/json 146.20.128.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://v.lkqd.net/ad?pid=430&sid=1143831&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fextra.com.co%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C55941%2C1%2C&c5=&c6=55941&rnd=82971339&m=&rtv=1&thost=extra.com.co
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Server: 146.20.128.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c60fc3dbbef7119fad38eeac0192e7dca01c7e5ecd7dc9d1ce8e136809c50af

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4955

OPTIONS
H/1.1 200
OK ad
v.lkqd.net/ Frame 0
0 323ms
322ms Preflight 146.20.128.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://v.lkqd.net/ad?pid=430&sid=1143831&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fextra.com.co%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C55941%2C1%2C&c5=&c6=55941&rnd=82971339&m=&rtv=1&thost=extra.com.co
Protocol: HTTP/1.1
Server: 146.20.128.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 11 Nov 2021 10:43:22 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://extra.com.co
Access-Control-Max-Age: 300
Cache-Control: max-age=300
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Expose-Headers: Content-Type, Content-Disposition
Access-Control-Allow-Credentials: true

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cs
cs.lkqd.net/ Frame 71E5 43 B
308 B 243ms
94ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 71E5 43 B
308 B 247ms
98ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 71E5 43 B
308 B 246ms
98ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 71E5 43 B
308 B 243ms
95ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 71E5
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3689952340192388065

43 B
308 B

191ms
95ms

Image
image/gif

146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3689952340192388065
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3689952340192388065
pragma: no-cache
date: Thu, 11 Nov 2021 10:43:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 98ms
98ms Preflight
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:22 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: http://extra.com.co

POST
H2 200 t Show response
t.lkqd.net/ Frame 20D7 0
161 B 278ms
91ms XHR
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:22 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 267B 0
162 B 193ms
91ms XHR
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:22 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 101ms
89ms Preflight
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:22 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: http://extra.com.co

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9C1D 624 B
340 B 45ms
22ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiIq7-6ATAB&v=APEucNVYtyY_U84uMnMbi-J2oQJ-_Yp_2tOC1VC6aZni8ep999XChG-x-7bFNKd9phL3lsJZa-id-N33bHjaELabqJW3nZ7s-gx4sMF3_NXG8qXCHBb1eTwRVHkDM6S3e5PTuMpRixvcurIQFRV2s2NetovqGHRjcw0mACZgn8EyHZKCitWAQjw

Requested by

Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Nov 2021 10:43:22 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C793 25 KB
15 KB 99ms
78ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLoNPyqLSD2tmi_2xDQpujoIgjXdCdPCGx0CF67hm_ftmCE9DlpN5CfWAuLHdC5z6y1DKLOfy0ZOWbgCJ7-Tp2B7uBBoqS_IvqgJezK2ZHI6Pjbe1fxftzJuZsQnsLCqD_qkIQNjgZ9HhIYXX_tbQEbkJNig&cry=1&dbm_d=AKAmf-BhiA_rHg0XiGFfcx0GKZV2vWjRPthqg5_PHjMSuchTvOXY5_BfI_81ZEajGkXACtxImOyiR9zSLK2L7q7K4Z2lrWZTh5J6YGjlIyCdV5uIr2Nd3Yzx8PF3COIxi6csbfHTpfkVw2Rfj1vxCJLzFoEktm7r8Rzlg4qSsQQtPQrDv5eaQhoyR_LMQPNI87Kh2_6s7IDH8oGqF68uGDXMRGnXwIXAA-bG24QATfxsW-CHAswCrwsTqdiQoAYKZT6YeQ6txOOgfMGTQW6vDTWXNtpCwhQdrADIeQRy986WCJDL9dmwQ2Q4QAVOWtNByv9VvKqinyJGucWN3QtiOwaAk0GUryJAAmSwCRb0mJjJCZFN779B9afFF7vhp2hP87PQ58wTbxfV--wzSYXoi1frVsrlgvFyh-IewZ0ER6Y7o0Gcun86f3xHgVcbRH_OeJeBTQVme244aKZt1tu4wbtl4YjOSsVSpvPTCrmNl-oiKKGqmV6x0qzfomlVG5XAOKWtiVngJfNTE6eOHpEtuRQA-JqW2q36SOTwqrZLaA6rZd_G7COazYVPBRKd76QwMiZgenBpcWXf-FbSwKGho8zcgRV863Y8TBR_z4kOp0MCzJ_RFpYXnVGet65Rybfn0sJ1oW2IgAhzK8DivlCa3mDMw_sPOsv0mScc_SvhQyGpsiYM_OUKEuhU-pvelNIx530zkATRbXkRg6iqv5T9NOfMn-85Fp4kKutgcTNl4fOvtCis0ixsGO7_VBJSe357eahsb1VtEb2EbcXhi_1VeXP5Bd_haCf8OUu_atTnPlkyg_aVnM-ldJ60OibiMv35kbxfUY754rz2Gv8CMZZEiUKVO79ZjSJSjfD5VHX8SIQcGRXBdk-2qt4T8zJ9ilAXMPoFQkWtQaoPp906L62Kbb1JSuWmusXfPoof8J_XrlytlSK7vTLqbbu4Z-3OSlg3PazPHIq-YX_hc5C1c5VFEMjjvKdSWqQ4BnTNAgMsE8ApG2r_epHVxSfMT9iJzbqO0bHmf1mntItterSSZDI6DcHBMGDjF_HLFgqHbDlGibj4r_CnOKuVZWbvXIcPFEjAp5ndqdvpWUhqDaxTLjI0Juy4rVNJZ7hsNEFt8z2wUxqpChexzzJb-am-NfqcY8zt4mqJIl38L-iCqBjm_jsX_4hhfNx2jpkgFKVTnrP3e1ZqH3e-O6VkMFmilM0mc1cQSm1dAJumZOC7IMDM0H1gyduepj030F2W0Z0zmurnw40WQKGHtpoamzzFa5BRvT7kfTMA-Gj0NvgdI3g_VWSMYjIpQjNmdWHz-vlDsBb_GMvMG9g127JybcGg8K6fbkxK8FvtXc5psaiwWLXJ-RY8_a_c32oxwIEBYHYx1Rw0OeWj_BPq_uRk5rpcr2caX1SHTTONdFOZPR2oQowoDNdiT4xQTAQ54dxxFU3DLjAHgnYbUrkJh5yws1Ccclvv7dnyXXe6oeYkUV3o469iARZKgC5zgMBzOBzlivSJ9FAbDBIiBCfmPdwwNVwt1qIkMp5yCtHVZrm67JfG-l0kFTUNCxL4_GMFxwfb1-nfQdYRtbC0c-4uKZJFEhLsCGqr3AH0H9ZoKtZQVI02bPrUf_uJ0PVxvRApLM4lFl98pyHaUspuVvXNsxlrWW0_t-Xt_815Bef1akPUbwJgByBGH3ZweV5DjcMnBY7r-A5S4nSvAGh3nrp_vFIcxz-zR0H7E6HinQbtAweo_QYOQBr0zUNuW9ZB-56MLG0F-sPue28MlsLY8kaOdDMGKzjOi8FWHj3d0g3bQSGi_ILm1lh8QEsmCYDtRHoMF2zypX_w66en1p4OsevkGCaaeuTaJnssZyrz6TgGmVdYUcnuqWSgmQtWARs_vYM8MpHqWxOGDQQm-Lg2LKQnY0WQKP3iBPHZemAwmy6_Y_QpOnNW6w8gOygF5CnTgNCNfZ05LdSshPhqvFC-BWPlg6qe_LEZPSfjCEm4Uw3xMNBEZu_pXlHcnXDkJECwPvMiywLD9e36z-HjOM6jn5aVvcGkaUazJukLu9cBc-0XhSL_OKgZQSijA58Bb9h-Kz9YiwIj9MZfJsnEfACSuL2D8H5-YBrlm2NZmItPJqsLaU0sCIwuIlwXA5OPLAbIHqVjoaBbq2F7XTTHVc9Mx17U9BI725PIyS2cf1gA2vsqAWvEfOKJozJ0rTbdLbvJqxFDW9pasac9ILNqndNyWwmec334p0TVCB_RX8WyTnwmy0J1TdiGSHf81c_mt55Hgn1vzzLV0LlLOAtrezctHGu6ozRsjMA94JTTm5hka5JoNNIJsCKNEpBwYfZzb5oRMSU3hGAq9Gm5IG35mYlNfbH_izQsCXSkIhRh2wTvDWEJieQoZ-qqRvH4od46STgY73fja8T2tEkeoi5CpD4zYuoQbDXKbl5GHTaLwPP14dRVGXPRn-58RcNWlBc4Zj9Vh2DDvmuYAqyxplG1cG6mhpxLbiQGt79qELCVqOfa1bd61hqFad_9v0J4CLANhol9Xh2Nxfyf5b_XC1--U4oxdjwLyBWcysXeeIfU8uZ62S5Wd_JgAx_nm4i2SnjsVZg-Go1CzyESqKvyLvakWF1TDtIaOcLGPcYtxzlR1pbuRMCk1MQZF22_Pwbb78vD3YxXT2Opsc4EicHAsWxwBUKYg2L9TpJnfaaj_hUs_6qul_ApUutWzxYx_vRvAl_KsAGDLQ1Y5SAqcnzR2R9VDy2kNjxjqX5ave99647cGjDuMB4nM1C47IqQA7WCPcLExAgy9U-a3jNDCpf3torL9uxiozRgRRSppeB2If1Ymhztl14gF9PwVzJoK1SGcDl0DpMcimxMMptUbveADD1gVa7QGd_lLs-H0RhqLVcyA8VMwACQYZOA8GbO_tliLs0oEB57y8V_gWbiEOZJA5D4rxz2lOcQVWB7gmDmtPD6oHtKghh2OI1B-aDyZ3AF4sFONmY2w0nz19XF7tmRsqGPwv7e7oYPSZBulTzIW-6LO3sgOtQP9SLKhF2-N5W23hq0c_fuKD9GQjeP9lTi5obL-QwSPg4WsMCTbYOhwKQOGFrqQDe-kaB_So5z41u2YfOLYSZxJuDfRuU9RaEvVOAnR1Ej_ADCVtODAItrIGCyuQruxebkz1_fqGB3zJgF2O-gip0m8ClFRJhERGM16WtXUceAx-i--y5U2tgMvBsGKr49aJ6sdo0B0nFob4NGrztU4rKFYx3Rw8ef_Q&cid=CAASFeRobALMCTSw-IqckjFD7kbGLeOrIQ&rfl=1%2Chttp%253A%252F%252Fextra.com.co%252F%240

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17d3622a9f29963c49916670c39d8674882f7154864efb735e9422d920c6b5e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15129
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C793 42 B
107 B 347ms
44ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BhdV6NQzaJO9pgCfQqyZGu1BRtfV2ajCEDrjMr0yVGrX3LiGncOXZwX79UBfslUKM_SKnuxCLbZi8f0gz0h7YMMFO02F3fK0e-gndvd2m_TjFCB3U

Requested by

Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame C793 32 KB
8 KB 55ms
16ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame C793 3 KB
2 KB 63ms
13ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4285695&gdpr=&gdpr_consent=&kid=2958451&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCXuCkyfOMYb2UEMji3wOkibyQC6-Fi85k24DKhOUO8C4QASCkrNF9YJWCgIDEB8gBCakCZiM-sPFBsz6oAwGqBIMCT9AbmxpfE7nBvxNc7qnjFN4lsRLV48NiCNtD_ljci6sdDqVuxyqsqihuPFn1O31yHw1Enqbkcc0-0Te-dxmTZ0DhC7_TafGzQFvTQxA63Hxd4QsrhE_CPvzIn4gXnVgZknmeEgOXVRqlydQw46bQegtMpP-YaK-mBho7vn-43TdoCG9R4K32xCrZps9MFI5Ziky8lszIwCCi8lZ1govzpvKT0I_iF4a1rDTTw_OzHLMsHyqRuOjyvJZeXQMugxgnXr4gGBSyB8Dm0lDxqw2VI1ZL82yj2xCw38BM35mMPSVaTE8a6Tu1kw4sWygLwVXe-wew6ugGHM52cUHIP4BQ5ekmV8AE_OTPmNIC4AQDkAYBoAZNgAesqMu9AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMjYyMzAyMzcxMzk5NDAxMYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRobALMCTSw-IqckjFD7kbGLeOrIQ%26sig%3DAOD64_26wXnRK4N7pDbRuF8Uh2vHKg9eTw%26client%3Dca-pub-4079053777895441%26dbm_c%3DAKAmf-DUIl-T_N9AtH2Eh6alzUn0f5S532mLcm6PXjc93Br_gD_2_qEFFS2YwUQE4J_FlO-_-xWPzgjZTO-Xpaa9LxNEd7wS-3HJdFoN6DiktxKL-NN9a_m7KIUymrAO2wtmibcQtNsJms1S0AcODYV5Oe_hbpTzEg%26cry%3D1%26dbm_d%3DAKAmf-BAKRVcT5eWkp1a_v34RsbY71K-nV82wtI38qk5AHu1nUfRC2bM_wuIXpiSpXQ2f-Bbro55XxcSQ9v10EWSHlUfFa9qRaaTUuCdfRsuIu6yqAAdxXmnD-WZTHKvoE5X2pBpjdnibZBSv1RgK6fDD-8Ss9Be3o-xT3s9jTfjf8F0vE5vPdm35waAxdXLHZS6zZUDAahzNMe0YDJHJbOjxlVwYGy6qEE-Uj2_R-au40HJWO-AQ2UeHdMOwTykgi9wv2U9tw6_4j9M9Xrx0Ap11Gu_ABCSFM4ysJjMX0swaVHRaDoyPIp_tBouSRfKixKbo56PuEWXxorEQtLFL0ramIzTCvcpVfmmRsPtVjykE40B5VB2BsbokLAtNHwUw9ch506MFo62g6wv6QtYNOQ9s08j5v715fGQ_9FzNZliTK3jEGtCr8pFxIgA943XFpRO8oQoYLB0%26adurl%3D
Requested by: Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 4254af753804eaedda0fdc7746bc199917109d37ad0a335d5862943152a92338

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:43:22 +0100
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
cache-control: max-age=600
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame C793 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:40:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C793 119 KB
37 KB 56ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 10:43:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame C793 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:37:04 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F8A3 624 B
340 B 39ms
23ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiIq7-6ATAB&v=APEucNVZj0LykTGmTjZvH_5_4Ig4nMFepZvU7mmZTow1VeiVDooZ83yEG_XYpp2PW7-oJvkPG97G1MlElCilS1-icAkdAYEz-nU9LFRvvq45NicjHvVVdEg5doDr4d4BcKMMIbX_2-TCv4MDhieqYm3-cKttk2dSsErAjw-K_szDTb7RjiOLUGI

Requested by

Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Nov 2021 10:43:22 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ED52 25 KB
15 KB 52ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CN8QMjZki6t8u-h7Mi6CHFLtbtaalMvwq0Z_eOiDBck4MgOstqH9DVx8OqIvqR8tk3-yZJyIw31Q-Ivs0dqWNdC9L6TvIEH3-fdKem88n1O9Zb2-xlw1Qfj-sV1Bal4RUfUhiN4135EQeGSrdvAdV8QH13KQ&cry=1&dbm_d=AKAmf-DDodIu9HXkyBTp_OUwd5H9mnenSz2HnmoPRY6rnyV1DHFSslpDNqGT46n0HWdBcvCpUJomfjJgAg_TeDEo3zcds_QBevWQSe6xmPAI86CFZ5NgkCWzvSTTL0ZtQmBTN2Ex_SUTn3fZFqXhb6BfoGDXlWwrB0BXHBXbPcWOFfleF5rclSytVkkOnJ9CnXLC0xYaNOy8gi55OHDpojik-BAhm0ztdG5v4b82p-WG1Bil29PIzIAqFxvBAE_1J-l3ff-IpManDPagu_R40JHXuW-PqEsE4uQ40Gz35Qf37MMRJVam37u8dueeuDbmGylH9s2uemCvLvTDEWDWoxMQm1rRcWgj-NVUIxkbI2cHBDa1RjDU1_Su4Ji5IgB98z4XtSa_jco7h0vA0HREuuDunZL2VpiZzCgsVcIoP_MQ5WijtGUtlfCFOMWj1Sk3LC5-7ROCn8Eu93IhZWoYzC68qQUJVHTVYosnTf7VPF_slEkcRL_BVUIexn0RRCwvADNHBYwoDt8FvFA2966TolLXf4IW9jaYaR_nN6ETZA_w8I38pQKKfOXAiP5VUEk170v0_sytJIBG4s8Y-hVfhwgOHkcgppQja36VLZWpYos_sjVrqy53BACpOya5uKNdj8oLY5UFlmoJYcHvcosWt8tvAKJXSjSzwji3tXhlRf3FVH1LzLn17CJe_IPcsJE9A-gJq6aaYC9BczXxDI7b5QrMMZzxeWWdYTLUbNO210RR16HrrhqchfOo7rpcnwZN9qM_s4EmtAbpGb-BReuEhaGvMALlEX5b1-vY24nYHAj_hNc-RwP6Eq3Fl89mIc3WqRNlWtZA5o9nb0CHY5n4BCbytUBXFtlHVxiXVI-1bpKEAL8_J-0eIoUqb_bNGEOZ4AHcVh5lHQWPozRTGjGyJlFKPHgOvzVsalCaBH-stPY_iuDbBMKj9_vemumqnAoJSvP6kWryzL_4QR9DJSIEkAlBkE7ws7GAuh87LmVg4Jq3oz4xBQZsB0jRAtRsUEcfGoXwlJlR5vLsaa3lxCOhk441WlZBFsWQ_1AIgWyX06UPwETDoMnUcbRLyWNObalJWjBpscAF1aiMKEf8GE98Zz5AamNUBQPKvCYc_DC9cmY09-Ri8VkfE_jHX5Dlu8A6qkhgaWcTvgLlMLfDlZVMhxkxav5UGf5-Q5lDy2oYWJnzSe7JcADHFNM0gKQPBZTumzeX2Hmodum-fni9IwAzxB4TuMLOx4dmM2aWGtEA01Na-giSEUExpuJtZeB0_5I9Ru4aHD5G6VXrJfAp2bQbAA2c18jszkl-kRVl6_V8FhO-hN59-Ye_Ugs2IhuVqOXA1otzpu8mC5oZKqI5_c6rU0yCdujy9noFMiZ3m0RbP4fB3u9CFvemdrkZIj89Ig_ka1znKcRGtyiaPqHh0eyijKdP3MCdqlG4AgFPHG3nc2Y5Eowb6ko6dkE09ghbGq24X-L0KT5SkbcYnuXdaq4zvcPZ35aw52VYKdPRHHRX6CbLqTa0OcTNolbtraA4pD8fCTh1Iq7bqQag7eMapbGdz8AOkbXi3WzQpIkUDOAkfBpSkg_bSqQj4RgLljAX7f35KkhhiQn8WwyjKj1Y1kTDxYrPa7mzlzj3k6d6FXk-CCXoaOgrBmirifx-rQEBzIjC6-Ux-NH08ooRGE1kBkc06J3HyQfWl39MhEUhmOGS70IIxN09gvQuMyZX96_EEu8C1I_3RT_91hBDVd58CEh0TFYY9yTvXL6CinI4EnBj9_whJbCyM5HlsZnqwyOkoKLpDcQrDlbnxuVDnPJmW_qJ5vEi7VECQJw3riAWNoIoEjQWCAb_AY5eTENm9l29C7jEnF3XYY65gRa7X5cT0DRP1IVZQHaRrI7j9U9iBMSzeA60e-SYhWL6JtSClKJaf2kz8zp4sagcgkS1VtqfpD4iRJx5FVmOIbYcMH_7FuiakRxmcpbU93NnKa6LCtB0M5rMZmK1TtTiyfq3_Ar_fD5og1S9Ahz4CIzipMhgbR_pQwRBurA_WMTm7fR2lHRSx1MpPL97qOhQR9WqnaZ2NVsikFyLQIG3_7xzIHm965T3c-jZA9tS4URBP6bfxpYBBvJ0dCkhPr_MzJYdOXJCAfV1mpoXvTgbA6Oy8rndPEdLowa_cg9JZXGFNUAR8CYsYuMomkmM11-TzGkJZ2hMBf1F26Lv3XnLXlvD6DA2_z2bayJZruNtU8LAT-ln9mFpGSEu78yQ__m8mjEGW4ZbB3lnT37XviNJSJeHz2DpvGfKjF9wZ-tFgQE82NLBuWq-hZFCU_QUnralwnKNK5wuiMk0t2cQLuMhn3FgRyztPKRyc-SYWGF7Rir7TSu3zIARdw-1wH_EcNEtSHxbgfTgpVEHFFzOubJZhHcI7BI07tUoZ7XR04CLYIvZbxhBegABfLq25xAVdNafW9yOmC2qCIxNPBMhbx_R6r0IJK0sQBE2rEu2KoRW5v2lP1nq5OI5vztVs9AXIO6Wx-5QzoBwftyos0J1fv1hDa_tjU1JsMb8J6Ba7DIjcXDGmEpoarrOdf7n-eWa0-SJ3tqB4jtCCM5TPRKE_wX9nJJA0cVOTuAc-X5TK3yXcWm127o2Wt3EKg-XhPygx4XAHYszvB3b3Z1uoxPuwfbD3TAJrDRq32Zr2PLfyggO_GwXNae6V_6Lbe8eq51yfScWOODnx5LklwKEQQR_JHdkZVkCW5-mZJIc5IcNPIXbHWpE9icI_qZ__I-gEgX50cVMYag4g0kh62p-exhhIhqDJQMYsVRhUiWD84EEIFdFlxNc-hjwl4rck3o01_KNIUANnqGYzTGyf2OzBxSWJzDMWdLqW6RLae1tnEKl1WbGFOpLTBRWpHhg8dVsUKb4WgDqjpFjRYVcgiWdcAnM2IEmWpnIceGwWKSPq9skqpJutayBfC2O4Ko70i7l6BzE1TsSjoSvk5r1JR_jzqIOEL1dgKSDD91XFLHVlh3Gy3gjGHvxnGyj0gsMmGsI6v2YShZSRtBY9pvrmuhbv-aReMR1V0FSSpbAqYx70e9It1pmmTunNPB6tEl0hDw0lVithQIn3Hxt7OFojtcWgVE5fnF61MLuIexs4cwf4QA3FkkeM3GFVaWDi_43AHdW2Ndet_xvNvaoRr62MqYU4IOIyo4CJ60NvpqwZ1YW9p3kPIeDHn8puKcg5wmT_S-jLoBzJBH1qRzJftzIXsmLobj0kswkZLlaig&cid=CAASFeRobNwbnnwgJ4FcvI9DdhiVA1_52w&rfl=1%2Chttp%253A%252F%252Fextra.com.co%252F%240

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57bb65b423bab888c8aba71acff5d4ed214dc5cf39b69dee378012d975d7c4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15093
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED52 42 B
107 B 343ms
45ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CaCAGcDPsH7aq0GTCxh6wZce7cWB2qNAZh4PG7CNkHyDLr2yb4n_sUhIi3_Q-j8Lu-w_V3PEBa5L5SXqGXao82tgEEESX_YOcXJzrd5XbOJSv5atg

Requested by

Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame ED52 32 KB
8 KB 61ms
27ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame ED52 3 KB
2 KB 59ms
14ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4285695&gdpr=&gdpr_consent=&kid=2958451&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCb5IxyfOMYb6UEMji3wOkibyQC6-Fi85k24DKhOUO8C4QASCkrNF9YJWCgIDEB8gBCakCZiM-sPFBsz6oAwGqBIMCT9A5-dJP051qBIjstDo2MyJK0nnydOu2XerPAilcfkju7ZNvYasbtWaiRThKo98-TLuEvlt8WBR4_fSRgFEz7n24zuhmL_RPd3O3G-03NwKyqDaudQ-VMaCEvnI6bOfLmakc3cg8wQHU1g_LxKLLwFyOjCX7TjCPJPJDugrFmxpVB2yGpqS9myP1rHEiYxqAgcQMSuKFH_m8MEPe9LPmp-AXgzbTtpMCp4-1x7UlxatbhDcgJAITM6_6fj68a0WsAqo349xC7iEp0h0fyN57AnhUlDyfTBfcDuXJUK9rv_UGsM0aNVtArye7qKzoyphoqofdoc7NCSQyJM4Vxhgdf-v00sAE_OTPmNIC4AQDkAYBoAZNgAesqMu9AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMjYyMzAyMzcxMzk5NDAxMYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRobNwbnnwgJ4FcvI9DdhiVA1_52w%26sig%3DAOD64_2afsl0RX1NeD-ngEhkqlCCaU3TWA%26client%3Dca-pub-4079053777895441%26dbm_c%3DAKAmf-D6GzS4OcjYfNrLABCV1s110CmDQkNlAaxfWv1Iiqn7x06v9Qbj90NUuHi5bxuJPPCCYDlZ6U5QpTBaReCe__7-9v-FWgUnoAIKH3E_e6l9LVW3KgwWaq90kyBykyoKYMhTTiwjjfKX7DKHtNlr0fSRiyu6dQ%26cry%3D1%26dbm_d%3DAKAmf-DPMjusC5EFIvuN5l8lcEv3_xPtbtgc6jnYN301YvtYOWCs7Ck0sa6NbcGCH4n_TUIEFYegF96-e8rWK28oO7nBqZZHaRp6DBLvkNC0PDvI6RgEeLwTxB2v9S6s7MrCA-Q70agJGaqx0XV1jwQtk7rOBl43nB8zitUGCE_EVEzaw1Y6ZRxRYK403D_FwVmxVxSxgbFq_y4C46ThSHUmfn-0uQPfflfqANh2Lc6VKIY347wqo69do5ZDcIvZcGqUrggmq0AbLxjntiO3w3tdCLGMid0NtI5qdUw9Ondsvy7BWmFJPAZZvEfsBAhCXRWYEeZC08mip6YwH3u-o8jg_lApIYuL5UwqihDthKY4tIvNkaMQNsjL-3VoL8evy-vcZEkR2KEtR0mq2Gr1BJt4QWFoi0BbZgbB0I9WQvEJbZnHj5qnaZ6UmXRPUs4yk0P81s-JXnlF%26adurl%3D
Requested by: Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: aad7b6285ccfdaae0561254b9542a687fdd92b5feb035632bf44082347738891

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:43:22 +0100
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
cache-control: max-age=600
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame ED52 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:40:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED52 119 KB
36 KB 60ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 10:43:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame ED52 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:37:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame ED52 0
0 15ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTikK5VjyuoHrDcCpfMmiIPYQIIAibQPjsmOR0IZuuHEKwwORRxhqonE6QTN0xNxZFKcmnJXE8ce4PVC_8MBt4h_NcuiQ
Requested by: Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6D51 624 B
733 B 21ms
20ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhjDkP-5ATAB&v=APEucNUXo5LG5MNJrc35c0DHOnisrnKAZ5ZG-0iXqm3TXWFsjcZTFyz9gEEr8MS7jOlhvJW0u1Tc_q6keI0eJhZzEP-EpXnL5y6MsNaipig5sap2AAOrGvmOjwmGXvK3nOHYovbHBoC-egL2fMNbKCxKKl4ErIRflfEGpAIvmKaeI_AiOGfLI3g

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Nov 2021 10:43:22 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 117B 19 KB
8 KB 292ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7878
x-xss-protection: 0
server: cafe
etag: 10809069374711699201
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:11:21 GMT

GET
H2 200 5713719616354332649
s0.2mdn.net/simgad/ Frame 117B 36 KB
37 KB 60ms
7ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5713719616354332649

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13a5bcb192e63d40f3c787ccad6805d32f76c4ae0c4f8656d09426a405b6da38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:35:03 GMT
x-content-type-options: nosniff
age: 499
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36863
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 18:03:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 10:35:03 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 117B 6 KB
3 KB 295ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 08:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 08:34:59 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 117B 0
571 B 107ms
57ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGPCvRc-8QdGw-mePdTtUiTrVBlEpexFIW8CP4IXR1XXGcY7XCfsb9KrwQxlfK_jRtoUquk2b55urCKTP3AFoHsUeBmEOTL07sIPbANQfZtGI6xnynIOUc6wsZW8nRs4fqlU2NqSgL2lJs1Eu4aQy7L9dZ9ZWy-jUBBIicM3hUAiFn-fIn0snsTuh_YKh5Bx4qHmyfSXVXeKenYO5d92qY1AFtwxpmh8DP4trXLG59SVjINYwtq5BWPgRlHYhFTXmm-x7kbv2oitpv6i0yjcB1JrNAYb_tu24iahOosokixeWpyffZir9PySVKwe5pq9j3Cpw2ULQDn4FtOVrKkKIvFsqyK_FJ0MbmG9W--1SI1QE27pkFW0DuxfgVkJysJOymZ-dcRGwsGnUVCcCr1AygjDfUHzWh-VOafyVIcFFbHj145HtCbtU3VtoGQMeZ5vAMr0B1X0TA6ISOnLIdsShB8z-39QzBSyw2NiysdWw7t2sviSYVHfNS4lIrMDXzRHir6JQyZqYzDbLaX2F3LU_fojnI6M63p5SQN4EJuSt4maCojROW7eJ5NAv2EIq81vzAObgzlCnXSIZAlugAb5EPIFEUNAC1G_SSLQlUJT5oX6-s9qiQDDp5rsetZkU_TVnM3_bi44W82BmOVPKRyyu754FJXlH6DRSd9tf09QQzb7taBVBy15k1Au4xnpSKGi4_THvR51tTCLmdHQDNNB3-CllvSzMNMHaNb50bhllnW6_zJhKR9X7uw-cYQfYJvlWE0_QBx03xcDUBBnh4W8gSt871OUeNoqAsxByKlyqX6CA2QevYo0sQpQ8qE8MbJsjfdThON8oP5W0b2oiQCePjK5luA1AEj-D_OrGpkZsNsF3gQ-0JuQcSeWET-xLPX81IiWbuiyBzRXolMKX3wCBSQ_nu-F1UzGhp1htPPbPxuZt8mRglVV07MUdM3O01HEFiSvqr18ccLQKaKQq_RjoCfTCoW6PbgFAYVhdWQq5qLhj_sZKrKpZAJIeFWkXDhO-IZmFgwRR9AhMgAXUo08s4ZcqjUt1SvTtJ0X9hPa9mNEAOuFxeTcaKRMfgOVJccFpKz0exTMvvQimY8dbLxCygiL9pwg1iI7WQcRJAZp1xwtle7TuE9SHy_3HsyOQDC8KSAxxpBoCtM42VGUW3H-89GsJ_YcQuKYmcmTjPUo1Md3pk8TDMxypDYYcZPZF-ZT2_lA9wr_I8XIClNcLbASqwiWQlPqg&sai=AMfl-YTynvAHRvmgRfXbbkg1yvvxmFJ6rl8h5oGRHSEufabqATjCEWjiFL3RmSuKzwBg7U1rOeQzu-OJkForx542_NrmoO8N3W6RGocY4I2RhSOoGxk6S9JSmCp-vg2_f7-GlFcZPxKsNSpaiHpQ9pvZ3azZrk7hnwC7lH81wkgQYHC4ukWKuQX3IpPkYNE4E-IN90IL_NHcT1ET9vHybT52JXaFY-u-JTZjKnKq8q6TxNuo0qlela4t6MCVoZx9Hdvs0ouFcMQJHJeCNG1KUKOQ_EqElrXF2iDTdm7ebDmdaBvRWtYeUwNjal9wbZrntLVldgJLCES-JW9m626VrVWQ8qYRDyaLlzfN50awC-Ym0BPFKEgoONc3Y7AE0TuBrIAApXtwBeLxnDEeQfPO089Qvg&sig=Cg0ArKJSzPYire52YGmiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211108.82768&adurl=

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 11 Nov 2021 10:43:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 117B 41 KB
15 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 14:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 10 Nov 2022 14:16:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 117B 2 KB
1 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:40:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 117B 119 KB
36 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 10:43:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 117B 15 KB
6 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:37:04 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 117B 42 B
107 B 314ms
44ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DhAIT7r86lp_GJ7PnDQO21RQHvcrPuD4OsGShHX3i0rF18AuSx8AzGhIuDjGsEJXlSA1QwAc9I9xq5sO5UFnaUv2q-X50xshZtGVEn-iol8x6f7es

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1148 624 B
340 B 21ms
17ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhiOypq5ATAB&v=APEucNUxTDSYjZajZFCoP_U0suUZ20lQYan_v1sMTtIoQOQEp-FBVd3IjqJe0crhvjPGql4ysW-1Q1x1vMTEyMXKewSCliP3FGIGVNWSWzHAfdHEzveCGSCjPeTqHMIOhc2NXZSb9BZHLDPMIJxO1aeIN4Erk_ao5AatTkEDmt2GnVrTnKUEQzY

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Nov 2021 10:43:22 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame B027 19 KB
8 KB 268ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7878
x-xss-protection: 0
server: cafe
etag: 10809069374711699201
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:11:21 GMT

GET
H2 200 7373277586269536410
s0.2mdn.net/simgad/ Frame B027 39 KB
39 KB 47ms
18ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7373277586269536410

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47e3a9faedccc2a6eefa941be4e3614d954abf470e1b1e1b3904462262a446c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 15:20:18 GMT
x-content-type-options: nosniff
age: 156184
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40300
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 12:11:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Nov 2022 15:20:18 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame B027 6 KB
3 KB 269ms
18ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 08:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 08:34:59 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B027 0
61 B 84ms
58ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_OOtHTLeHyeeXW99E4PnwF-9hlD07nQLsAPToOM-mT85lSV_rnEwDWl6XtCM8s3tkNeKEJUD8Rwm99C3C-U38qRAL6I1-HUCfb6qdeAxeF_gc1Eo9ePvRI2b3u7KI6aQcQTQ2mk4kt7lax3zsMqfF7ozIU12aN9IQTUerwzgoymFf57Tir2ZApoRqimL8oWdOnOQzptRQB8Y-kV3guxIiCn4vtoykNMLwh9-xfKGL4rNrUu4pYc2YCaIqvNS7kE1fMdkwdN4W-fTR5-Kz2_UADLdNF9X1hH-czPNp6xitaeek7b5MA6SSUsRddlkFKKiFU9xG-0k1xZ_k7W6nWL7G1HuziP4ZM8v_SWFDczHdLtiVeT1nw2o-gKfDaO6OHWZI4qxLuuQVRByywIopKLInV-niuM4a_ZhyO8dmsf3JmovKPjzCMl0ON5QWlqj1MYuq4OOMlxcO7my2Tym6ywTG1qY9xTLA6zy18PJMi9XDQyBfM9cnk5emqGDiSeJXjjSylqglaI1m-e4aOSQSek87IdQGHWUmCcxQW881TiTx-PCBiLvpWIIAvkUkn67ja_Mv5d1QTM0w8rk2PLXKlg60IRJ5gjxiJ2Rr-vN1nlPxA8VO-ky6xjr7A4UqPVfx7Q8NlBLC7dHrYuE4sxHYRMfqIt7obt4lekicUIQttSxFfHGDsczwyHjaTGgRSw2q-q85Aez6xOUnMRqS62sQwKohzsXRnKj8w1FUkvb4Qv6j6LdzjLLonKumpE6F_4ezO70HEuhS_TB-k-bPpVK5fr-iTGYs-K8MMopZ_pUkyhi4SW1yZtBgCWhG5iLcPLHmS5puAlbgp0DO26XjsoFCsvQV-5cEuJEYOU1ny68_Bl4Vw8aHcGcP21ySPwpy0eIhKml5UIODu7uGuqHDbeD1BdG4TWx3OmNkx-IAUQ7pLwGofCuqIkZ-l-9BJYA6V__GnLWRvZk6h-3HkQBK9pIvbg0KriEOgkSPTKLkDeOOAOnvraowqQt7-iTcC1ck4r3UoHNi2YkMsbqbPmYvISMYYHlZVcoLO3-v-PTtAKkHAPSuJtZePmtz48NwiY8DLgaYm22TyZtzg7--QUv2gLvCr9kJ-zrw_7NNhSJfKSG6jA4vBVI1kKQfJpAa_APMzEWeifB5KVcOtNsM4pY-Kiqe1mNNb5aeNv9_p5ar9iDfOK01jC_qmnpwovz-H4PwVHt0mB3QQG0cPrCnhky1e0qf6XwykSVSAhY&sai=AMfl-YTClGO3v8olqFdqSAIC3J4fcei2kWkcMM-JXbrcSMvCOC7QdjVei6NpLJwTgBb3JChi-DomNTiZDNoRvrSSzt8oCESEkwBiUzGkG8O8H38_9ZGVZcZMBcFNtaHntTsJA4EnqOeFikj6MGbOg5uDjnaaxcPzhyDwjzJ7O7iHb7pJTp-eJg_x1fpZkJeiWuajpERhKbkZJDBM199P91H9ik30r7-K9BFq6SvuYM8Dl1JBcJ79ssVWKa_6b85S5yMTl7kJJRa1EIwww3DejLNcLBRDc05q6EcD8mT0ubpIMAx1sq6YYJ-v0Updh1HPlojg4IdQB1NEdGcIxF73qDY364qPaUOEYbZO9SghzxsyA4nZ4OOENUMGkhJmecTGMywK4lhlxfegGGSXkcaUDHM46w&sig=Cg0ArKJSzDg7Ibw_5gKHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211108.60553&adurl=

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 11 Nov 2021 10:43:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B027 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 14:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 10 Nov 2022 14:16:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame B027 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:40:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B027 119 KB
36 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 10:43:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame B027 15 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:37:04 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B027 42 B
110 B 290ms
43ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcuIZGyCfyGhphGSQYcRUYxXdP1B9tq6Zn_m2XySweQ5NKlKClv4WvSMhjjreQDnQ9rMa0ewMlPB54UgTh34iVouBepnz-8J0cAu27GRnFjXkb_hE

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame ED52 24 KB
9 KB 201ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CN8QMjZki6t8u-h7Mi6CHFLtbtaalMvwq0Z_eOiDBck4MgOstqH9DVx8OqIvqR8tk3-yZJyIw31Q-Ivs0dqWNdC9L6TvIEH3-fdKem88n1O9Zb2-xlw1Qfj-sV1Bal4RUfUhiN4135EQeGSrdvAdV8QH13KQ&cry=1&dbm_d=AKAmf-DDodIu9HXkyBTp_OUwd5H9mnenSz2HnmoPRY6rnyV1DHFSslpDNqGT46n0HWdBcvCpUJomfjJgAg_TeDEo3zcds_QBevWQSe6xmPAI86CFZ5NgkCWzvSTTL0ZtQmBTN2Ex_SUTn3fZFqXhb6BfoGDXlWwrB0BXHBXbPcWOFfleF5rclSytVkkOnJ9CnXLC0xYaNOy8gi55OHDpojik-BAhm0ztdG5v4b82p-WG1Bil29PIzIAqFxvBAE_1J-l3ff-IpManDPagu_R40JHXuW-PqEsE4uQ40Gz35Qf37MMRJVam37u8dueeuDbmGylH9s2uemCvLvTDEWDWoxMQm1rRcWgj-NVUIxkbI2cHBDa1RjDU1_Su4Ji5IgB98z4XtSa_jco7h0vA0HREuuDunZL2VpiZzCgsVcIoP_MQ5WijtGUtlfCFOMWj1Sk3LC5-7ROCn8Eu93IhZWoYzC68qQUJVHTVYosnTf7VPF_slEkcRL_BVUIexn0RRCwvADNHBYwoDt8FvFA2966TolLXf4IW9jaYaR_nN6ETZA_w8I38pQKKfOXAiP5VUEk170v0_sytJIBG4s8Y-hVfhwgOHkcgppQja36VLZWpYos_sjVrqy53BACpOya5uKNdj8oLY5UFlmoJYcHvcosWt8tvAKJXSjSzwji3tXhlRf3FVH1LzLn17CJe_IPcsJE9A-gJq6aaYC9BczXxDI7b5QrMMZzxeWWdYTLUbNO210RR16HrrhqchfOo7rpcnwZN9qM_s4EmtAbpGb-BReuEhaGvMALlEX5b1-vY24nYHAj_hNc-RwP6Eq3Fl89mIc3WqRNlWtZA5o9nb0CHY5n4BCbytUBXFtlHVxiXVI-1bpKEAL8_J-0eIoUqb_bNGEOZ4AHcVh5lHQWPozRTGjGyJlFKPHgOvzVsalCaBH-stPY_iuDbBMKj9_vemumqnAoJSvP6kWryzL_4QR9DJSIEkAlBkE7ws7GAuh87LmVg4Jq3oz4xBQZsB0jRAtRsUEcfGoXwlJlR5vLsaa3lxCOhk441WlZBFsWQ_1AIgWyX06UPwETDoMnUcbRLyWNObalJWjBpscAF1aiMKEf8GE98Zz5AamNUBQPKvCYc_DC9cmY09-Ri8VkfE_jHX5Dlu8A6qkhgaWcTvgLlMLfDlZVMhxkxav5UGf5-Q5lDy2oYWJnzSe7JcADHFNM0gKQPBZTumzeX2Hmodum-fni9IwAzxB4TuMLOx4dmM2aWGtEA01Na-giSEUExpuJtZeB0_5I9Ru4aHD5G6VXrJfAp2bQbAA2c18jszkl-kRVl6_V8FhO-hN59-Ye_Ugs2IhuVqOXA1otzpu8mC5oZKqI5_c6rU0yCdujy9noFMiZ3m0RbP4fB3u9CFvemdrkZIj89Ig_ka1znKcRGtyiaPqHh0eyijKdP3MCdqlG4AgFPHG3nc2Y5Eowb6ko6dkE09ghbGq24X-L0KT5SkbcYnuXdaq4zvcPZ35aw52VYKdPRHHRX6CbLqTa0OcTNolbtraA4pD8fCTh1Iq7bqQag7eMapbGdz8AOkbXi3WzQpIkUDOAkfBpSkg_bSqQj4RgLljAX7f35KkhhiQn8WwyjKj1Y1kTDxYrPa7mzlzj3k6d6FXk-CCXoaOgrBmirifx-rQEBzIjC6-Ux-NH08ooRGE1kBkc06J3HyQfWl39MhEUhmOGS70IIxN09gvQuMyZX96_EEu8C1I_3RT_91hBDVd58CEh0TFYY9yTvXL6CinI4EnBj9_whJbCyM5HlsZnqwyOkoKLpDcQrDlbnxuVDnPJmW_qJ5vEi7VECQJw3riAWNoIoEjQWCAb_AY5eTENm9l29C7jEnF3XYY65gRa7X5cT0DRP1IVZQHaRrI7j9U9iBMSzeA60e-SYhWL6JtSClKJaf2kz8zp4sagcgkS1VtqfpD4iRJx5FVmOIbYcMH_7FuiakRxmcpbU93NnKa6LCtB0M5rMZmK1TtTiyfq3_Ar_fD5og1S9Ahz4CIzipMhgbR_pQwRBurA_WMTm7fR2lHRSx1MpPL97qOhQR9WqnaZ2NVsikFyLQIG3_7xzIHm965T3c-jZA9tS4URBP6bfxpYBBvJ0dCkhPr_MzJYdOXJCAfV1mpoXvTgbA6Oy8rndPEdLowa_cg9JZXGFNUAR8CYsYuMomkmM11-TzGkJZ2hMBf1F26Lv3XnLXlvD6DA2_z2bayJZruNtU8LAT-ln9mFpGSEu78yQ__m8mjEGW4ZbB3lnT37XviNJSJeHz2DpvGfKjF9wZ-tFgQE82NLBuWq-hZFCU_QUnralwnKNK5wuiMk0t2cQLuMhn3FgRyztPKRyc-SYWGF7Rir7TSu3zIARdw-1wH_EcNEtSHxbgfTgpVEHFFzOubJZhHcI7BI07tUoZ7XR04CLYIvZbxhBegABfLq25xAVdNafW9yOmC2qCIxNPBMhbx_R6r0IJK0sQBE2rEu2KoRW5v2lP1nq5OI5vztVs9AXIO6Wx-5QzoBwftyos0J1fv1hDa_tjU1JsMb8J6Ba7DIjcXDGmEpoarrOdf7n-eWa0-SJ3tqB4jtCCM5TPRKE_wX9nJJA0cVOTuAc-X5TK3yXcWm127o2Wt3EKg-XhPygx4XAHYszvB3b3Z1uoxPuwfbD3TAJrDRq32Zr2PLfyggO_GwXNae6V_6Lbe8eq51yfScWOODnx5LklwKEQQR_JHdkZVkCW5-mZJIc5IcNPIXbHWpE9icI_qZ__I-gEgX50cVMYag4g0kh62p-exhhIhqDJQMYsVRhUiWD84EEIFdFlxNc-hjwl4rck3o01_KNIUANnqGYzTGyf2OzBxSWJzDMWdLqW6RLae1tnEKl1WbGFOpLTBRWpHhg8dVsUKb4WgDqjpFjRYVcgiWdcAnM2IEmWpnIceGwWKSPq9skqpJutayBfC2O4Ko70i7l6BzE1TsSjoSvk5r1JR_jzqIOEL1dgKSDD91XFLHVlh3Gy3gjGHvxnGyj0gsMmGsI6v2YShZSRtBY9pvrmuhbv-aReMR1V0FSSpbAqYx70e9It1pmmTunNPB6tEl0hDw0lVithQIn3Hxt7OFojtcWgVE5fnF61MLuIexs4cwf4QA3FkkeM3GFVaWDi_43AHdW2Ndet_xvNvaoRr62MqYU4IOIyo4CJ60NvpqwZ1YW9p3kPIeDHn8puKcg5wmT_S-jLoBzJBH1qRzJftzIXsmLobj0kswkZLlaig&cid=CAASFeRobNwbnnwgJ4FcvI9DdhiVA1_52w&rfl=1%2Chttp%253A%252F%252Fextra.com.co%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9506
x-xss-protection: 0
server: cafe
etag: 11173536317444432557
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:42:53 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame ED52 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 14:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 10 Nov 2022 14:16:35 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6D51
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1&C=1

43 B
1014 B

35ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhjDkP-5ATAB&v=APEucNUXo5LG5MNJrc35c0DHOnisrnKAZ5ZG-0iXqm3TXWFsjcZTFyz9gEEr8MS7jOlhvJW0u1Tc_q6keI0eJhZzEP-EpXnL5y6MsNaipig5sap2AAOrGvmOjwmGXvK3nOHYovbHBoC-egL2fMNbKCxKKl4ErIRflfEGpAIvmKaeI_AiOGfLI3g
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Nov 2021 10:43:22 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 11 Nov 2021 10:43:22 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6D51
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzzysq-A0H05d73kGi92AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1

43 B
894 B

25ms
20ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhjDkP-5ATAB&v=APEucNUXo5LG5MNJrc35c0DHOnisrnKAZ5ZG-0iXqm3TXWFsjcZTFyz9gEEr8MS7jOlhvJW0u1Tc_q6keI0eJhZzEP-EpXnL5y6MsNaipig5sap2AAOrGvmOjwmGXvK3nOHYovbHBoC-egL2fMNbKCxKKl4ErIRflfEGpAIvmKaeI_AiOGfLI3g
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Nov 2021 10:43:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 6D51
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELk7oLvk8Pw_QvwUvL9VCd8%26google_cver%3D1

43 B
1 KB

32ms
20ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELk7oLvk8Pw_QvwUvL9VCd8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhjDkP-5ATAB&v=APEucNUXo5LG5MNJrc35c0DHOnisrnKAZ5ZG-0iXqm3TXWFsjcZTFyz9gEEr8MS7jOlhvJW0u1Tc_q6keI0eJhZzEP-EpXnL5y6MsNaipig5sap2AAOrGvmOjwmGXvK3nOHYovbHBoC-egL2fMNbKCxKKl4ErIRflfEGpAIvmKaeI_AiOGfLI3g

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 46029348-10c1-4563-af5a-9a47ef9a8ae6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fced1449-ad0c-4e2f-9094-bbab0c22f897
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELk7oLvk8Pw_QvwUvL9VCd8%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D51
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: bc1ef16a-e62c-4763-aee9-2dca351b21c9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9C1D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1&C=1

43 B
894 B

18ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiIq7-6ATAB&v=APEucNVYtyY_U84uMnMbi-J2oQJ-_Yp_2tOC1VC6aZni8ep999XChG-x-7bFNKd9phL3lsJZa-id-N33bHjaELabqJW3nZ7s-gx4sMF3_NXG8qXCHBb1eTwRVHkDM6S3e5PTuMpRixvcurIQFRV2s2NetovqGHRjcw0mACZgn8EyHZKCitWAQjw
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Nov 2021 10:43:22 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 11 Nov 2021 10:43:22 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9C1D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzzysq-A0H05d73kGi92AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1

43 B
894 B

19ms
17ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiIq7-6ATAB&v=APEucNVYtyY_U84uMnMbi-J2oQJ-_Yp_2tOC1VC6aZni8ep999XChG-x-7bFNKd9phL3lsJZa-id-N33bHjaELabqJW3nZ7s-gx4sMF3_NXG8qXCHBb1eTwRVHkDM6S3e5PTuMpRixvcurIQFRV2s2NetovqGHRjcw0mACZgn8EyHZKCitWAQjw
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Nov 2021 10:43:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9C1D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1

43 B
1006 B

22ms
20ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiIq7-6ATAB&v=APEucNVYtyY_U84uMnMbi-J2oQJ-_Yp_2tOC1VC6aZni8ep999XChG-x-7bFNKd9phL3lsJZa-id-N33bHjaELabqJW3nZ7s-gx4sMF3_NXG8qXCHBb1eTwRVHkDM6S3e5PTuMpRixvcurIQFRV2s2NetovqGHRjcw0mACZgn8EyHZKCitWAQjw

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e39405f1-50d8-4084-a436-55a4af913580
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C1D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D

170 B
188 B

17ms
16ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b5cdd5b0-b8b2-43d9-a679-60ace326b3c1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 117B 0
60 B 68ms
67ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 10:43:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F8A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1&C=1

43 B
1014 B

42ms
19ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiIq7-6ATAB&v=APEucNVZj0LykTGmTjZvH_5_4Ig4nMFepZvU7mmZTow1VeiVDooZ83yEG_XYpp2PW7-oJvkPG97G1MlElCilS1-icAkdAYEz-nU9LFRvvq45NicjHvVVdEg5doDr4d4BcKMMIbX_2-TCv4MDhieqYm3-cKttk2dSsErAjw-K_szDTb7RjiOLUGI
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Nov 2021 10:43:22 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 11 Nov 2021 10:43:22 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F8A3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzzysq-A0H05d73kGi92AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1

43 B
894 B

15ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiIq7-6ATAB&v=APEucNVZj0LykTGmTjZvH_5_4Ig4nMFepZvU7mmZTow1VeiVDooZ83yEG_XYpp2PW7-oJvkPG97G1MlElCilS1-icAkdAYEz-nU9LFRvvq45NicjHvVVdEg5doDr4d4BcKMMIbX_2-TCv4MDhieqYm3-cKttk2dSsErAjw-K_szDTb7RjiOLUGI
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Nov 2021 10:43:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F8A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1

43 B
1006 B

23ms
10ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiIq7-6ATAB&v=APEucNVZj0LykTGmTjZvH_5_4Ig4nMFepZvU7mmZTow1VeiVDooZ83yEG_XYpp2PW7-oJvkPG97G1MlElCilS1-icAkdAYEz-nU9LFRvvq45NicjHvVVdEg5doDr4d4BcKMMIbX_2-TCv4MDhieqYm3-cKttk2dSsErAjw-K_szDTb7RjiOLUGI

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7408ac52-9462-4f8d-adc5-93268570af41
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F8A3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D

170 B
188 B

20ms
20ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8e91dc02-e170-4289-80c5-2e3132e6f891
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame C793 24 KB
9 KB 178ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLoNPyqLSD2tmi_2xDQpujoIgjXdCdPCGx0CF67hm_ftmCE9DlpN5CfWAuLHdC5z6y1DKLOfy0ZOWbgCJ7-Tp2B7uBBoqS_IvqgJezK2ZHI6Pjbe1fxftzJuZsQnsLCqD_qkIQNjgZ9HhIYXX_tbQEbkJNig&cry=1&dbm_d=AKAmf-BhiA_rHg0XiGFfcx0GKZV2vWjRPthqg5_PHjMSuchTvOXY5_BfI_81ZEajGkXACtxImOyiR9zSLK2L7q7K4Z2lrWZTh5J6YGjlIyCdV5uIr2Nd3Yzx8PF3COIxi6csbfHTpfkVw2Rfj1vxCJLzFoEktm7r8Rzlg4qSsQQtPQrDv5eaQhoyR_LMQPNI87Kh2_6s7IDH8oGqF68uGDXMRGnXwIXAA-bG24QATfxsW-CHAswCrwsTqdiQoAYKZT6YeQ6txOOgfMGTQW6vDTWXNtpCwhQdrADIeQRy986WCJDL9dmwQ2Q4QAVOWtNByv9VvKqinyJGucWN3QtiOwaAk0GUryJAAmSwCRb0mJjJCZFN779B9afFF7vhp2hP87PQ58wTbxfV--wzSYXoi1frVsrlgvFyh-IewZ0ER6Y7o0Gcun86f3xHgVcbRH_OeJeBTQVme244aKZt1tu4wbtl4YjOSsVSpvPTCrmNl-oiKKGqmV6x0qzfomlVG5XAOKWtiVngJfNTE6eOHpEtuRQA-JqW2q36SOTwqrZLaA6rZd_G7COazYVPBRKd76QwMiZgenBpcWXf-FbSwKGho8zcgRV863Y8TBR_z4kOp0MCzJ_RFpYXnVGet65Rybfn0sJ1oW2IgAhzK8DivlCa3mDMw_sPOsv0mScc_SvhQyGpsiYM_OUKEuhU-pvelNIx530zkATRbXkRg6iqv5T9NOfMn-85Fp4kKutgcTNl4fOvtCis0ixsGO7_VBJSe357eahsb1VtEb2EbcXhi_1VeXP5Bd_haCf8OUu_atTnPlkyg_aVnM-ldJ60OibiMv35kbxfUY754rz2Gv8CMZZEiUKVO79ZjSJSjfD5VHX8SIQcGRXBdk-2qt4T8zJ9ilAXMPoFQkWtQaoPp906L62Kbb1JSuWmusXfPoof8J_XrlytlSK7vTLqbbu4Z-3OSlg3PazPHIq-YX_hc5C1c5VFEMjjvKdSWqQ4BnTNAgMsE8ApG2r_epHVxSfMT9iJzbqO0bHmf1mntItterSSZDI6DcHBMGDjF_HLFgqHbDlGibj4r_CnOKuVZWbvXIcPFEjAp5ndqdvpWUhqDaxTLjI0Juy4rVNJZ7hsNEFt8z2wUxqpChexzzJb-am-NfqcY8zt4mqJIl38L-iCqBjm_jsX_4hhfNx2jpkgFKVTnrP3e1ZqH3e-O6VkMFmilM0mc1cQSm1dAJumZOC7IMDM0H1gyduepj030F2W0Z0zmurnw40WQKGHtpoamzzFa5BRvT7kfTMA-Gj0NvgdI3g_VWSMYjIpQjNmdWHz-vlDsBb_GMvMG9g127JybcGg8K6fbkxK8FvtXc5psaiwWLXJ-RY8_a_c32oxwIEBYHYx1Rw0OeWj_BPq_uRk5rpcr2caX1SHTTONdFOZPR2oQowoDNdiT4xQTAQ54dxxFU3DLjAHgnYbUrkJh5yws1Ccclvv7dnyXXe6oeYkUV3o469iARZKgC5zgMBzOBzlivSJ9FAbDBIiBCfmPdwwNVwt1qIkMp5yCtHVZrm67JfG-l0kFTUNCxL4_GMFxwfb1-nfQdYRtbC0c-4uKZJFEhLsCGqr3AH0H9ZoKtZQVI02bPrUf_uJ0PVxvRApLM4lFl98pyHaUspuVvXNsxlrWW0_t-Xt_815Bef1akPUbwJgByBGH3ZweV5DjcMnBY7r-A5S4nSvAGh3nrp_vFIcxz-zR0H7E6HinQbtAweo_QYOQBr0zUNuW9ZB-56MLG0F-sPue28MlsLY8kaOdDMGKzjOi8FWHj3d0g3bQSGi_ILm1lh8QEsmCYDtRHoMF2zypX_w66en1p4OsevkGCaaeuTaJnssZyrz6TgGmVdYUcnuqWSgmQtWARs_vYM8MpHqWxOGDQQm-Lg2LKQnY0WQKP3iBPHZemAwmy6_Y_QpOnNW6w8gOygF5CnTgNCNfZ05LdSshPhqvFC-BWPlg6qe_LEZPSfjCEm4Uw3xMNBEZu_pXlHcnXDkJECwPvMiywLD9e36z-HjOM6jn5aVvcGkaUazJukLu9cBc-0XhSL_OKgZQSijA58Bb9h-Kz9YiwIj9MZfJsnEfACSuL2D8H5-YBrlm2NZmItPJqsLaU0sCIwuIlwXA5OPLAbIHqVjoaBbq2F7XTTHVc9Mx17U9BI725PIyS2cf1gA2vsqAWvEfOKJozJ0rTbdLbvJqxFDW9pasac9ILNqndNyWwmec334p0TVCB_RX8WyTnwmy0J1TdiGSHf81c_mt55Hgn1vzzLV0LlLOAtrezctHGu6ozRsjMA94JTTm5hka5JoNNIJsCKNEpBwYfZzb5oRMSU3hGAq9Gm5IG35mYlNfbH_izQsCXSkIhRh2wTvDWEJieQoZ-qqRvH4od46STgY73fja8T2tEkeoi5CpD4zYuoQbDXKbl5GHTaLwPP14dRVGXPRn-58RcNWlBc4Zj9Vh2DDvmuYAqyxplG1cG6mhpxLbiQGt79qELCVqOfa1bd61hqFad_9v0J4CLANhol9Xh2Nxfyf5b_XC1--U4oxdjwLyBWcysXeeIfU8uZ62S5Wd_JgAx_nm4i2SnjsVZg-Go1CzyESqKvyLvakWF1TDtIaOcLGPcYtxzlR1pbuRMCk1MQZF22_Pwbb78vD3YxXT2Opsc4EicHAsWxwBUKYg2L9TpJnfaaj_hUs_6qul_ApUutWzxYx_vRvAl_KsAGDLQ1Y5SAqcnzR2R9VDy2kNjxjqX5ave99647cGjDuMB4nM1C47IqQA7WCPcLExAgy9U-a3jNDCpf3torL9uxiozRgRRSppeB2If1Ymhztl14gF9PwVzJoK1SGcDl0DpMcimxMMptUbveADD1gVa7QGd_lLs-H0RhqLVcyA8VMwACQYZOA8GbO_tliLs0oEB57y8V_gWbiEOZJA5D4rxz2lOcQVWB7gmDmtPD6oHtKghh2OI1B-aDyZ3AF4sFONmY2w0nz19XF7tmRsqGPwv7e7oYPSZBulTzIW-6LO3sgOtQP9SLKhF2-N5W23hq0c_fuKD9GQjeP9lTi5obL-QwSPg4WsMCTbYOhwKQOGFrqQDe-kaB_So5z41u2YfOLYSZxJuDfRuU9RaEvVOAnR1Ej_ADCVtODAItrIGCyuQruxebkz1_fqGB3zJgF2O-gip0m8ClFRJhERGM16WtXUceAx-i--y5U2tgMvBsGKr49aJ6sdo0B0nFob4NGrztU4rKFYx3Rw8ef_Q&cid=CAASFeRobALMCTSw-IqckjFD7kbGLeOrIQ&rfl=1%2Chttp%253A%252F%252Fextra.com.co%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9506
x-xss-protection: 0
server: cafe
etag: 11173536317444432557
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:42:53 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C793 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 14:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 10 Nov 2022 14:16:35 GMT

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 141ms
42ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=http%3A%2F%2Fextra.com.co%2F&cb=1946586655&player_width=400&player_height=225&media_transcoding=low&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C8182401104343211239822163732%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:22 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000345
X-SpotX-Timing-SpotMarket: 0.012483
X-SpotX-Timing-Page-Mux: 0.000316
X-SpotX-Timing-Page-Require: 0.000407
X-fe: 024
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000041
Content-Length: 77
X-SpotX-Timing-Page: 0.017918
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000403
Last-Modified: Thu, 11 Nov 2021 10:43:22 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.012483
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
X-SpotX-Timing-Page-Misc: 0.003910
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fextra.com.co%2F&cb=2113488083&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C81824011043432112391809931811,,
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fextra.com.co%2F&cb=2113488083&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C81824011043432112391809931811,,
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGEwZGFiNjMtZTJmNS02ZmRmLTYyM2YtY2NhNzk2YTQ0MWZi

0
0

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
541 B 91ms
26ms XHR
text/xml 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1725090902&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fextra.com.co%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=55941&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-16-69.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: http://extra.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
731 B 128ms
114ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C8182401104343211239811694605,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
Server: nginx
x-sticky-vk: 1636627402772006-385
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
nnCoection: close
Expires: Thu, 11 Nov 2021 10:43:22 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
541 B 79ms
24ms XHR
text/xml 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=296990212&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fextra.com.co%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=55941&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-16-69.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: http://extra.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B027 0
23 B 69ms
48ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 10:43:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1148
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1

43 B
1014 B

37ms
21ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhiOypq5ATAB&v=APEucNUxTDSYjZajZFCoP_U0suUZ20lQYan_v1sMTtIoQOQEp-FBVd3IjqJe0crhvjPGql4ysW-1Q1x1vMTEyMXKewSCliP3FGIGVNWSWzHAfdHEzveCGSCjPeTqHMIOhc2NXZSb9BZHLDPMIJxO1aeIN4Erk_ao5AatTkEDmt2GnVrTnKUEQzY
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Nov 2021 10:43:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1148
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzzysq-A0H05d73kGi92AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1

43 B
894 B

18ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhiOypq5ATAB&v=APEucNUxTDSYjZajZFCoP_U0suUZ20lQYan_v1sMTtIoQOQEp-FBVd3IjqJe0crhvjPGql4ysW-1Q1x1vMTEyMXKewSCliP3FGIGVNWSWzHAfdHEzveCGSCjPeTqHMIOhc2NXZSb9BZHLDPMIJxO1aeIN4Erk_ao5AatTkEDmt2GnVrTnKUEQzY
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Nov 2021 10:43:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP7IgvFx9CyaxSEtd2XuFwQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1148
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1

43 B
1006 B

22ms
11ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhiOypq5ATAB&v=APEucNUxTDSYjZajZFCoP_U0suUZ20lQYan_v1sMTtIoQOQEp-FBVd3IjqJe0crhvjPGql4ysW-1Q1x1vMTEyMXKewSCliP3FGIGVNWSWzHAfdHEzveCGSCjPeTqHMIOhc2NXZSb9BZHLDPMIJxO1aeIN4Erk_ao5AatTkEDmt2GnVrTnKUEQzY

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a85e2452-515f-4817-9859-6f93ecdea28a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELk7oLvk8Pw_QvwUvL9VCd8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1148
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D

170 B
188 B

23ms
21ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:22 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 210a4d3e-adfb-4f24-b9b5-280e0034a432
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMzMDY4ODk1MzIxNjA0Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7D05 22 KB
8 KB 8ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 73548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 831F 22 KB
8 KB 16ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 73548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 28B7 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 73548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F287 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 73548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D05 35 KB
13 KB 61ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daad06279f649dfa5488172a30d91096116e14a154648993512d8ea587e43639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 16:00:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13329
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 16:00:41 GMT

GET
H2 200 2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js Show response
pagead2.googlesyndication.com/bg/ Frame 831F 35 KB
13 KB 56ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daad06279f649dfa5488172a30d91096116e14a154648993512d8ea587e43639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 16:00:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13329
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 16:00:41 GMT

GET
H2 200 kDuoiLtgZMgDmOUbVHT-UmPZA24HZ7o28Pr6oaX6YeU.js Show response
pagead2.googlesyndication.com/bg/ Frame 28B7 35 KB
13 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kDuoiLtgZMgDmOUbVHT-UmPZA24HZ7o28Pr6oaX6YeU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903ba888bb6064c80398e51b5474fe5263d9036e0767ba36f0fafaa1a5fa61e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 20:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 570311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13318
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 20:18:11 GMT

GET
H2 200 kDuoiLtgZMgDmOUbVHT-UmPZA24HZ7o28Pr6oaX6YeU.js Show response
pagead2.googlesyndication.com/bg/ Frame F287 35 KB
13 KB 44ms
11ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kDuoiLtgZMgDmOUbVHT-UmPZA24HZ7o28Pr6oaX6YeU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903ba888bb6064c80398e51b5474fe5263d9036e0767ba36f0fafaa1a5fa61e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 20:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 570311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13318
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 20:18:11 GMT

GET
H2

200

av Show response
vidoomy-d.openx.net/v/1.0/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fextra.com.co%2F&cb=2113488083&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C81824011043432112391809931811,,
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fextra.com.co%2F&cb=2113488083&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C81824011043432112391809931811,,

48 B
332 B

35ms
32ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fextra.com.co%2F&cb=2113488083&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C81824011043432112391809931811,,
Requested by: Host: extra.com.co
URL: http://extra.com.co/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:22 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://extra.com.co
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 11 Nov 2021 10:43:22 GMT
via: 1.1 google
server: OXGW/16.218.0
location: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fextra.com.co%2F&cb=2113488083&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C81824011043432112391809931811,,
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://extra.com.co
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame ED52 568 B
723 B 20ms
16ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4285695&adjsver=3&fvers=&iframe=1&ref=http%3A//extra.com.co/&ro=https%3A//795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/95.0.4638.54%20Safari/537.36&os=17&browser=11&userid=0&kid=2958451&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCb5IxyfOMYb6UEMji3wOkibyQC6%2DFi85k24DKhOUO8C4QASCkrNF9YJWCgIDEB8gBCakCZiM%2DsPFBsz6oAwGqBIMCT9A5%2DdJP051qBIjstDo2MyJK0nnydOu2XerPAilcfkju7ZNvYasbtWaiRThKo98%2DTLuEvlt8WBR4%5FfSRgFEz7n24zuhmL%5FRPd3O3G%2D03NwKyqDaudQ%2DVMaCEvnI6bOfLmakc3cg8wQHU1g%5FLxKLLwFyOjCX7TjCPJPJDugrFmxpVB2yGpqS9myP1rHEiYxqAgcQMSuKFH%5Fm8MEPe9LPmp%2DAXgzbTtpMCp4%2D1x7UlxatbhDcgJAITM6%5F6fj68a0WsAqo349xC7iEp0h0fyN57AnhUlDyfTBfcDuXJUK9rv%5FUGsM0aNVtArye7qKzoyphoqofdoc7NCSQyJM4Vxhgdf%2Dv00sAE%5FOTPmNIC4AQDkAYBoAZNgAesqMu9AagHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMjYyMzAyMzcxMzk5NDAxMYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRobNwbnnwgJ4FcvI9DdhiVA1%5F52w%26sig%3DAOD64%5F2afsl0RX1NeD%2DngEhkqlCCaU3TWA%26client%3Dca%2Dpub%2D4079053777895441%26dbm%5Fc%3DAKAmf%2DD6GzS4OcjYfNrLABCV1s110CmDQkNlAaxfWv1Iiqn7x06v9Qbj90NUuHi5bxuJPPCCYDlZ6U5QpTBaReCe%5F%5F7%2D9v%2DFWgUnoAIKH3E%5Fe6l9LVW3KgwWaq90kyBykyoKYMhTTiwjjfKX7DKHtNlr0fSRiyu6dQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDPMjusC5EFIvuN5l8lcEv3%5FxPtbtgc6jnYN301YvtYOWCs7Ck0sa6NbcGCH4n%5FTUIEFYegF96%2De8rWK28oO7nBqZZHaRp6DBLvkNC0PDvI6RgEeLwTxB2v9S6s7MrCA%2DQ70agJGaqx0XV1jwQtk7rOBl43nB8zitUGCE%5FEVEzaw1Y6ZRxRYK403D%5FFwVmxVxSxgbFq%5Fy4C46ThSHUmfn%2D0uQPfflfqANh2Lc6VKIY347wqo69do5ZDcIvZcGqUrggmq0AbLxjntiO3w3tdCLGMid0NtI5qdUw9Ondsvy7BWmFJPAZZvEfsBAhCXRWYEeZC08mip6YwH3u%2Do8jg%5FlApIYuL5UwqihDthKY4tIvNkaMQNsjL%2D3VoL8evy%2DvcZEkR2KEtR0mq2Gr1BJt4QWFoi0BbZgbB0I9WQvEJbZnHj5qnaZ6UmXRPUs4yk0P81s%2DJXnlF%26adurl%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4285695&gdpr=&gdpr_consent=&kid=2958451&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCb5IxyfOMYb6UEMji3wOkibyQC6-Fi85k24DKhOUO8C4QASCkrNF9YJWCgIDEB8gBCakCZiM-sPFBsz6oAwGqBIMCT9A5-dJP051qBIjstDo2MyJK0nnydOu2XerPAilcfkju7ZNvYasbtWaiRThKo98-TLuEvlt8WBR4_fSRgFEz7n24zuhmL_RPd3O3G-03NwKyqDaudQ-VMaCEvnI6bOfLmakc3cg8wQHU1g_LxKLLwFyOjCX7TjCPJPJDugrFmxpVB2yGpqS9myP1rHEiYxqAgcQMSuKFH_m8MEPe9LPmp-AXgzbTtpMCp4-1x7UlxatbhDcgJAITM6_6fj68a0WsAqo349xC7iEp0h0fyN57AnhUlDyfTBfcDuXJUK9rv_UGsM0aNVtArye7qKzoyphoqofdoc7NCSQyJM4Vxhgdf-v00sAE_OTPmNIC4AQDkAYBoAZNgAesqMu9AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMjYyMzAyMzcxMzk5NDAxMYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRobNwbnnwgJ4FcvI9DdhiVA1_52w%26sig%3DAOD64_2afsl0RX1NeD-ngEhkqlCCaU3TWA%26client%3Dca-pub-4079053777895441%26dbm_c%3DAKAmf-D6GzS4OcjYfNrLABCV1s110CmDQkNlAaxfWv1Iiqn7x06v9Qbj90NUuHi5bxuJPPCCYDlZ6U5QpTBaReCe__7-9v-FWgUnoAIKH3E_e6l9LVW3KgwWaq90kyBykyoKYMhTTiwjjfKX7DKHtNlr0fSRiyu6dQ%26cry%3D1%26dbm_d%3DAKAmf-DPMjusC5EFIvuN5l8lcEv3_xPtbtgc6jnYN301YvtYOWCs7Ck0sa6NbcGCH4n_TUIEFYegF96-e8rWK28oO7nBqZZHaRp6DBLvkNC0PDvI6RgEeLwTxB2v9S6s7MrCA-Q70agJGaqx0XV1jwQtk7rOBl43nB8zitUGCE_EVEzaw1Y6ZRxRYK403D_FwVmxVxSxgbFq_y4C46ThSHUmfn-0uQPfflfqANh2Lc6VKIY347wqo69do5ZDcIvZcGqUrggmq0AbLxjntiO3w3tdCLGMid0NtI5qdUw9Ondsvy7BWmFJPAZZvEfsBAhCXRWYEeZC08mip6YwH3u-o8jg_lApIYuL5UwqihDthKY4tIvNkaMQNsjL-3VoL8evy-vcZEkR2KEtR0mq2Gr1BJt4QWFoi0BbZgbB0I9WQvEJbZnHj5qnaZ6UmXRPUs4yk0P81s-JXnlF%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: a7d4139a86f5c5467ae6cb400f0ae7b95995f6ed3da681d17ce1cf8fdc6a0ca1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 11:43:22 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
content-type: text/javascript
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame C793 568 B
723 B 14ms
13ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4285695&adjsver=3&fvers=&iframe=1&ref=http%3A//extra.com.co/&ro=https%3A//795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/95.0.4638.54%20Safari/537.36&os=17&browser=11&userid=0&kid=2958451&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXuCkyfOMYb2UEMji3wOkibyQC6%2DFi85k24DKhOUO8C4QASCkrNF9YJWCgIDEB8gBCakCZiM%2DsPFBsz6oAwGqBIMCT9AbmxpfE7nBvxNc7qnjFN4lsRLV48NiCNtD%5Fljci6sdDqVuxyqsqihuPFn1O31yHw1Enqbkcc0%2D0Te%2DdxmTZ0DhC7%5FTafGzQFvTQxA63Hxd4QsrhE%5FCPvzIn4gXnVgZknmeEgOXVRqlydQw46bQegtMpP%2DYaK%2DmBho7vn%2D43TdoCG9R4K32xCrZps9MFI5Ziky8lszIwCCi8lZ1govzpvKT0I%5FiF4a1rDTTw%5FOzHLMsHyqRuOjyvJZeXQMugxgnXr4gGBSyB8Dm0lDxqw2VI1ZL82yj2xCw38BM35mMPSVaTE8a6Tu1kw4sWygLwVXe%2Dwew6ugGHM52cUHIP4BQ5ekmV8AE%5FOTPmNIC4AQDkAYBoAZNgAesqMu9AagHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMjYyMzAyMzcxMzk5NDAxMYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRobALMCTSw%2DIqckjFD7kbGLeOrIQ%26sig%3DAOD64%5F26wXnRK4N7pDbRuF8Uh2vHKg9eTw%26client%3Dca%2Dpub%2D4079053777895441%26dbm%5Fc%3DAKAmf%2DDUIl%2DT%5FN9AtH2Eh6alzUn0f5S532mLcm6PXjc93Br%5FgD%5F2%5FqEFFS2YwUQE4J%5FFlO%2D%5F%2DxWPzgjZTO%2DXpaa9LxNEd7wS%2D3HJdFoN6DiktxKL%2DNN9a%5Fm7KIUymrAO2wtmibcQtNsJms1S0AcODYV5Oe%5FhbpTzEg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBAKRVcT5eWkp1a%5Fv34RsbY71K%2DnV82wtI38qk5AHu1nUfRC2bM%5FwuIXpiSpXQ2f%2DBbro55XxcSQ9v10EWSHlUfFa9qRaaTUuCdfRsuIu6yqAAdxXmnD%2DWZTHKvoE5X2pBpjdnibZBSv1RgK6fDD%2D8Ss9Be3o%2DxT3s9jTfjf8F0vE5vPdm35waAxdXLHZS6zZUDAahzNMe0YDJHJbOjxlVwYGy6qEE%2DUj2%5FR%2Dau40HJWO%2DAQ2UeHdMOwTykgi9wv2U9tw6%5F4j9M9Xrx0Ap11Gu%5FABCSFM4ysJjMX0swaVHRaDoyPIp%5FtBouSRfKixKbo56PuEWXxorEQtLFL0ramIzTCvcpVfmmRsPtVjykE40B5VB2BsbokLAtNHwUw9ch506MFo62g6wv6QtYNOQ9s08j5v715fGQ%5F9FzNZliTK3jEGtCr8pFxIgA943XFpRO8oQoYLB0%26adurl%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4285695&gdpr=&gdpr_consent=&kid=2958451&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCXuCkyfOMYb2UEMji3wOkibyQC6-Fi85k24DKhOUO8C4QASCkrNF9YJWCgIDEB8gBCakCZiM-sPFBsz6oAwGqBIMCT9AbmxpfE7nBvxNc7qnjFN4lsRLV48NiCNtD_ljci6sdDqVuxyqsqihuPFn1O31yHw1Enqbkcc0-0Te-dxmTZ0DhC7_TafGzQFvTQxA63Hxd4QsrhE_CPvzIn4gXnVgZknmeEgOXVRqlydQw46bQegtMpP-YaK-mBho7vn-43TdoCG9R4K32xCrZps9MFI5Ziky8lszIwCCi8lZ1govzpvKT0I_iF4a1rDTTw_OzHLMsHyqRuOjyvJZeXQMugxgnXr4gGBSyB8Dm0lDxqw2VI1ZL82yj2xCw38BM35mMPSVaTE8a6Tu1kw4sWygLwVXe-wew6ugGHM52cUHIP4BQ5ekmV8AE_OTPmNIC4AQDkAYBoAZNgAesqMu9AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMjYyMzAyMzcxMzk5NDAxMYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRobALMCTSw-IqckjFD7kbGLeOrIQ%26sig%3DAOD64_26wXnRK4N7pDbRuF8Uh2vHKg9eTw%26client%3Dca-pub-4079053777895441%26dbm_c%3DAKAmf-DUIl-T_N9AtH2Eh6alzUn0f5S532mLcm6PXjc93Br_gD_2_qEFFS2YwUQE4J_FlO-_-xWPzgjZTO-Xpaa9LxNEd7wS-3HJdFoN6DiktxKL-NN9a_m7KIUymrAO2wtmibcQtNsJms1S0AcODYV5Oe_hbpTzEg%26cry%3D1%26dbm_d%3DAKAmf-BAKRVcT5eWkp1a_v34RsbY71K-nV82wtI38qk5AHu1nUfRC2bM_wuIXpiSpXQ2f-Bbro55XxcSQ9v10EWSHlUfFa9qRaaTUuCdfRsuIu6yqAAdxXmnD-WZTHKvoE5X2pBpjdnibZBSv1RgK6fDD-8Ss9Be3o-xT3s9jTfjf8F0vE5vPdm35waAxdXLHZS6zZUDAahzNMe0YDJHJbOjxlVwYGy6qEE-Uj2_R-au40HJWO-AQ2UeHdMOwTykgi9wv2U9tw6_4j9M9Xrx0Ap11Gu_ABCSFM4ysJjMX0swaVHRaDoyPIp_tBouSRfKixKbo56PuEWXxorEQtLFL0ramIzTCvcpVfmmRsPtVjykE40B5VB2BsbokLAtNHwUw9ch506MFo62g6wv6QtYNOQ9s08j5v715fGQ_9FzNZliTK3jEGtCr8pFxIgA943XFpRO8oQoYLB0%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: a7d4139a86f5c5467ae6cb400f0ae7b95995f6ed3da681d17ce1cf8fdc6a0ca1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 11:43:22 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
content-type: text/javascript
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B027 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 611b28ce74fad1789e98c2a1e6d26aabe316ee0ecdab315ff4b0707c9a4f893f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 117B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5feebbbfd071e81df63c1182b125b0f65d65bd0070dd33855b91b004a212a44b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
88ms Preflight
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:23 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: http://extra.com.co

POST
H2 200 t Show response
t.lkqd.net/ Frame 267B 0
161 B 97ms
96ms XHR
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:23 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid_d700fabb.js Show response
vpaid.springserve.com/production/ Frame 6E77 494 KB
87 KB 63ms
7ms Script
application/javascript 2600:9000:206f:e000:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e000:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 15:21:15 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 15:00:52 GMT
server: AmazonS3
age: 1106529
etag: W/"00394b9cabf75acc9a4061ae555e3473"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: jCvU1za_mlMUbW02tBe0oymSV-jiql03k1MTws_WReiUTE3f2iUgow==

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK 0s3p1fkb96mt Show response
ad.ad-srv.net/zone/ Frame ED52 10 KB
3 KB 13ms
2ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/0s3p1fkb96mt?subid=&redirectClick=
Requested by: Host: extra.com.co
URL: http://extra.com.co/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 3199231cee9a62eb1be74f3f27d9a41469d1e3560f4e4e480cdf530c51f16cc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2657
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 267B 0
161 B 93ms
92ms XHR
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:23 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
88ms Preflight
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:23 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: http://extra.com.co

GET
H/1.1 200
OK 0s3p1fkb96mt Show response
ad.ad-srv.net/zone/ Frame C793 10 KB
3 KB 5ms
2ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/0s3p1fkb96mt?subid=&redirectClick=
Requested by: Host: extra.com.co
URL: http://extra.com.co/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: a660e8fed971bfee88d4330609c270eee029663f4941b21f2969d0dddcd953d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2659
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AAA6 42 B
110 B 48ms
47ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZHHRR0iNxV9ih4XNJNlzh0vw6DXzcwD902Les3ZuwPg6Mdxzl-IdOmWY7xCfjJT-gK9F2fz4HqdPQPHBjfXSo8LgxzJ6oUifghLtIXNsSGrXvm1tPYg&sai=AMfl-YThzVoQTT5FItemGu3zJANUkorS3j8vKKdiZaC5ui4p8937GxWWKJ5K8eHtX7kQqTePjLHHcdyZsq98UJMdyiJBbBLJI0JIeyECA9L0zo7NMP_D4Dh-0zWrBg2fDgd_&sig=Cg0ArKJSzAkib4yKNnuwEAE&id=ampim&o=315,545&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1032&mtos=0,0,1032,1032,1032&tos=0,0,1032,0,0&tfs=109&tls=1141&g=100&h=100&tt=1141&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2549754916

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
ad2.ad-srv.net/ Frame ED52
Redirect Chain

https://ad2.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=f2e6ba3e4a&subid=&uid=e75ab0cfa1ef42eb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90...
https://ad2.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=f2e6ba3e4a&subid=&uid=e75ab0cfa1ef42eb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90...

2 KB
1 KB

27ms
23ms

Script
application/x-javascript

46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=f2e6ba3e4a&subid=&uid=e75ab0cfa1ef42eb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=http%3A%2F%2Fextra.com.co%2F&ancestorOrigins=http%3A%2F%2Fextra.com.co&random=1415193675117&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: c81774c8e8faf90432d6a108dd80f71cb1d3a58a7f6f7abeb863e589cc27a2b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 37829900059883500383828011775002
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 734
Expires: Thu, 11 Nov 2021 10:43:23 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:23 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=f2e6ba3e4a&subid=&uid=e75ab0cfa1ef42eb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=http%3A%2F%2Fextra.com.co%2F&ancestorOrigins=http%3A%2F%2Fextra.com.co&random=1415193675117&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 11 Nov 2021 10:43:23 +0100

GET
H/1.1

200
OK

request.php Show response
ad17.ad-srv.net/ Frame C793
Redirect Chain

https://ad17.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=2ee90b2087&subid=&uid=2460c6c1b22d3876&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x9...
https://ad17.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=2ee90b2087&subid=&uid=2460c6c1b22d3876&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x9...

2 KB
1 KB

27ms
25ms

Script
application/x-javascript

159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad17.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=2ee90b2087&subid=&uid=2460c6c1b22d3876&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=http%3A%2F%2Fextra.com.co%2F&ancestorOrigins=http%3A%2F%2Fextra.com.co&random=1202229261790&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 5b85bee04a11cc2c8efade613894ea8f1d8139cb1e28824fad666e3e8c9582dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 38593600072139500383828011775017
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 734
Expires: Thu, 11 Nov 2021 10:43:23 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:23 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=2ee90b2087&subid=&uid=2460c6c1b22d3876&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=http%3A%2F%2Fextra.com.co%2F&ancestorOrigins=http%3A%2F%2Fextra.com.co&random=1202229261790&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 11 Nov 2021 10:43:23 +0100

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 6E77 955 B
839 B 44ms
12ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627402649,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7f5bbef692ca510a3745a40d7c13f644ced94e022c73b326c10fa5e9a2b76aff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: http://extra.com.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 584
expires: Thu, 11 Nov 2021 10:43:23 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 6E77 0
212 B 21ms
21ms XHR
application/json 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-16-69.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://extra.com.co
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 303B 152 KB
36 KB 15ms
15ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627402649,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:23 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2

200

onepixel.gif Show response
tracking.mlsat02.de/ Frame A1EC
Redirect Chain

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=37829900059883500383828011775002&gdpr=&gdpr_consent=
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1636627403_&cachebuster=1636627403&awv=11430_473322_1636627403_31a7c680-42dc-11ec-9ee...
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NTEwMjE4MDM7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzY2Mjc0MDNfMzFhN2M2ODAtNDJkYy0xMWVjLTllZTItMjIzMWZjNT...
https://tracking.mlsat02.de/onepixel.gif

43 B
130 B

51ms
13ms

Document
image/gif

51.178.130.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.mlsat02.de/onepixel.gif
Requested by: Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=f2e6ba3e4a&subid=&uid=e75ab0cfa1ef42eb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=http%3A%2F%2Fextra.com.co%2F&ancestorOrigins=http%3A%2F%2Fextra.com.co&random=1415193675117&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.130.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3169999.ip-51-178-130.eu
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:23 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT

Redirect headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
P3P: CP="NOI CUR OUR STP"
Location: https://tracking.mlsat02.de/onepixel.gif
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Content-Length: 20
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive

GET
H/1.1 200
OK request_content.php Show response
ad2.ad-srv.net/ Frame 9C0A 3 KB
2 KB 5ms
2ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.ad-srv.net/request_content.php?s=37829900059883500383828011775002&a=d86f8321
Requested by: Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=f2e6ba3e4a&subid=&uid=e75ab0cfa1ef42eb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=http%3A%2F%2Fextra.com.co%2F&ancestorOrigins=http%3A%2F%2Fextra.com.co&random=1415193675117&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 495bcf7933806f448d6ceb132c85c748fb438f1a81822fae05e82e95884a3af3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 11 Nov 2021 10:43:23 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1210
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame ED52 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d9ffc9057de5fd034d5e446381d860a172ac7004a594efabea499712e21c75e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

onepixel.gif Show response
tracking.mlsat02.de/ Frame 1627
Redirect Chain

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=38593600072139500383828011775017&gdpr=&gdpr_consent=
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1636627403_&cachebuster=1636627403&awv=11430_473322_1636627403_31ab48f0-42dc-11ec-9ee...
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NTEwMjE4MDM7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzY2Mjc0MDNfMzFhYjQ4ZjAtNDJkYy0xMWVjLTllZTItMjIzMWZjNT...
https://tracking.mlsat02.de/onepixel.gif

43 B
129 B

51ms
14ms

Document
image/gif

51.178.130.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.mlsat02.de/onepixel.gif
Requested by: Host: ad17.ad-srv.net
URL: https://ad17.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=2ee90b2087&subid=&uid=2460c6c1b22d3876&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=http%3A%2F%2Fextra.com.co%2F&ancestorOrigins=http%3A%2F%2Fextra.com.co&random=1202229261790&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.130.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3169999.ip-51-178-130.eu
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:23 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT

Redirect headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
P3P: CP="NOI CUR OUR STP"
Location: https://tracking.mlsat02.de/onepixel.gif
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Content-Length: 20
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive

GET
H/1.1 200
OK request_content.php Show response
ad17.ad-srv.net/ Frame 86DA 3 KB
2 KB 5ms
2ms Document
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad17.ad-srv.net/request_content.php?s=38593600072139500383828011775017&a=56a5b190
Requested by: Host: ad17.ad-srv.net
URL: https://ad17.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=2ee90b2087&subid=&uid=2460c6c1b22d3876&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=http%3A%2F%2Fextra.com.co%2F&ancestorOrigins=http%3A%2F%2Fextra.com.co&random=1202229261790&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 06d807e854c6611003c9b5f5fe447c2920c57034908729fcfdae59481a34edff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 11 Nov 2021 10:43:23 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1212
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame C793 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66fe074261b49c6215ea03580483cb3937347e68e1eb2fd9d9f088d4daf31883

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3B88 38 KB
14 KB 15ms
6ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627402649,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=48835
expires: Fri, 12 Nov 2021 00:17:18 GMT
date: Thu, 11 Nov 2021 10:43:23 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 303B 38 KB
14 KB 16ms
8ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627402649,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:23 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=48835
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Fri, 12 Nov 2021 00:17:18 GMT

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame 9C0A
Redirect Chain

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950...
https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&...

1 KB
1 KB

132ms
24ms

Script
text/javascript

37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad2.ad-srv.net%2Fc%2Fckqvsgrcvf103ag%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__

Requested by

Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request_content.php?s=37829900059883500383828011775002&a=d86f8321

Protocol

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2031451eb0c922fd7e1f672d3c13476fef0c1470e1aa8251d958d143adfafddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 823
expires: -1

Redirect headers

location: https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad2.ad-srv.net%2Fc%2Fckqvsgrcvf103ag%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__
pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9C0A 0
0 12ms
11ms Image
text/html 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.awin1.com/cshow.php?s=2950366&v=11430&q=361931&r=473322&pref1=37829900059883500383828011775002&gdpr=&gdpr_consent=
Requested by: Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request_content.php?s=37829900059883500383828011775002&a=d86f8321
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-217.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 183 KB
41 KB 39ms
8ms Script
text/javascript 13.32.22.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: extra.com.co
URL: http://extra.com.co/core/assets/vendor/jquery/jquery.min.js?v=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-102.fra56.r.cloudfront.net
Software: /
Resource Hash: b3dca6992b4f8770bc3dba5f82f6325a82d2adabf685da88d950f6fe87b16716

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:38:16 GMT
content-encoding: gzip
age: 307
etag: W/"2dcf1-RQaJcGO9+DuZ32kDJGMESLkOoPg"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: miJcvQj8cOLXrE72dmoxlUmCSLlw_qmYlUT3lholfZNmz94ODahWGg==

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame 86DA
Redirect Chain

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950...
https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&...

1 KB
1 KB

96ms
24ms

Script
text/javascript

37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad17.ad-srv.net%2Fc%2Fcajzljrroftf9vw%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__

Requested by

Host: ad17.ad-srv.net
URL: https://ad17.ad-srv.net/request_content.php?s=38593600072139500383828011775017&a=56a5b190

Protocol

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f6cc094df7c0931c609dc9fbb03450ab7cc811fb222d6b110949827a3f84a09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 824
expires: -1

Redirect headers

location: https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad17.ad-srv.net%2Fc%2Fcajzljrroftf9vw%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__
pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 86DA 0
0 27ms
12ms Image
text/html 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.awin1.com/cshow.php?s=2950366&v=11430&q=361931&r=473322&pref1=38593600072139500383828011775017&gdpr=&gdpr_consent=
Requested by: Host: ad17.ad-srv.net
URL: https://ad17.ad-srv.net/request_content.php?s=38593600072139500383828011775017&a=56a5b190
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-217.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
ad2.ad-srv.net/ Frame 9C0A 0
150 B 9ms
3ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.ad-srv.net/viewability?s=37829900059883500383828011775002&a=07179899&vb=m
Requested by: Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request_content.php?s=37829900059883500383828011775002&a=d86f8321
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/request_content.php?s=37829900059883500383828011775002&a=d86f8321
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
ad17.ad-srv.net/ Frame 86DA 0
150 B 5ms
2ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad17.ad-srv.net/viewability?s=38593600072139500383828011775017&a=e9f1b976&vb=m
Requested by: Host: ad17.ad-srv.net
URL: https://ad17.ad-srv.net/request_content.php?s=38593600072139500383828011775017&a=56a5b190
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/request_content.php?s=38593600072139500383828011775017&a=56a5b190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3B88 2 KB
3 KB 54ms
12ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62748273&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: be98bdf0e84591deda4699412633ffb0c3dd582d758ccd3fae88983d958ece22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 60eba90b3b0b86001925a9b9.js Show response
buttons-config.sharethis.com/js/ 433 B
814 B 163ms
109ms Script
text/javascript 2600:9000:206f:7400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/60eba90b3b0b86001925a9b9.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18064e6b8af617388b35606b6397c93132adc95ab61684c612d08b9daace7ac7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 11 Nov 2021 10:43:24 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
last-modified: Mon, 12 Jul 2021 02:31:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "0b9d9f480b2983a9f36fadaa86686197"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 433
x-amz-cf-id: C68EInzIH3dT8mslU8Z9BPCnZQgmzXDh4LGa9R2_ZYdC8cymUi4hbw==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
333 B 32ms
8ms XHR
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=extra.com.co&location=%2F&product=inline-share-buttons&url=http%3A%2F%2Fextra.com.co%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%7C%20EXTRA&cms=unknown&publisher=60eba90b3b0b86001925a9b9&sop=true&version=st_sop.js&lang=en
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: http://extra.com.co
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 28B7 0
56 B 47ms
47ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bkpa_yvOMYaffJ6n-7_UP_saNuAEAAAAAOAHgBAI&bg=!VlWlVRHNAAYDGbPvAxk7ACkAdvg8WnZ7HaJepSm0XVeVQemVzGhgU1dSx5yTXKArCbAzyPj6TAvIgAIAAAKCUgAAADJoAQeZAxh5WO9UNvmISrkxmpoKHTJcCJfGkGir9bvppN3saxX2htNyJtAhBOqCJHgGfcR4yqmzyqRFpDSn0v727S4U2fvqsUoitHneIApjamJABCHGAw3ol9ml8dHffmUp2NIv_prsOrMGg9emIMXgHrL2uYYVObd7Qx81Xmt9lcGnif6NMr_IXsb8DTqbvTs4NM9DZE2Ju7J8ehd4QXJRu28kbnXwCu6rv7r0v0tNB7vwvV6-HiyUfGNuL-B3nFHs1DIezAzY7NPXV9anwZHdqjj3w8JgT_fwX4C4k0JNimY11bXYQRrFrNbduaH0uB1P0GRwbSPbIcbCoPvYv7OjjeMAM33GyRvWxdnEZZ-X5tVUXMBc4Nmhi4sn7IUFZd0vV0aicvBMC836XugnOYP5RxSVBGy0WPsMKmLI3WX-Jd4TNA11dPHQFbmz-deDCmlPnnlC_OcVyMXCYKzNjUnufH-Oeqoqnyzn4900GrtwyDAlnmTlaTyovaO6oA8JsPXwlMiUCXF4J00nLkg7tnJnELavAFm-mOHs4Y1F7qdNxK3LwEjpy85C29Q-7ZN1Y_DrcFNvGfVA_aXjHZy_wt6wIPWwHIXre6fq3Mv_l-vtQs7t7wfEfkj5HgVfns51GBFyjm8LjxlSqGvdxMy6LOBN_NAp7L1aXwfZMKc9eUDZF2qOcqlWVOX-wluIz1nOBKxfEyL_KqhTBx4L6LdZB0JU2VDC6vFlDf2xmugcX3_8KMflsdmU__psMvTuxaEkB-IjcJbsChRYazo37K2ZR62ZKM4O-bDdsCmKo111hIGCflzKgBZ1h00ycV6-ibpoakYrSGgBuuQMoGEpTJGHTeXRx_Wy57JmpIUoz4IpOkm3NAnmPzkUf68cWuTDXI9aUCQ4AAi1bkolOK30NydkglRjO8uUrOnPV4TP8Z5UsJQqnx_zX7pOnrXcvONLX_q9b87myXloeSRuFVQ1iXEHFOQGnBEgjGaNfNHptMrHZSryS1G59t0t-YR6CB1ZmyDClDTmbBPwnukzwIcpIABesJSLRblcdXoQenHdnwmyVAc

Requested by

Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F287 0
56 B 46ms
46ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKN3QyvOMYbSAKoOOrASCsqfIBwAAAAA4AeAEAg&bg=!mpmlmd3NAAYDGbPvAxk7ACkAdvg8WoctVC8aOgMHmwCSkQk7aZcIn-SBOyZ971uZtC7jHrhtgtKvBwIAAAMVUgAAACxoAQcKAF_sHca9X23uPUBrFu31L-aTrEcQyJe3W0M_bFH761KcZIuxCWEVIliOYgoUDgTY-eqexIZGQ0rpDG97wRkZGXrvywslBRqXvYufXQz-eMah4sU42acXqWUuhBPkNKZ_VZkDI62nMfgZsNIrzTAjkxeKolU-vWInkh0THDZ7dZa26seKvxtCE3PINfEp0hkAGXQwLH3-09rk2uYv3Vd5wmG7hQHbuTEERIj61B7F17ADWtyqgTvzUUyOBBtZViGn5lc1NaoSGuWCQPKzEImng3EzOjTux-qYsqlnoeFv2tj9UDgQwd8Fqhm1haxcKetmwViiCoRKCwXxwz51PlSFVHmbFGScvi-g9ySW-r2JRutkdFA2byNP-ANG0QO-aC9LQ6JuJsuc2lhibadVeJVHSERcefH-jw-8QEVgMaX3OK-7FFC5K39ZCcl3PI8nDw9JwE--OHF4ZYfaYgmq2YmbAM9pBFzFjOuReg_jlivARGjYPIOjQQ-RsVHH9SMudvQEO3HItNiDMKkiPA0yao5Qa-Bv-mLo5xbWNBfkTnqbUHYIGkE3jhttH5QmUsqRmvX6sq7bPlrZ-p6pQY5zJN13x5zvFDINBkezJLJdt3-0LTj509JVHFXSqEVdaRA0Xhy5_GNfzYRa8TbRXJ_5ImfT8zaUSfEx2KPYJ4cIc7vfODGX3l-cIpGwHrjkCk4oh_s_ywkBKKoYL6rTL_SrEPujBUyoBRkCJ2yFiRtXl84C3Jaqdt-ktOAICP0mqxLhEaZptXazANre4retklNnUCKF9-WlA5aO9rCL6H2cyQeKQhsBbhYlLgvHBAz3povLVOHBiXIv7gMUUyMEYt0mXsnPSw7hHgU2G1G3Q2ZlIVAHvq3d902fO-WDO8AC1jxJcUpr87i_rLG8lcSgGQ0a2ddSMwF9yHkWBOaIfuWJ8EPiVQWm5w00nSUdLlILjBShYYZVGBJThOvjFyjDWXW8JIIOzMEh0f0hM7qtlE-9-lar6w1Lnk5Ui9eb6yQ-7Cb_sR4CqRt82fkt9jbCZRWIcRVu7Q-BSF9J5oq9khcfe2krRhFTeCzxrrkn2G8DymADadL2scJd5AfZpsKtvUb9nxX4fv2-ZQWVpSXALlkUkjlSEfnhMSGcnkWLcobtndKa_p_0C_NQjNL6zh2UA6YyCcXpVJaOOpm4XXanbs0-ruD0JeVhFgiBML_w

Requested by

Host: 795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
URL: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 831F 0
56 B 48ms
48ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvFMWyfOMYcSUEMji3wOkibyQCwAAAAA4AeAEAg&bg=!RUalRgLNAAYDGbPvAxk7ACkAdvg8WolG7H6XViHZG1STDU_gyPmnLsXl6HMmamC_hg8PE7skUWaG4wIAAAKgUgAAACloAQeZA0cHCIHv6ZNHjaPpQV4PU_d96tA0Kb7PxSy_PH5jhae3E70Dno_tYNFTsbslXJZ6gfMpZ3zLzO_YeOVGNph3U4C1Pw5RoDHJovT93xgh9bLPl8piiEy18wR5YEc378avf8JmFYuGOALv6K-Hp9-e_JuDTDmMYjEThn8PsbIy0dnOB6wj5yzXH5uJKCT7fJ_bUzm4O3YmyGLW-gnWNNHPGW266khTHFxz6lhOdC0_jMKy5YpMmq4IuDsmgulRUHC55_TWLn9zOO0SVQo-fJdAMrNJSTIH26mErpKBNAEywe93tQuRx3p2_8aa60EA7Cmm9ajZfbLhWA7WsOy3vOa3_-XOqaCIIljBaujfvR-cDpA1OCNXq3iIC7rxRy20fvZoRGMhHvhW-4IPT5qdGiEylkjxeQ1OAqCBNdGWv6GZ7jQQQRErrRFvCgSJ39fUrEL-2VGYqlo9xRA1GZ8LPnUs2NGy5Q1XvmX7d9qYDuRP5TLV43RCe4dhE1XpUrxjJ-MlhlWfuxy3SekFbQOKNrOWsIH1doZhjpnNbbCSQDjuCna3hmhWLk8N6DTGdvbzHgtlv2b8KadSlxOcvrNXKRKYsFaXwrLJ0BgZwmUzZ2DAeRlM5cSH5A1L4SUhreEqjfNMEGiC-a7v8cAiIuJbn6nQTHzokfKSWWNisYFA-pEHg5JNvsCJad3FfCa9YGGZfCyRfK3jFM7nqMvnSxzxWEs90xTQkVGB4UYkEoGBY3kOmaHyL2aDiZ6o5VeXt2YjP0LtYvBxRcoiHhdxxbTdFiQ8fTvWUIAPhyjiM9VtCQ_Vq8ucG3iMTb80S3IoxwEbGQc6Brgkw_YLbtMelLwAJjiK5OAUxbVX0auDWYkJGYX_xjG_6lCbR8DYjSAQ5gks1HbFQJbp6YRW0XJ5fVFtBgHflGRiSuO3Kk5w2eAJjvvd7M3n6Gd_3IEapCaY2_HfdxVb_fKmUhS69oZmGzKZWIe0OyOdZfzkGkYgIcBmplvSb2MzGuS8SRaKEZ9jtdzDjLGy-QQnB3y_tRGOSfrDHHKMOs_CKIkJ2FHD8QeylsJ5dWv3m4EF-ynutsEC6QqKp7q07T2eDAe4TC5aIlmaKAQTtghZtT3OmUlrRA

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D05 0
47 B 46ms
46ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJQicyfOMYcOUEMji3wOkibyQCwAAAAA4AeAEAg&bg=!rK-lr-vNAAYDGbPvAxk7ACkAdvg8WpN9o3cXNCMnBjd1eySKON-hMemqVAWUPVEq2nrGkOcno-RS7wIAAAKcUgAAACBoAQeZA1jlcZ3bwHnZQb4snFcoN3-rOiCUEdikqoE1iHmwL-myQH_4A4aI7A46O8qZMnB04YEZAsKpKfpuNdG4MxccNUxYG8C08a44XpW4t8jp8qFHxvd--qYyxGDFd6iJz4Q9PV-u4xnQ7FE7VUrtQbpt9b_cjy90kVKZLu6WFCTSvR4JMEvEpd-4pHB9QPPzibKp7A8mhFWbLgUiylaECmvx5bF4X-HTTAcf8w0EdDxVgmcK16_r0vTLibq7sgPomabFEIDgSERlo-uFIF0ipo_jU7DZtjwADcUpLq0vv1EbUkhNZjdMQrpiCJqYNFKYtZ4WeEwCcSymCU477GtqRXrsSGrr0sEHoGUpJBUzYa5GAZY9HXeHnF9buCe2pwJhOAyIfjN45xxpuj6gH-sPDNOSNohNnTQKXgrvoosfZpdjsVu7qDhSfREY_cJxVDYYqZjq6V4Y4NDDy2eJrGkqwjEKsTY7vFZgHts8ECWjZ9bZ3JzrG5iNBk_z8f0aaORxC1XAgGlncMwsiYIRH7CwTIzIvaClVjkOhs1WMwcl4eH7RbI0u2rH2b5CLBllepGxTdVsV-JMlxDKubvR00UtX1-zRFEqG_9OKyE0kWxF5fUbhngOpmknSUkDGgjFae9Pl_ncXM3ZXT5T9AWCFYIXigRQ3s1UF-xu6EnLadbI77xXWMz0DjVTvTHA8stqaFjMMXR4RwgGhxNyXm3Tm7ZhtsplAyxguhAQFPjg-KmCdCGF3JJUAOQbvH84zhQ2KJmj8bjwuLGGOp-wUPAIr4oFDaFpfY08I0ZvG8CaDBWZkdSHD9xdBxS-rd5U9Y1ecjQkQdHEdFPEI9xXVAuhkb7tcigvcXCVRk8MRueA9VgWONImJFfgkLEEd9B5YBd-JaBdzysZN3NrvqbO45Ogz8d_RnQu5Z_bT1d0ufgnF7hp3Fr7yVHXhYMumyH_zJ48Vkfe6-f3kHigHmOC32vaofMeP9G9-lL19F-hYqtMA9MWeVDjYV5XDiER-vb7rOoMfhlRXSp5PBLcqtrYD9QHHB8FAD8N1atdvoSmWiUP3s57gXP6Z-u9yBIdclE043u4UxoJgWFgLHvW0W6C5UsmUfl21R2NM5wRXmaInUthMf2kbd-7x01gL9AhEDaQ4WdS

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame EB1E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03

35 B
467 B

36ms
35ms

Document
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:23 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Thu, 11 Nov 2021 10:43:23 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A6C0
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4963301923403430068

42 B
209 B

12ms
12ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4963301923403430068
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:23 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug008:0:382
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4963301923403430068
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 2FD2 43 B
334 B 42ms
14ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 11 Nov 2021 10:43:23 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Thu, 11 Nov 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 541451

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3B88
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4lotaQwERfi6Hl5SyP17Aw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

13ms
7ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:23 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=61916
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Fri, 12 Nov 2021 03:55:19 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 3B88
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f57e618c-f3cb-4800-9c64-be483d4dc889

0
260 B

96ms
26ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f57e618c-f3cb-4800-9c64-be483d4dc889
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f57e618c-f3cb-4800-9c64-be483d4dc889
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 11 Nov 2021 10:43:22 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 3B88
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=eea4d2da1de04e99fd52af7ebfd8d7aa

35 B
248 B

15ms
14ms

Image
image/gif

51.210.112.63
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=eea4d2da1de04e99fd52af7ebfd8d7aa
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Server: 51.210.112.63 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-3.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Thu, 11 Nov 2021 10:43:24 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=eea4d2da1de04e99fd52af7ebfd8d7aa
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3B88
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTI1QTJENjktMEMwNC00NUY4LUJBMUUtNUU1MkM4RkQ3QjAz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

23ms
21ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
cache-control: no-store, no-cache, private
x-lat: amspug016:0:2604
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3B88
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKsl0xswVLgYk9aa-UEkcrk&google_cver=1

42 B
590 B

21ms
20ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKsl0xswVLgYk9aa-UEkcrk&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:387
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKsl0xswVLgYk9aa-UEkcrk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 3B88 43 B
616 B 69ms
11ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 10 Nov 2021 10:43:23 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3B88
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a370618c-f3cb-4800-a483-d154c4359647&gdpr=0&gdpr_consent=

42 B
498 B

91ms
27ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a370618c-f3cb-4800-a483-d154c4359647&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:23 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:639
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 11 Nov 2021 10:43:23 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a370618c-f3cb-4800-a483-d154c4359647&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 11 Nov 2021 10:43:22 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3B88
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3287583082620706528

42 B
544 B

74ms
26ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3287583082620706528
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:489
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3287583082620706528
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3B88
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3407eb1d-2814-4550-832f-6d0dccd0a331

42 B
292 B

26ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3407eb1d-2814-4550-832f-6d0dccd0a331
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:23 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:439
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:24 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3407eb1d-2814-4550-832f-6d0dccd0a331
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3B88
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8725330688953216047&gdpr=0&gdpr_consent=

42 B
365 B

68ms
21ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8725330688953216047&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:22 GMT
cache-control: no-store, no-cache, private
x-lat: amspug017:0:363
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:23 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 33e6939e-f379-4d9c-bdbe-37ce6e21ff2f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8725330688953216047&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3B88
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jGFy3NxjKd2XNXOHgmlnidlgc46XM3mMjmnLMvlm

42 B
272 B

20ms
19ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jGFy3NxjKd2XNXOHgmlnidlgc46XM3mMjmnLMvlm
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug019:0:438
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jGFy3NxjKd2XNXOHgmlnidlgc46XM3mMjmnLMvlm
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 9C0A 33 KB
16 KB 108ms
22ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: tracking.mlsat02.de
URL: https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad2.ad-srv.net%2Fc%2Fckqvsgrcvf103ag%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 12 Nov 2021 14:21:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 86DA 33 KB
16 KB 121ms
36ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: tracking.mlsat02.de
URL: https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad17.ad-srv.net%2Fc%2Fcajzljrroftf9vw%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 12 Nov 2021 14:21:43 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 117B 42 B
108 B 69ms
48ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXHgWMZFmzb3On9JtIsKXU0qrumqFueRhcIC4EduHr1SRnarPPdNaWuWGqwf84ceCkgTcvfUCi02w7ho24va_5_rtDhu3iKFkDZMtyHORJzzb4_SQJtQ&sai=AMfl-YSx6iZD-QFFXNBmIydKy9fXOzE7Ausb0iZeevCdXY2hLGh9cuwfY2-Dk-KZnfLkXr7q4w8D-zEXqbVe0DA38t5r44eygorbasPfnvqD1WSx4b4KA_6rQiZknYZjmiSp&sig=Cg0ArKJSzFeWa_YzRE4BEAE&cid=CAASFeRo0dXQx9Inx_wGjlM6L_4up_i9fg&id=lidar2&mcvt=1009&p=236,1440,840,1560&mtos=0,1009,1009,1009,1009&tos=0,1009,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=4040942019&rs=4&la=0&cr=0&vs=4&r=v&rst=1636627402224&rpt=412&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B027 42 B
497 B 63ms
45ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNc1GqQy4wA-ysNh5_E0tt-pADpsr25D6-sB0dFWua-x3vE50QK6b471JYDSPQ14Ubuw_Sgcdwxoe3H4JH87qIzCkuphDuvUm677dCincaV4XoOWZ7ug&sai=AMfl-YQ0o6rfU_42npz8oE95qj55QfJ18jTxIQw6kEW7rTZefR3cTOtLspFaazqhd50urgCrRv1rYHr3hTa61Xo_hd3NlQyPT-0EVCVdYrb-SA7ey5ru0AU-9-v4LPPJABxr&sig=Cg0ArKJSzK3V7Ht0nnzaEAE&cid=CAASFeRoNQ8XEk6H6QdVz7si9ozeacFY6A&id=lidar2&mcvt=1011&p=236,0,840,120&mtos=0,1011,1011,1011,1011&tos=0,1011,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=3386063186&rs=4&la=0&cr=0&vs=4&r=v&rst=1636627402249&rpt=360&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 9C0A 7 KB
3 KB 20ms
20ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad2.ad-srv.net%2Fc%2Fckqvsgrcvf103ag%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__;js=1;adfxid=1x;3137;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=http%3A%2F%2Fextra.com.co

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

436fcad737564acf0dd581a9bb4f3025b67652c344f780c90a870265d8bfd933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:24 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2592
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 86DA 7 KB
3 KB 22ms
22ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad17.ad-srv.net%2Fc%2Fcajzljrroftf9vw%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__;js=1;adfxid=1x;7452;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=http%3A%2F%2Fextra.com.co

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fa9596229044fd9c305af8360aa8181bdaa2d2c212c2ce5e9bd99753597009f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:24 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2583
expires: -1

GET
H/1.1 200
OK 908cbadb724971cc9012ced767276cc8
aaa.artefact.com/trck/eview/ Frame 9C0A 43 B
1 KB 200ms
133ms Image
image/gif 51.68.117.182
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=49420565&tg=tvmtmtxx&ckurl=1
Requested by: Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request_content.php?s=37829900059883500383828011775002&a=d86f8321
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.117.182 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:24 GMT
Server: nginx
X-IPLB-Request-ID: 88F3C651:799D_334475B6:01BB_618CF3CC_B9E16:10231
X-IPLB-Instance: 36559
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-control: private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive: timeout=20

GET
H/1.1 200
OK 908cbadb724971cc9012ced767276cc8
aaa.artefact.com/trck/eview/ Frame 86DA 43 B
1022 B 135ms
76ms Image
image/gif 51.68.117.182
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=49506874&tg=tvmtmtxx&ckurl=1
Requested by: Host: ad17.ad-srv.net
URL: https://ad17.ad-srv.net/request_content.php?s=38593600072139500383828011775017&a=56a5b190
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.117.182 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PHP/7.2.26
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:24 GMT
Server: nginx
X-IPLB-Request-ID: 88F3C651:799F_334475B6:01BB_618CF3CC_BAC2B:2FF21
X-Powered-By: PHP/7.2.26
X-IPLB-Instance: 36560
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-control: private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 303B 27 B
0 111ms
28ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627402649,,&us_privacy=&cb=1636627403269&SAVersion=2&inIframe=1&pageURL=http%253A%252F%252Fextra.com.co%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=http%253A%252F%252Fextra.com.co%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-11%2010:43:23&ranreq=0.29900185212089636&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627402649,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: http://extra.com.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 9C0A 90 KB
39 KB 24ms
24ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 12 Nov 2021 14:21:51 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 86DA 90 KB
39 KB 22ms
22ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 12 Nov 2021 14:21:51 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 9C0A 35 B
468 B 19ms
19ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=49556873&csi=qSvpwO3RIxghVLqAR2UhIC23pXP_NK2EbtqX7julrhkJDwKV3Zer3M70eQ0beTBgGKSHNf-D-g0cTYoYX5Nh3t6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad2.ad-srv.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:24 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ad2.ad-srv.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 6E77 67 B
712 B 112ms
111ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=http%3A%2F%2Fextra.com.co%2F&_fw_gdpr=&_fw_gdpr_consent=&cb=1636627402649&width=400&height=225&dnt=&ip=146.20.128.77&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&schain=1.0,1!vidoomy.com,55941,1,1636627402649,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:24 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1636627404250046-334
Expires: Thu, 11 Nov 2021 10:43:24 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame 6E77 0
61 B 30ms
7ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636627403&wa=0&e=96&ier=901
Requested by: Host: extra.com.co
URL: http://extra.com.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
content-length: 0
content-type: text/html

GET
H2 200 10483164.js Show response
s1.adform.net/Banners/Elements/Files/2068258/10483164/ Frame C395 25 KB
10 KB 19ms
19ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10483164/10483164.js?ADFassetID=10483164&bv=514

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c062dddc453b3e09ad7ddd230d0ba85be0ae9db327698abe1689478b212528cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 08:17:30 GMT
server: nginx
etag: W/"6183971a-65c7"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

POST
H2 200 /
track.adform.net/csimpr/ Frame 86DA 35 B
460 B 20ms
19ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=49556873&csi=J7OR6DWQ3y2NMi_WKU6Ag1udXAr2ILnvJPfqLNNkMTQJDwKV3Zer3M70eQ0beTBgYspMkkaPkpgpuBeYDx1gZt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad17.ad-srv.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:24 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ad17.ad-srv.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 10502500.js Show response
s1.adform.net/Banners/Elements/Files/2068258/10502500/ Frame D826 29 KB
11 KB 18ms
17ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10502500/10502500.js?ADFassetID=10502500&bv=514

Requested by

Host: extra.com.co
URL: http://extra.com.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f46867ffd552b3aaf3581b9a6e068fb1d1134605fad12a6aed779b567fbf1928

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 08:18:42 GMT
server: nginx
etag: W/"618a2ee2-734f"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame C395 30 KB
13 KB 18ms
18ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:21 GMT
server: nginx
etag: W/"609e6e89-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 728x90_bg.jpg
s1.adform.net/Banners/Elements/Files/2068258/10483164/bvpath_514/ Frame C395 4 KB
5 KB 19ms
18ms Image
image/jpeg 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10483164/bvpath_514/728x90_bg.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

171dc87b7a2395bc1b2f635e6ac2492433e4d5f1de93d3005f921f08fa1053da

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
last-modified: Thu, 04 Nov 2021 08:17:27 GMT
server: nginx
etag: "61839717-114e"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 4430

GET
H2 200 728x90_tv.png
s1.adform.net/Banners/Elements/Files/2068258/10483164/bvpath_514/ Frame C395 20 KB
20 KB 21ms
20ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10483164/bvpath_514/728x90_tv.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4f4a3270abc23449722d8a8358363fa1d4f0ff7fa0b243c3241a8b4672936cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
last-modified: Thu, 04 Nov 2021 08:17:29 GMT
server: nginx
etag: "61839719-5016"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 20502

GET
H2 200 728x90_tablet.png
s1.adform.net/Banners/Elements/Files/2068258/10483164/bvpath_514/ Frame C395 8 KB
9 KB 23ms
23ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10483164/bvpath_514/728x90_tablet.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5c205a9db4b353d8cc960c9362b97ec99d9780a5031a48e559fdf7fc151c9f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
last-modified: Thu, 04 Nov 2021 08:17:27 GMT
server: nginx
etag: "61839717-20ed"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 8429

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame D826 30 KB
13 KB 19ms
19ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:21 GMT
server: nginx
etag: W/"609e6e89-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 FLIP_728x90_BG.png
s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/ Frame D826 2 KB
2 KB 19ms
16ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/FLIP_728x90_BG.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

59dbea95d5c3317128515162bb88bff9bf63853cf91289a3130fd00f94faef9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
last-modified: Tue, 09 Nov 2021 08:18:42 GMT
server: nginx
etag: "618a2ee2-8a9"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2217

GET
H2 200 FLIP_728x90_shape1.png
s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/ Frame D826 1 KB
1 KB 19ms
14ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/FLIP_728x90_shape1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4d10aa8d8a05282239e39d3a2c1968f5720e540bc10c36fe15aa5caf112c97ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
last-modified: Tue, 09 Nov 2021 08:18:42 GMT
server: nginx
etag: "618a2ee2-427"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1063

GET
H2 200 FLIP_728x90_Text.png
s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/ Frame D826 5 KB
6 KB 20ms
16ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/FLIP_728x90_Text.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9f66a8bf35477c237ece6bc9018a59bdee18cfd50755fcc2fc7b9aad9daa020e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
last-modified: Tue, 09 Nov 2021 08:18:42 GMT
server: nginx
etag: "618a2ee2-1514"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 5396

GET
H2 200 FLIP_728x90_shape.png
s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/ Frame D826 578 B
874 B 20ms
16ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/FLIP_728x90_shape.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e30c0e7b8ee5951abd2663cca6a2e3fbd79953cc0d311d87509d1d1976506654

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
last-modified: Tue, 09 Nov 2021 08:18:42 GMT
server: nginx
etag: "618a2ee2-242"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 578

GET
H2 200 FLIP_728x90_oneSideA.png
s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/ Frame D826 6 KB
6 KB 20ms
17ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/FLIP_728x90_oneSideA.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9574f766075425bf32f5da6f8681b14a7f0ffec733f73bc65b81fed9e28bcba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
last-modified: Tue, 09 Nov 2021 08:18:44 GMT
server: nginx
etag: "618a2ee4-16a5"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 5797

GET
H2 200 FLIP_728x90_oneSideB.png
s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/ Frame D826 3 KB
3 KB 20ms
17ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/FLIP_728x90_oneSideB.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fc8d8b9759034f20168f51c516debfb99e0687101073f87faca73b18747eafe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
last-modified: Tue, 09 Nov 2021 08:18:42 GMT
server: nginx
etag: "618a2ee2-c76"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3190

GET
H2 200 FLIP_728x90_twoSideA.png
s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/ Frame D826 11 KB
11 KB 21ms
18ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/FLIP_728x90_twoSideA.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

48a8c57d8aca989c0ed618449168a86a265623363c878157ed0fbfde2d2bebdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
last-modified: Tue, 09 Nov 2021 08:18:42 GMT
server: nginx
etag: "618a2ee2-2cab"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 11435

GET
H2 200 FLIP_728x90_twoSideB.png
s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/ Frame D826 2 KB
2 KB 21ms
19ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/FLIP_728x90_twoSideB.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a6bf7f10a17ce06a7307d1a9db9170035ade7bca3d6931507561c34585a8696f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
last-modified: Tue, 09 Nov 2021 08:18:44 GMT
server: nginx
etag: "618a2ee4-856"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2134

GET
H2 200 FLIP_EndSeq_Screen_728x90.png
s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/ Frame D826 17 KB
17 KB 23ms
21ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10502500/bvpath_514/FLIP_EndSeq_Screen_728x90.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b33c2a1a8af3dd9444c2ee084596d105caa30283325f653692f2b1e498ce99e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad17.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
last-modified: Tue, 09 Nov 2021 08:18:44 GMT
server: nginx
etag: "618a2ee4-44ae"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 17582

GET
H/1.1 200
OK TeleNeoWeb-ExtraBold.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame C395 43 KB
43 KB 140ms
39ms Font
application/font-woff 52.218.121.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-ExtraBold.woff
Requested by: Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request_content.php?s=37829900059883500383828011775002&a=d86f8321
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.121.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9

Request headers

Referer: https://ad2.ad-srv.net/
Origin: https://ad2.ad-srv.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:25 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:49 GMT
Server: AmazonS3
x-amz-request-id: Y2M5W384K40W650Z
ETag: "d7f0b1ef39025154e8517b4aa705d0bc"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43544
x-amz-id-2: cFcUISaFi3J+kR7d//IoGNJmm4DlEx1BOiIf96M/Jg0dKEaUDFI4c2OUojNYwaaMm1Nd7bgRQC4=

GET
H/1.1 200
OK TeleNeoWeb-Regular.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame C395 42 KB
43 KB 144ms
40ms Font
application/font-woff 52.218.121.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-Regular.woff
Requested by: Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request_content.php?s=37829900059883500383828011775002&a=d86f8321
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.121.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03

Request headers

Referer: https://ad2.ad-srv.net/
Origin: https://ad2.ad-srv.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:25 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:53 GMT
Server: AmazonS3
x-amz-request-id: Y2M84P5K81F1WPCV
ETag: "41b43bece8523c4d26acc3b30d11019f"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43468
x-amz-id-2: Qc1s5d5VSvm1s5/Fn05vH1F5RcAXo1ZfA7FIXX5+aGq8TQQ7aLFab77Lu0BnY3x4K3Sep6D2Ki8=

GET
H/1.1 200
OK TeleNeoWeb-ExtraBold.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame D826 43 KB
43 KB 145ms
51ms Font
application/font-woff 52.218.121.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-ExtraBold.woff
Requested by: Host: ad17.ad-srv.net
URL: https://ad17.ad-srv.net/request_content.php?s=38593600072139500383828011775017&a=56a5b190
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.121.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9

Request headers

Referer: https://ad17.ad-srv.net/
Origin: https://ad17.ad-srv.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:25 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:49 GMT
Server: AmazonS3
x-amz-request-id: Y2M2ZKQ78KC1K4YA
ETag: "d7f0b1ef39025154e8517b4aa705d0bc"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43544
x-amz-id-2: 8wrL4YmEqo8GiAEdLeRU0iqiIlmHU8NabQqHLf3ljrYmCTkjTSqgqes+YzK0mm9Qd7IKcOjCesk=

GET
H/1.1 200
OK TeleNeoWeb-Regular.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame D826 42 KB
43 KB 141ms
43ms Font
application/font-woff 52.218.121.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-Regular.woff
Requested by: Host: ad17.ad-srv.net
URL: https://ad17.ad-srv.net/request_content.php?s=38593600072139500383828011775017&a=56a5b190
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.121.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03

Request headers

Referer: https://ad17.ad-srv.net/
Origin: https://ad17.ad-srv.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:25 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:53 GMT
Server: AmazonS3
x-amz-request-id: Y2M5KR950ARC4AGC
ETag: "41b43bece8523c4d26acc3b30d11019f"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43468
x-amz-id-2: qI+y9m13LoET6lb44L+giSGqRQ4Buw/xI5DMCY+EPrKGQDF9kgwM4/P57YK7Y/2uIyqvk3AxTMM=

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 6E77 67 B
712 B 120ms
120ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=http%3A%2F%2Fextra.com.co%2F&_fw_gdpr=&_fw_gdpr_consent=&cb=1636627402649&width=400&height=225&dnt=&ip=146.20.128.77&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&schain=1.0,1!vidoomy.com,55941,1,1636627402649,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:24 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1636627404336066-368
Expires: Thu, 11 Nov 2021 10:43:24 GMT

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 6E77 0
114 B 310ms
101ms XHR
text/plain 3.141.243.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=9a177fda&ps_id=356921&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.243.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-141-243-179.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:24 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 23ms
23ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2afa700dc4f680f41916f76cc23395cbfc2f5ac7bddc7c791832937bcf8527a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9153
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 11 Nov 2021 10:43:24 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1D80 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 11 Nov 2021 07:19:12 GMT
expires: Fri, 11 Nov 2022 07:19:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DCCD 783 B
919 B 16ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8792afee473b1b3b939be6765e2c99cb52bb74a549d13e27c80ea1eafb692dc3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jXVOXG11rTv0LQVFc5Mnkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 11 Nov 2021 10:43:24 GMT
date: Thu, 11 Nov 2021 10:43:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-jXVOXG11rTv0LQVFc5Mnkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 kDuoiLtgZMgDmOUbVHT-UmPZA24HZ7o28Pr6oaX6YeU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D80 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kDuoiLtgZMgDmOUbVHT-UmPZA24HZ7o28Pr6oaX6YeU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903ba888bb6064c80398e51b5474fe5263d9036e0767ba36f0fafaa1a5fa61e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 20:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 570313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13318
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 20:18:11 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DCCD 0
0 59ms
59ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110801&jk=4138850398379320&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 47ms
47ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110801&jk=4138850398379320&bg=!V1SlVBDNAAYDGbPvAxk7ACkAdvg8WqPFe4pUKmeB8dxCc7d30MReMA0bLZUPfEnDh-OjbaKYsha2IgIAAABUUgAAAApoAQcKAKsu2zM-aT7r8wlm5juMmDVHt7vXj4_AjT8Hj9arFb3STZxyAd6TyA9lyxlXPElofhfPigxPB6x-cGuKwpgKBBZaREwDYsGqQzBJknhujH_dyaYHKji3kmB8lMZbn7OXvhbJ7J2Kx2N3YWYW0gWvdjQeoAd-C_fVXwhejYMYlx24hRd1BgtsuU4Tdn0U2AUiX-_wnWkcJGR-83F4Gpp_cdh_vl9VOfX4fUpVuZiZAsmfSoQGvwwCejVe9mc4B0e0Ln1kZkzQUNqhATxj9p2ObJMBeDapj0gEZ_Uw8YElrAmega6kQmBBRlTwkvELWACJdLOjcPy7zmww_EWw6mYD9_jSOv1d49cKXYnlT7rPlbu8Yf8p27Oa9uCHSKIQbVZ2ozEmx1TlHOHLdXrb7hIr4Yo8eEOAVzlDupIk3eck6auGlYQHRANsPCr_V65nX89f2PiyWWIdBkjIJk1esXeYBCzl_pldpMull00YhxYQj4a7SuVkNfoaWAj6eZXgI0pcw875wPpIuWNbe3ej-LIXWBxzrjzkplUVKUsfC4O5xOLkh9XbrZVvPdUpGodb27_uTmmDXUShFomxJPgih4Krr2Y9pq3PukPNkxVU8iiQ0tfROz8LffporoeYA78tLj3aV9L7au--xC-ofupyDT3exf2A3HjL43ixS1soQuaOMnSaf7-VPzgiC180s8ab8Wo0HtdIGwgKv3A6E19rjQNtBqjbNLr79YNVEx7DemjOdGyQMAPzHbPatiNDK4y_N93PzrbDN1Eo8myCmR0tfVe_Bv_PUYG1SJPPoBfAqhdl-69W8tkrlMXG5OsZt3nPVGXCtJuZQs4BDg6u2ZGbWZTPAPmzsg4r4-Bz_HNmty01QopxrGsKP9iDs_IAFN-ZDSB5EJ3BnxxQOQE_e2xbPW-spsxj5RgWujJ_7SBJqoFHiHEqg0_jeNQMUwhQGl-0EttYD85Sh-Sb-w7TKDRQPP6U1nofreaifCuTIzYnKK66tCCaQJb4MQ_nv2oChoJTi5XckRoZKdPpobCXLwhh07BN57fKcsB16i9ZTpaUGNtKxTwr1VlYpGUbY3BVnH0i7zL2VWY8ntVmTeKgoqnSJvrZSZUsopYowGFw3YUnchwyNLs6Xzjyrs5CwFmBA6CwHkyQAnd_EH60GKFaZJJuyit36nxU94hs5FrFyA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
89ms Preflight
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:24 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: http://extra.com.co

POST
H2 200 t Show response
t.lkqd.net/ Frame 267B 0
161 B 90ms
89ms XHR
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:25 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK ad Show response
v.lkqd.net/ Frame 3BFF 2 KB
2 KB 91ms
91ms XHR
application/xml 146.20.128.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://v.lkqd.net/ad?pid=430&sid=1143831&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fextra.com.co%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C55941%2C1%2C&c5=&c6=55941&rnd=7201995&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: HTTP/1.1
Server: 146.20.128.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a8f006a275f7d4c59134aea69ee2ea2f1c4884e0a617b6f836d4cd50a1d944f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:25 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml; charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1350

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 7F9E 230 KB
61 KB 10ms
10ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:25 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1636627405.cds140.fr8.hn,1636627405.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 2037 5 KB
2 KB 8ms
8ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 11 Nov 2021 10:43:25 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1636627405.cds140.fr8.hn,1636627405.cds288.fr8.c
access-control-allow-origin: *

POST
H/1.1 200
OK ad Show response
v.lkqd.net/ Frame 7F9E 48 KB
5 KB 396ms
396ms XHR
application/json 146.20.128.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://v.lkqd.net/ad?pid=430&sid=1143831&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fextra.com.co%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C55941%2C1%2C&c5=&c6=55941&rnd=7201995&m=&rtv=1&thost=extra.com.co
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Server: 146.20.128.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ed03804b1943c3c59e7f9f82bb193b896317514af590639f1d43fa63d7d7553

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 11 Nov 2021 10:43:25 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4969

OPTIONS
H/1.1 200
OK ad
v.lkqd.net/ Frame 0
0 95ms
95ms Preflight 146.20.128.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://v.lkqd.net/ad?pid=430&sid=1143831&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fextra.com.co%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C55941%2C1%2C&c5=&c6=55941&rnd=7201995&m=&rtv=1&thost=extra.com.co
Protocol: HTTP/1.1
Server: 146.20.128.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 11 Nov 2021 10:43:25 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://extra.com.co
Access-Control-Max-Age: 300
Cache-Control: max-age=300
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Expose-Headers: Content-Type, Content-Disposition
Access-Control-Allow-Credentials: true

GET
H2 200 cs
cs.lkqd.net/ Frame 2037 43 B
308 B 89ms
88ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:25 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 2037 43 B
308 B 90ms
89ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:25 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 2037 43 B
308 B 90ms
89ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:25 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 2037 43 B
308 B 89ms
89ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:25 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 2037
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3689952340192388065

43 B
308 B

89ms
88ms

Image
image/gif

146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3689952340192388065
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:25 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3689952340192388065
pragma: no-cache
date: Thu, 11 Nov 2021 10:43:24 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 t Show response
t.lkqd.net/ Frame F9B0 0
161 B 89ms
89ms XHR
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:25 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
88ms Preflight
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:25 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: http://extra.com.co

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 40ms
40ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=http%3A%2F%2Fextra.com.co%2F&cb=985231520&player_width=400&player_height=225&media_transcoding=low&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C43294985917825979881089809256%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:26 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000292
X-SpotX-Timing-SpotMarket: 0.008479
X-SpotX-Timing-Page-Mux: 0.000205
X-SpotX-Timing-Page-Require: 0.000293
X-fe: 038
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000023
Content-Length: 77
X-SpotX-Timing-Page: 0.013610
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000266
Last-Modified: Thu, 11 Nov 2021 10:43:26 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.008479
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
X-SpotX-Timing-Page-Misc: 0.004043
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
251 B 22ms
22ms XHR
text/xml 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fextra.com.co%2F&cb=419367563&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C43294985917825979881631728946,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:26 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://extra.com.co
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
541 B 24ms
24ms XHR
text/xml 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=829697108&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fextra.com.co%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=55941&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-16-69.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: http://extra.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
712 B 111ms
111ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C43294985917825979881774291241,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:26 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1636627405686081-375
Expires: Thu, 11 Nov 2021 10:43:26 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
541 B 28ms
28ms XHR
text/xml 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=639402834&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fextra.com.co%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=55941&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-16-69.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: http://extra.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
89ms Preflight
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:26 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: http://extra.com.co

POST
H2 200 t Show response
t.lkqd.net/ Frame F9B0 0
161 B 96ms
96ms XHR
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:26 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 7F9E 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 vpaid_d700fabb.js Show response
vpaid.springserve.com/production/ Frame 398D 494 KB
87 KB 8ms
7ms Script
application/javascript 2600:9000:206f:e000:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e000:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 15:21:15 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 15:00:52 GMT
server: AmazonS3
age: 1106532
etag: W/"00394b9cabf75acc9a4061ae555e3473"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 4i57tKL-KEAvOgGBiz7hHcL6z8Yit2cwy7HeAXpKAlZqzLCzTmMAuQ==

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 398D 955 B
838 B 10ms
10ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627405863,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 551119be1421679cf875daea945a607ae5653408f96051820f5d8a360ece4596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:26 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: http://extra.com.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 583
expires: Thu, 11 Nov 2021 10:43:26 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 398D 0
212 B 23ms
23ms XHR
application/json 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-16-69.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://extra.com.co
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame AC4E 152 KB
36 KB 48ms
48ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627405863,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:26 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A047 38 KB
14 KB 10ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627405863,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=48832
expires: Fri, 12 Nov 2021 00:17:18 GMT
date: Thu, 11 Nov 2021 10:43:26 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame AC4E 38 KB
14 KB 8ms
7ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627405863,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:26 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=48832
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Fri, 12 Nov 2021 00:17:18 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A047 2 KB
2 KB 12ms
12ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96468628&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: f9a1dea99a829af064cceffabb7fe6fd63ee0328e904c0a5a25c893c2bac2fe4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:25 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 t Show response
t.lkqd.net/ Frame F9B0 0
161 B 93ms
93ms XHR
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:26 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
89ms Preflight
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:26 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: http://extra.com.co

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 290A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029261167349531878

42 B
211 B

25ms
25ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029261167349531878
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:26 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug015:0:475
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Thu, 11 Nov 2021 10:43:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029261167349531878

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3BEC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYzzzgADuegckQAz&gdpr=0&gdpr_consent=&_test=YYzzzgADuegckQAz

1 B
236 B

26ms
25ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYzzzgADuegckQAz&gdpr=0&gdpr_consent=&_test=YYzzzgADuegckQAz
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:26 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: lhrpug021:0:503
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYzzzgADuegckQAz&gdpr=0&gdpr_consent=&_test=YYzzzgADuegckQAz
accept-ranges: bytes
date: Thu, 11 Nov 2021 10:43:26 GMT
via: 1.1 varnish
x-served-by: cache-fra19182-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1636627406.453761,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame BC05
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHSjJrN0RHZWdBQUNpOUlDcWg0QQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

32ms
31ms

Document
image/gif

52.215.68.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.68.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-68-151.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Thu, 11 Nov 2021 10:43:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Thu, 11 Nov 2021 10:43:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame A047
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&addseg=19,36,42

43 B
43 B

95ms
27ms

Image
text/plain

185.64.190.87
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:26 GMT
content-length: 43
content-type: text/plain; charset=utf-8

Redirect headers

date: Thu, 11 Nov 2021 10:43:26 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame A047
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&sInitiator=external&gdpr=0&gdpr_consent=

42 B
602 B

24ms
24ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:25 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:25 GMT
frontend-id: 3
location: /pubmatic/1/info2?sType=sync&sExtCookieId=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame A047 95 B
455 B 55ms
27ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6ac6eb69bd564e1f-FRA
access-control-allow-headers: *
content-length: 95

GET

p
a.audrte.com/ Frame A047
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03
https://a.audrte.com/p

0
0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame A047
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1RdMqtZE2uWra_ogKonJZz_C5wX8QIo-~A&gdpr=0&gdpr_consent=

0
128 B

27ms
26ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1RdMqtZE2uWra_ogKonJZz_C5wX8QIo-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1RdMqtZE2uWra_ogKonJZz_C5wX8QIo-~A&gdpr=0&gdpr_consent=
date: Thu, 11 Nov 2021 10:43:26 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A047 43 B
879 B 115ms
38ms Image
image/gif 2a05:d018:d29:3605:5ad:a774:ca1b:74c5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:5ad:a774:ca1b:74c5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:26 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A047
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=b7fffd01-0c92-48d5-a7a4-012877b937c5&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c&gdpr=&gdpr_consent=&gdpr_pd=

1 B
180 B

26ms
25ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:26 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:520
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ec74683b-b4c5-4392-9e7b-5c8ec1a7860c&gdpr=&gdpr_consent=&gdpr_pd=
Date: Thu, 11 Nov 2021 10:43:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame A047 0
104 B 130ms
65ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:26 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A047
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3689952340192388065&gdpr=0&gdpr_consent=&us_privacy=

1 B
343 B

25ms
25ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3689952340192388065&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:26 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:353
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3689952340192388065&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 11 Nov 2021 10:43:25 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A047
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
359 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:25 GMT
cache-control: no-store, no-cache, private
x-lat: amspug010:0:397
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:25 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A047
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:297c08c8-ef2a-45b2-b34e-f7eac6cb329b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

26ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:297c08c8-ef2a-45b2-b34e-f7eac6cb329b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:26 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:503
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:297c08c8-ef2a-45b2-b34e-f7eac6cb329b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 11 Nov 2021 10:43:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame AC4E 27 B
0 28ms
27ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627405863,,&us_privacy=&cb=1636627405845&SAVersion=2&inIframe=1&pageURL=http%253A%252F%252Fextra.com.co%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=http%253A%252F%252Fextra.com.co%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-11%2010:43:26&ranreq=0.009705237795206934&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627405863,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:26 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: http://extra.com.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 398D 67 B
712 B 111ms
110ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=http%3A%2F%2Fextra.com.co%2F&_fw_gdpr=&_fw_gdpr_consent=&cb=1636627405863&width=400&height=225&dnt=&ip=146.20.128.63&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&schain=1.0,1!vidoomy.com,55941,1,1636627405863,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:26 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1636627406524077-361
Expires: Thu, 11 Nov 2021 10:43:26 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame 398D 0
61 B 9ms
8ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636627406&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:26 GMT
content-length: 0
content-type: text/html

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 398D 67 B
712 B 240ms
239ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=http%3A%2F%2Fextra.com.co%2F&_fw_gdpr=&_fw_gdpr_consent=&cb=1636627405863&width=400&height=225&dnt=&ip=146.20.128.63&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&schain=1.0,1!vidoomy.com,55941,1,1636627405863,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:27 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1636627406821060-356
Expires: Thu, 11 Nov 2021 10:43:27 GMT

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 398D 0
113 B 102ms
101ms XHR
text/plain 3.141.243.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=159229a4&ps_id=356921&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.243.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-141-243-179.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:27 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
89ms Preflight
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:27 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: http://extra.com.co

POST
H2 200 t Show response
t.lkqd.net/ Frame F9B0 0
161 B 90ms
89ms XHR
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:27 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK ad Show response
v.lkqd.net/ Frame 3BFF 2 KB
2 KB 91ms
91ms XHR
application/xml 146.20.128.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://v.lkqd.net/ad?pid=430&sid=1143831&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fextra.com.co%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C55941%2C1%2C&c5=&c6=55941&rnd=85447614&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: HTTP/1.1
Server: 146.20.128.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 89580ca574de255e8a0658819787c30057bcf68d2c3d10593e4bfdb2b189e38f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:27 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml; charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1350

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 588A 230 KB
61 KB 11ms
11ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:27 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1636627407.cds140.fr8.hn,1636627407.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 9A3F 5 KB
2 KB 10ms
9ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 11 Nov 2021 10:43:27 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1636627407.cds140.fr8.hn,1636627407.cds288.fr8.c
access-control-allow-origin: *

POST
H/1.1 200
OK ad Show response
v.lkqd.net/ Frame 588A 55 KB
5 KB 353ms
353ms XHR
application/json 146.20.128.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://v.lkqd.net/ad?pid=430&sid=1143831&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fextra.com.co%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C55941%2C1%2C&c5=&c6=55941&rnd=85447614&m=&rtv=1&thost=extra.com.co
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Server: 146.20.128.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: f3bd5bae3a930ae9116e1a1bca5998ea58d6875f2efc3278348eeab627fb8d01

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 11 Nov 2021 10:43:28 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 5216

OPTIONS
H/1.1 200
OK ad
v.lkqd.net/ Frame 0
0 89ms
89ms Preflight 146.20.128.133
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://v.lkqd.net/ad?pid=430&sid=1143831&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fextra.com.co%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C55941%2C1%2C&c5=&c6=55941&rnd=85447614&m=&rtv=1&thost=extra.com.co
Protocol: HTTP/1.1
Server: 146.20.128.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 11 Nov 2021 10:43:27 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://extra.com.co
Access-Control-Max-Age: 300
Cache-Control: max-age=300
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Expose-Headers: Content-Type, Content-Disposition
Access-Control-Allow-Credentials: true

GET
H2 200 cs
cs.lkqd.net/ Frame 9A3F 43 B
308 B 90ms
89ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9A3F 43 B
308 B 90ms
89ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9A3F 43 B
308 B 91ms
90ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9A3F 43 B
308 B 91ms
90ms Image
image/gif 146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 9A3F
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3689952340192388065

43 B
308 B

89ms
89ms

Image
image/gif

146.20.128.137
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3689952340192388065
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3689952340192388065
pragma: no-cache
date: Thu, 11 Nov 2021 10:43:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 t Show response
t.lkqd.net/ Frame 5DFD 0
161 B 91ms
91ms XHR
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:28 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
89ms Preflight
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:28 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: http://extra.com.co

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 36ms
36ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=http%3A%2F%2Fextra.com.co%2F&cb=1833372091&player_width=400&player_height=225&media_transcoding=low&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C6568095368760610673390095729%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:28 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000244
X-SpotX-Timing-SpotMarket: 0.008240
X-SpotX-Timing-Page-Mux: 0.000221
X-SpotX-Timing-Page-Require: 0.000299
X-fe: 108
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000021
Content-Length: 77
X-SpotX-Timing-Page: 0.013731
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000259
Last-Modified: Thu, 11 Nov 2021 10:43:28 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.008240
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
X-SpotX-Timing-Page-Misc: 0.004437
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
248 B 25ms
24ms XHR
text/xml 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fextra.com.co%2F&cb=1281046817&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C65680953687606106731416354281,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:28 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://extra.com.co
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
712 B 111ms
111ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&_fw_us_privacy=0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C15129044716568095368760610673%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:28 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1636627407969091-422
Expires: Thu, 11 Nov 2021 10:43:28 GMT

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
541 B 20ms
20ms XHR
text/xml 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=141812132&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fextra.com.co%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=55941&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-16-69.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: http://extra.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 29ms
17ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?_fw_gdpr=0&_fw_us_privacy=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C65680953687606106731156536942,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6c5c6c3f7c2d60983f761b6f2e0e64e83d3fd4d974759ad1c62dd3cfa20d380d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:28 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1250
x-sticky-vk: 1636627408304046-397
Expires: Thu, 11 Nov 2021 10:43:28 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
541 B 23ms
23ms XHR
text/xml 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=113031300&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fextra.com.co%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=55941&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-16-69.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: http://extra.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
88ms Preflight
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:28 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: http://extra.com.co

POST
H2 200 t Show response
t.lkqd.net/ Frame 5DFD 0
161 B 184ms
184ms XHR
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:28 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 588A 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 7989 337 KB
114 KB 64ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:1a

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1636627408.dop202.fr8.t,1636627408.cds124.fr8.shn,1636627408.cds124.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

POST
H2 200 t Show response
t.lkqd.net/ Frame 5DFD 0
161 B 89ms
89ms XHR
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: http://extra.com.co
date: Thu, 11 Nov 2021 10:43:28 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
88ms Preflight
text/plain 146.20.132.43
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.43 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://extra.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:28 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: http://extra.com.co

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 7989 25 KB
25 KB 31ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:1a

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1636627408172
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 10:43:28 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1636627408.dop202.fr8.t,1636627408.cds051.fr8.shn,1636627408.cds051.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H2

200

5acd38c5253a98247de1d78da9940e1&gdpr=0&gdpr_consent=
pr-bh.ybp.yahoo.com/sync/stickyads/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5acd38c5253a98247de1d78da9940e1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0de2_7029261193097971383
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NWFjZDM4YzUyNTNhOTgyNDdkZTFkNzhkYTk5NDBlMQ==&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHdjQk5pbvSgFmww09eIRO4&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3407eb1d-2814-4550-832f-6d0dccd0a331
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8725330688953216047
https://pr-bh.ybp.yahoo.com/sync/stickyads/5acd38c5253a98247de1d78da9940e1&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=

43 B
322 B

37ms
37ms

Image
image/gif

2a05:d018:d29:3605:5ad:a774:ca1b:74c5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/stickyads/5acd38c5253a98247de1d78da9940e1&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=

Protocol

Server

2a05:d018:d29:3605:5ad:a774:ca1b:74c5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:28 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://pr-bh.ybp.yahoo.com/sync/stickyads/5acd38c5253a98247de1d78da9940e1&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1636627408771067-359
Expires: Thu, 11 Nov 2021 10:43:28 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 7989 301 B
848 B 19ms
19ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=http%3A%2F%2Fextra.com.co%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:28 GMT
Server: nginx
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1636627408463082-416
Expires: Thu, 11 Nov 2021 10:43:28 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 7989 67 B
712 B 138ms
127ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=0&_fw_us_privacy=0&_fw_gdpr_consent=&schain=1.0%2C1!vidoomy.com%2C55941%2C1%2C65680953687606106731156536942%2C%2C&vav=f33641e429401d175ac9ebbaf7eadb5c&vaviv=4f64d421b3af68df7d16f01fb46096de&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.1.6&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=http%3A%2F%2Fextra.com.co%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:28 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://extra.com.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1636627408463093-416
Expires: Thu, 11 Nov 2021 10:43:28 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWFjZDM4YzUyNTNhOTgyNDdkZTFkNzhkYTk5NDBlMQ==&gdpr=0&gdpr_consent=

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWFjZDM4YzUyNTNhOTgyNDdkZTFkNzhkYTk5NDBlMQ==&gdpr=0&gdpr_consent=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:28 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWFjZDM4YzUyNTNhOTgyNDdkZTFkNzhkYTk5NDBlMQ==&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1636627408684003-350
Expires: Thu, 11 Nov 2021 10:43:28 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=5acd38c5253a98247de1d78da9940e1&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

315ms
105ms

Image
image/gif

209.54.177.54

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=5acd38c5253a98247de1d78da9940e1&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

209.54.177.54 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://extra.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: WC3HDE826XNMYTVEFY40
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 10:43:28 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=5acd38c5253a98247de1d78da9940e1&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1636627408684005-350
Expires: Thu, 11 Nov 2021 10:43:28 GMT

GET
H2 200 vpaid_d700fabb.js Show response
vpaid.springserve.com/production/ Frame A32E 494 KB
87 KB 7ms
7ms Script
application/javascript 2600:9000:206f:e000:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e000:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 15:21:15 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 15:00:52 GMT
server: AmazonS3
age: 1106534
etag: W/"00394b9cabf75acc9a4061ae555e3473"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: j4Z_gAMimS8lm1XqZPio7EnGloxlgpHJj-3nPvYhxeg4gdtLa6AfsA==

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame A32E 955 B
837 B 57ms
56ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627408063,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 98d12b9ba526602dd9e030bb42dca8116bbd96d413b266f9612a3ea358cc7b1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 10:43:28 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: http://extra.com.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 582
expires: Thu, 11 Nov 2021 10:43:28 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame A32E 0
212 B 23ms
22ms XHR
application/json 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-16-69.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://extra.com.co
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame C653 152 KB
36 KB 23ms
23ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627408063,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:28 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3F63 38 KB
14 KB 9ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627408063,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=48830
expires: Fri, 12 Nov 2021 00:17:18 GMT
date: Thu, 11 Nov 2021 10:43:28 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C653 38 KB
14 KB 8ms
8ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fextra.com.co%2F&schain=1.0,1!vidoomy.com,55941,1,1636627408063,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:28 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=48830
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Fri, 12 Nov 2021 00:17:18 GMT

POST t
t.lkqd.net/ Frame 5DFD 0
0

OPTIONS t
t.lkqd.net/ Frame 0
0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3F63 1 KB
2 KB 12ms
11ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83120218&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 4e49404f6046c81507135647ea3baa5878db993d8b39bc5eb13676ac0b6154b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:43:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1491
content-type: text/html; charset=UTF-8

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7735
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
89 B

25ms
25ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 11 Nov 2021 10:43:28 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug015:2:368
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Thu, 11 Nov 2021 10:43:28 GMT
server: _

GET dpe
ad4m.at/ad/ Frame F080 0
0

GET bridge
cm.adgrx.com/ Frame 7D5B 0
0

GET

generic
match.adsrvr.org/track/cmf/ Frame DE18
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3109247413

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 63EC
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=FhVGt0rqmwm7sNP37gYSXzID

0
0

GET cookiesync
core.iprom.net/ Frame 8389 0
0

GET i.match
a.tribalfusion.com/ Frame 2D78 0
0

GET 141
match.deepintent.com/usersync/ Frame EA9F 0
0

GET

getuid
secure.adnxs.com/ Frame 3F63
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

0
0

GET d1ba4609
rtb.gumgum.com/getuid/ Frame 3F63 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4138850398379320&correlator=1528741921724569&output=ldjh&impl=fifs&eid=31063406%2C31063675%2C21068767&vrg=2021110801&ptt=17&sc=0&sfv=1-0-38&ecs=20211111&iu_parts=2206182966%2CEXTRA_HOME_DESKTOP_LATERALDERECHO_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=4&cookie_enabled=1&cdm=extra.com.co&bc=23&abxe=1&dt=1636627400760&dlt=1636627400201&idt=515&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3337535152&ucis=k&ad_type=image&color_bg=%23ffffff&color_border=%23ffffff&color_link=%230000ff&color_text=%23000000&color_url=%23008000&ifi=20&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fextra.com.co%2F&loc=http%3A%2F%2Fextra.com.co%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1398195648.1636627401&ga_sid=1636627401&ga_hid=209597192&ga_fc=false&fws=2&ohw=0&btvi=-1&nvt=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGEwZGFiNjMtZTJmNS02ZmRmLTYyM2YtY2NhNzk2YTQ0MWZi

Domain: a.audrte.com
URL: https://a.audrte.com/p

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: ad4m.at
URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Domain: cm.adgrx.com
URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3109247413

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=FhVGt0rqmwm7sNP37gYSXzID

Domain: core.iprom.net
URL: https://core.iprom.net/cookiesync

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Domain: rtb.gumgum.com
URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

78 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.extra.com.co/	1970-01-20 07:58:43	Name: __gads Value: ID=da424930bef5e10a-22d770c94dcb00de:T=1636627401:S=ALNI_MazFab3Ib0sERVM0TxT0tZL64NmPQ
.bidswitch.net/	1970-01-20 07:22:43	Name: tuuid Value: ec74683b-b4c5-4392-9e7b-5c8ec1a7860c
.bidswitch.net/	1970-01-20 07:22:43	Name: c Value: 1636627401
.doubleclick.net/	1970-01-20 07:58:43	Name: IDE Value: AHWqTUlX2Tn2YlsyvHKaln6nG_zPK2hdHzCUKp4cDCM064Z8zBHDgvS6LNFPO2ZRfw0
ads.stickyadstv.com/	1970-01-19 23:20:19	Name: UID Value: 5acd38c5253a98247de1d78da9940e1
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 8f99674daccff4558e96143fb380
.bidswitch.net/	1970-01-20 07:22:43	Name: tuuid_lu Value: 1636627402
.vidoomy.com/	1970-01-20 07:22:43	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImVjNzQ2ODNiLWI0YzUtNDM5Mi05ZTdiLTVjOGVjMWE3ODYwYyIsImV4cGlyZXMiOjE2MzkyMTk0MDJ9LCJDRU4iOnsidWlkIjoibm8tY29uc2VudCIsImV4cGlyZXMiOjE2MzkyMTk0MDJ9fX0=
.turn.com/	1970-01-20 02:56:19	Name: uid Value: 3689952340192388065
.adfarm1.adition.com/	1970-01-20 00:46:43	Name: UserID1 Value: 7029261167349531878
.casalemedia.com/	1970-01-20 00:46:43	Name: CMPS Value: 5233
.openx.net/	1970-01-20 07:22:43	Name: i Value: 75ce47f0-8205-0e8c-2d09-5ef63861bc66\|1636627402
.casalemedia.com/	1970-01-19 22:38:33	Name: CMST Value: YYzzymGM88oA
.adnxs.com/	1970-01-20 00:46:43	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%ww>>il!]tbPl1M>e)ZlrFUfJ+tGXxo<`]$WdAllffL%o#(L#eZ/E]MSwOyxaRVx[i8bpRzqF1`b_v-7C2d
.openx.net/	1970-01-19 22:58:43	Name: pd Value: v2\|1636627402\|vN
.casalemedia.com/	1970-01-20 07:22:43	Name: CMRUM3 Value: 2d618cf3ca2760CAESEP7IgvFx9CyaxSEtd2XuFwQ
.casalemedia.com/	1970-01-20 07:22:43	Name: CMID Value: YYzzyiQainzOBxmIH7vUiQAA
.casalemedia.com/	1970-01-20 00:46:43	Name: CMPRO Value: 1142
.adnxs.com/	1970-01-20 00:46:43	Name: uuid2 Value: 8725330688953216047
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 7169
.spotxchange.com/	1970-01-20 07:22:43	Name: audience Value: 31474da4-42dc-11ec-8caa-175cf56a0006
.ad-srv.net/	1970-01-20 00:46:43	Name: pwzdy6wsn8n7_uid Value: f4e8c444b4fd484b
extra.com.co/	1970-01-20 01:01:07	Name: cookie-agreed-version Value: 1.0.0
.creative.mlsat02.de/	1970-01-20 00:03:31	Name: trs Value: 51021803%3B908cbadb724971cc9012ced767276cc8%3B11430_473322_1636627403_31a7c680-42dc-11ec-9ee2-2231fc5720ae%3B
.telekom.de/	1970-01-19 22:41:26	Name: viewvpnr Value: MetaPeople\|pv-NTEwMjE4MDM7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzY2Mjc0MDNfMzFhYjQ4ZjAtNDJkYy0xMWVjLTllZTItMjIzMWZjNTcyMGFlOw..\|VB1049\|59814\|59814\|1-1105148698\|\|4001780
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 361931:2950366
.awin1.com/	1970-01-19 22:41:26	Name: awpv11430 Value: 473322\|1636627403\|31d2a710-42dc-11ec-9ee2-2231fc5720ae
.pubmatic.com/	1970-01-20 00:46:43	Name: KADUSERCOOKIE Value: E25A2D69-0C04-45F8-BA1E-5E52C8FD7B03
.adform.net/	1970-01-19 23:20:19	Name: C Value: 1
.quantserve.com/	1970-01-20 00:46:43	Name: d Value: EL0BCwHZJPijAA
.quantserve.com/	1970-01-20 08:07:21	Name: mc Value: 618cf3cb-e9889-6c091-c3349
.onaudience.com/	1970-01-20 07:22:43	Name: cookie Value: 1770a6e4e6267d1e
.onaudience.com/	1970-01-19 22:38:33	Name: done_redirects161 Value: 1
.simpli.fi/	1970-01-20 07:24:09	Name: suid Value: 563E2B2A1CAF44E8B98C08C23A224FBC
.pubmatic.com/	1970-01-19 23:20:19	Name: KRTBCOOKIE_80 Value: 22987-CAESEKsl0xswVLgYk9aa-UEkcrk&KRTB&16514-CAESEKsl0xswVLgYk9aa-UEkcrk&KRTB&23025-CAESEKsl0xswVLgYk9aa-UEkcrk
.pubmatic.com/	1970-01-20 00:46:43	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 23:20:19	Name: KRTBCOOKIE_57 Value: 22776-8725330688953216047
.mathtag.com/	1970-01-20 08:03:02	Name: uuid Value: f57e618c-f3cb-4800-9c64-be483d4dc889
.pubmatic.com/	1970-01-19 23:20:19	Name: KRTBCOOKIE_153 Value: 19420-jGFy3NxjKd2XNXOHgmlnidlgc46XM3mMjmnLMvlm&KRTB&22979-jGFy3NxjKd2XNXOHgmlnidlgc46XM3mMjmnLMvlm
.de17a.com/	1970-01-20 07:15:31	Name: guid2 Value: 1.4963301923403430068
.adsrvr.org/	1970-01-20 07:22:43	Name: TDID Value: 3407eb1d-2814-4550-832f-6d0dccd0a331
.adform.net/	1970-01-20 00:03:31	Name: uid Value: 2806212759486638044
.pubmatic.com/	1970-01-19 23:20:19	Name: KRTBCOOKIE_336 Value: 5844-4963301923403430068
.adsrvr.org/	1970-01-20 07:22:43	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwi0sa3nw8KSOhAFGAUgASgCMgsIvLyalNrCkjoQBTgB
.pubmatic.com/	1970-01-19 23:20:19	Name: KRTBCOOKIE_391 Value: 22924-3287583082620706528&KRTB&23263-3287583082620706528
.pubmatic.com/	1970-01-19 23:20:19	Name: KRTBCOOKIE_27 Value: 16735-uid:a370618c-f3cb-4800-a483-d154c4359647&KRTB&16736-uid:a370618c-f3cb-4800-a483-d154c4359647&KRTB&23019-uid:a370618c-f3cb-4800-a483-d154c4359647&KRTB&23114-uid:a370618c-f3cb-4800-a483-d154c4359647
.pubmatic.com/	1970-01-19 23:20:19	Name: KRTBCOOKIE_377 Value: 6810-3407eb1d-2814-4550-832f-6d0dccd0a331&KRTB&22918-3407eb1d-2814-4550-832f-6d0dccd0a331&KRTB&23031-3407eb1d-2814-4550-832f-6d0dccd0a331
.exelator.com/	1970-01-20 01:29:55	Name: EE Value: "eea4d2da1de04e99fd52af7ebfd8d7aa"
.adform.net/	1970-01-19 22:47:12	Name: TPC Value: 1636627404090
.exelator.com/	1970-01-20 01:29:55	Name: ud Value: "eJxrXxzq6XKLQSE1NdEkxSgl0TAl1cAk1dIyLcXUKDHNPDUpLcUixTwxcXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ0SX5RZvoiF9fFRSlpDItKik8F72v3AQD%252Fyyt%252F"
.pubmatic.com/	1970-01-20 00:46:43	Name: pp Value: 156498
.pubmatic.com/	1970-01-19 22:38:33	Name: PMDTSHR Value: cat:
.aaa.artefact.com/	1970-01-20 07:22:43	Name: trscj Value: MTYzNjYyNzQwNHxMM1J5WTJzdlpYWnBaWGN2T1RBNFkySmhaR0kzTWpRNU56RmpZemt3TVRKalpXUTNOamN5Tnpaall6Zy9aWGgwWDNCMVlteHBjMmhsY2w5cFpEMDBOek16TWpJbVlqMHhKbTV2UFRFbVkzUnBaRDAwT1RReU1EVTJOU1owWnoxMGRtMTBiWFI0ZUNaamEzVnliRDB4fGFIUjBjSE02THk5aFpESXVZV1F0YzNKMkxtNWxkQzg9
.pubmatic.com/	1970-01-20 00:46:43	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-20 00:46:43	Name: DPSync3 Value: 1636675200%3A174%7C1637798400%3A221_226_227_235_201_197_219
.pubmatic.com/	1970-01-20 00:46:43	Name: SyncRTB3 Value: 1637452800%3A63%7C1637884800%3A35%7C1637798400%3A3_220_21_55_81_56_54_71_22_166_13_7_161_8%7C1637193600%3A223_2_15%7C1639180800%3A203
.pubmatic.com/	1970-01-19 23:20:19	Name: KRTBCOOKIE_188 Value: 3189-no-consent
.pubmatic.com/	1970-01-19 23:20:19	Name: KRTBCOOKIE_22 Value: 14911-3689952340192388065
.pubmatic.com/	1970-01-19 23:20:19	Name: PugT Value: 1636627406
.fiftyt.com/	1970-01-20 07:22:43	Name: fifid Value: 6961082f-c887-4af7-49a2-4976e2e1ec1a
.fiftyt.com/	1970-01-20 07:22:43	Name: cs Value: MTYzNjYyNzQwNnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fKnQR4TTDfJwJ4QyhElF3iq0h30kdMwnaoIh9aTSAp1G
.zeotap.com/	1970-01-20 07:22:43	Name: zc Value: 308c6112-b85d-4369-7755-cd8b0e075666
.analytics.yahoo.com/	1970-01-20 07:24:09	Name: IDSYNC Value: 18z8~21gy
.adsby.bidtheatre.com/	1970-01-19 22:47:12	Name: __kuid Value: 297c08c8-ef2a-45b2-b34e-f7eac6cb329b.405841406
.fiftyt.com/	1970-01-19 22:47:12	Name: fppm Value: 20211111104326
.pubmatic.com/	1970-01-19 23:20:19	Name: KRTBCOOKIE_1101 Value: 23040-7029261167349531878
.semasio.net/	1970-01-20 07:22:43	Name: SEUNCY Value: A071366440BCE9F
.pubmatic.com/	1970-01-19 23:20:19	Name: SPugT Value: 1636627404
.yahoo.com/	1970-01-20 07:23:05	Name: A3 Value: d=AQABBM7zjGECECkUpwv5xrfxZwcdol7ZE5oFEgEBAQFFjmGWYQAAAAAA_SMAAA&S=AQAAArx1R56q6Xz7zIPQ4bLbyM4
.everesttech.net/	1970-01-20 07:22:43	Name: everest_g_v2 Value: g_surferid~YYzzzgADuegckQAz
.bidr.io/	1970-01-20 08:05:37	Name: bito Value: AAGJ2k7DGegAACi9ICqh4A
.bidr.io/	1970-01-20 08:05:37	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-19 23:20:19	Name: KRTBCOOKIE_218 Value: 4056-YYzzzgADuegckQAz&KRTB&22978-YYzzzgADuegckQAz&KRTB&23194-YYzzzgADuegckQAz&KRTB&23209-YYzzzgADuegckQAz
.volvelle.tech/	1970-01-20 07:22:43	Name: ouuid Value: b7fffd01-0c92-48d5-a7a4-012877b937c5
.volvelle.tech/	1970-01-20 07:22:43	Name: c Value: 1636627406
.volvelle.tech/	1970-01-20 07:22:43	Name: ouuid_lu Value: 1636627406
.pubmatic.com/	1970-01-19 23:20:19	Name: KRTBCOOKIE_466 Value: 16530-ec74683b-b4c5-4392-9e7b-5c8ec1a7860c
.audrte.com/	1970-01-19 22:58:43	Name: arcki2 Value: 8fhzAW-w6qKQymM7xx34Q9Anw!20210804!1636627406671

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://extra.com.co/ Message: Access to XMLHttpRequest at 'https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4138850398379320&correlator=1528741921724569&output=ldjh&impl=fifs&eid=31063406%2C31063675%2C21068767&vrg=2021110801&ptt=17&sc=0&sfv=1-0-38&ecs=20211111&iu_parts=2206182966%2CEXTRA_HOME_DESKTOP_LATERALDERECHO_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=4&cookie_enabled=1&cdm=extra.com.co&bc=23&abxe=1&dt=1636627400760&dlt=1636627400201&idt=515&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3337535152&ucis=k&ad_type=image&color_bg=%23ffffff&color_border=%23ffffff&color_link=%230000ff&color_text=%23000000&color_url=%23008000&ifi=20&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fextra.com.co%2F&loc=http%3A%2F%2Fextra.com.co%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1398195648.1636627401&ga_sid=1636627401&ga_hid=209597192&ga_fc=false&fws=2&ohw=0&btvi=-1&nvt=1' from origin 'http://extra.com.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4138850398379320&correlator=1528741921724569&output=ldjh&impl=fifs&eid=31063406%2C31063675%2C21068767&vrg=2021110801&ptt=17&sc=0&sfv=1-0-38&ecs=20211111&iu_parts=2206182966%2CEXTRA_HOME_DESKTOP_LATERALDERECHO_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=4&cookie_enabled=1&cdm=extra.com.co&bc=23&abxe=1&dt=1636627400760&dlt=1636627400201&idt=515&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3337535152&ucis=k&ad_type=image&color_bg=%23ffffff&color_border=%23ffffff&color_link=%230000ff&color_text=%23000000&color_url=%23008000&ifi=20&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fextra.com.co%2F&loc=http%3A%2F%2Fextra.com.co%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1398195648.1636627401&ga_sid=1636627401&ga_hid=209597192&ga_fc=false&fws=2&ohw=0&btvi=-1&nvt=1 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://extra.com.co/themes/custom/hsb/lib/bootstrap.min.js?r2dfw4 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://extra.com.co/themes/custom/hsb/lib/tether.min.js?r2dfw4 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: http://extra.com.co/ Message: Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGEwZGFiNjMtZTJmNS02ZmRmLTYyM2YtY2NhNzk2YTQ0MWZi' (redirected from 'https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fextra.com.co%2F&cb=2113488083&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C55941%2C1%2C81824011043432112391809931811,,') from origin 'http://extra.com.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGEwZGFiNjMtZTJmNS02ZmRmLTYyM2YtY2NhNzk2YTQ0MWZi Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
795cb7b715ed42ed94a7878e8f7986c3.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
a.vidoomy.com
a.volvelle.tech
aaa.artefact.com
ad.ad-srv.net
ad.lkqd.net
ad.turn.com
ad13.adfarm1.adition.com
ad17.ad-srv.net
ad2.ad-srv.net
ad4m.at
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
aktrack.pubmatic.com
aud.pubmatic.com
buttons-config.sharethis.com
c1.adform.net
cdn.ampproject.org
cdn.stickyadstv.com
cm.adgrx.com
cm.g.doubleclick.net
core.iprom.net
creative.mlsat02.de
cs.lkqd.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
ebs08.telekom.de
extra.com.co
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imagesrv.adition.com
l.sharethis.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
platform-api.sharethis.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rechtstexte.s3.amazonaws.com
rtb.gumgum.com
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.world-weather.info
sync-tm.everesttech.net
sync.mathtag.com
t.lkqd.net
tpc.googlesyndication.com
track.adform.net
tracking.mlsat02.de
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
v.lkqd.net
vid-io-cle.springserve.com
vid.pubmatic.com
vidoomy-d.openx.net
visitor.fiftyt.com
vpaid.pubmatic.com
vpaid.springserve.com
world-weather.info
www.awin1.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.audrte.com
a.tribalfusion.com
ad4m.at
cm.adgrx.com
cm.g.doubleclick.net
core.iprom.net
image2.pubmatic.com
match.adsrvr.org
match.deepintent.com
rtb.gumgum.com
secure.adnxs.com
securepubads.g.doubleclick.net
t.lkqd.net
104.111.239.217
13.32.22.102
136.243.149.243
142.250.184.226
142.250.186.130
142.250.186.66
146.20.128.133
146.20.128.137
146.20.132.43
151.101.2.49
151.139.128.11
159.65.196.12
159.69.70.9
162.55.6.210
169.50.137.184
178.250.2.151
18.134.84.26
18.157.198.157
18.159.16.69
18.198.109.212
185.29.132.241
185.64.189.110
185.64.190.75
185.64.190.80
185.64.190.81
185.64.190.87
185.94.180.124
198.47.127.19
2.18.233.180
2.18.234.21
2.18.234.233
2001:4de0:ac19::1:b:1a
2001:678:cb4:bbbb::11
209.54.177.54
213.155.156.167
217.79.188.10
217.79.188.54
2600:9000:206f:7400:c:abe:f440:93a1
2600:9000:206f:e000:15:6f6c:b180:93a1
2606:4700:10::ac43:db6
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:810::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a02:fa8:8806:13::1400
2a05:d018:d29:3605:5ad:a774:ca1b:74c5
3.126.56.137
3.129.250.65
3.141.243.179
3.33.220.150
3.68.1.119
34.254.143.3
34.98.64.218
35.201.96.126
35.210.178.101
37.157.2.247
37.157.3.29
37.157.4.25
37.252.172.36
46.4.10.47
51.178.130.209
51.210.112.63
51.68.117.182
52.215.68.151
52.218.121.9
66.155.71.25
77.243.60.138
80.158.66.20
85.114.159.93
89.108.122.252
92.204.132.34
00c091e8bdd669f53f7e4db393b2599a1fdaa11e1f49ee2b7680ec4786819695
01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
06d0a04ed772b74f7368b66d8433a8265efa1d71b051028cc5347aa689cf4100
06d807e854c6611003c9b5f5fe447c2920c57034908729fcfdae59481a34edff
0aa75e8bd8205d9bf3584ec5654cc3ca63af780c831d9d69eed354540b0a2829
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0c75bd70c8ca4242721d97c541d4a35633a0f75e98f3d04cd0bafdc637030e41
0d9c23fb8c352834873e45dddb2fa58c3f53b86480deaa302a898052d7699edf
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0ed043166450ec4d47d3de4f4d620b28875be1160381c8372a4e37de88053558
0fd7146446731e7ae7be2d909df0df861b0269dbe65a96dae926b51260a733df
1055cd6e19914bca8605142fa2e84b1cad8622a73bdfcdbe83962b90d7b0f80c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a5bcb192e63d40f3c787ccad6805d32f76c4ae0c4f8656d09426a405b6da38
1481fbe65f967d136d0513010e30963c8d123b4336be2a9bcdb310815050cf21
1643bd17cca9ee46983021d951bdea62a31f23089cd5df12478fe5263ee12408
171dc87b7a2395bc1b2f635e6ac2492433e4d5f1de93d3005f921f08fa1053da
17d3622a9f29963c49916670c39d8674882f7154864efb735e9422d920c6b5e6
18064e6b8af617388b35606b6397c93132adc95ab61684c612d08b9daace7ac7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19a2abf413dc83d919a124f85468c2cec7304077718fa90630a810475496bc8b
1aadcbb202e998809e7b3a0b6007f0f3e439354840f9d6eb657ec01cedbc0795
1aaf80a6d762daf3ad592a1eeb48c50f118ba349beb04eb97218b55d80ecdd7f
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b9698375b11cc72fff2d96f220310a0f31ceb22e387b45c8327c76b2a730e45
1ce15eaef3b62cb4f87528055ccf08f7aca283e9e7824ceaae2509c2c538c39b
1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3
2031451eb0c922fd7e1f672d3c13476fef0c1470e1aa8251d958d143adfafddd
228c7a3b7a8444a7b26e356b34d237a67314aa935fbfd508ced159fff2c96df0
241fbb32903266f0dec16a97db9ddefe8854394d7018e1b4144e77cd107988b9
287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29862a809afafde6b5717ef6f98085e4281bf79a773c15da0d6fd708dbabdd2a
29b37a1d10afc11a115ee3f57db3f52f4d8ef782cc10b883a26f696ced5884af
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2afa700dc4f680f41916f76cc23395cbfc2f5ac7bddc7c791832937bcf8527a4
2b5b9f52ef0666c83260be0a0bb7f593afce43bebf92b91f3f6dd176c693b313
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d9ffc9057de5fd034d5e446381d860a172ac7004a594efabea499712e21c75e
2e706bdbefc49b370526fe49b647d3ba50738cfd96e91f2fac4f5ca4b9945699
2ef821ed88d760004ab602d3e8226f7426c292b2f4859d9a04eced0b3643b1f5
2f300b6bccf8bd28b3310dea3ced9abf9f197ab2253f06edb5083fcecaaf08f8
3199231cee9a62eb1be74f3f27d9a41469d1e3560f4e4e480cdf530c51f16cc8
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e
3500838e8c3373187e8fa45c758bb06fa8497589a8a66b570a9ebe5472c962d3
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
3916a45d392a0e3fd36d03acf46dbf88c70ed76caf3aa743ae25330ddef5c73c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ff08ef63b7a5f96d52c357773f5e396737af1b1b655d8bb24336904cf4bf302
4052f2fadbe7f650c9f4934b24b11cf61b74da461c1d334bc444dbbaeab55021
41683e0bdfed00e74de14d86441e289271ca70b2a94c721653b9a49dc32fb24e
4254af753804eaedda0fdc7746bc199917109d37ad0a335d5862943152a92338
436fcad737564acf0dd581a9bb4f3025b67652c344f780c90a870265d8bfd933
438cc19a46ebaf1bc6199c9cff95220c9fbc0ae60b9b940d7bcfc20f62ca675f
447ffe4040fc9d0761f896e3ef3b37e2220744f4d3e3760ffe1f216f3d0e4e54
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
46e4bdc0763b48505bed80a282e7fba11ddc58195336172ad771a41ff429a76d
47e3a9faedccc2a6eefa941be4e3614d954abf470e1b1e1b3904462262a446c7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a8c57d8aca989c0ed618449168a86a265623363c878157ed0fbfde2d2bebdc
495bcf7933806f448d6ceb132c85c748fb438f1a81822fae05e82e95884a3af3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d10aa8d8a05282239e39d3a2c1968f5720e540bc10c36fe15aa5caf112c97ab
4dfe90f77e4748a50637fe0160cbcfc406d72025a1a0496d7393877cf4cf0e18
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e49404f6046c81507135647ea3baa5878db993d8b39bc5eb13676ac0b6154b7
4f4a3270abc23449722d8a8358363fa1d4f0ff7fa0b243c3241a8b4672936cc0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
519f71e8a6cac156c0290fb5b79372191890e23d46a94cbe3a744e6470f074c1
53fcdd5b00ed2bf8e298ce4545639bf2b7ced00ecbd4a075cd207df43a04e4b7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551119be1421679cf875daea945a607ae5653408f96051820f5d8a360ece4596
55154fdbaeba2a00a729dc0871c57c444748ebacf1bc1cc0cf178402f297b80c
567ff37b81376ff48f2fab29c0dd3beb02d304fa027aa3aa087efc186c7e8e1e
57bb65b423bab888c8aba71acff5d4ed214dc5cf39b69dee378012d975d7c4a7
58714c2ed841d13f641976b01cf4350da63b1665924f6cf77cf17f0d2b6f05ce
587c7ddf0cdc5ae130a1538251e9bdce6f72b96b16bd62a73f8425df54bf11fc
59556e9cb4cd756448d1e3fac54b2de1a76aa1a26cbc4feb850de2769bc1eb13
5961999eddfe63fbc099323990a1c709ee433778b6acce546fa8330512e240c0
59dbea95d5c3317128515162bb88bff9bf63853cf91289a3130fd00f94faef9a
5b85bee04a11cc2c8efade613894ea8f1d8139cb1e28824fad666e3e8c9582dd
5c205a9db4b353d8cc960c9362b97ec99d9780a5031a48e559fdf7fc151c9f43
5c60fc3dbbef7119fad38eeac0192e7dca01c7e5ecd7dc9d1ce8e136809c50af
5d87214af029d6b7eb099c8f9e94c97c8bfe064fa561844749ee3efab78cc5a9
5dc96422b6edd26534d13a1ac4be9a5b91e075748d9a48619eeb4b8d5df580f3
5f8f69ec521f7998af455985a8ede6d8dcf3527b43795fe3d26f1f1b57a5a554
5feebbbfd071e81df63c1182b125b0f65d65bd0070dd33855b91b004a212a44b
611b28ce74fad1789e98c2a1e6d26aabe316ee0ecdab315ff4b0707c9a4f893f
6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b
62a0bc9c6b3a6de80215fd42b2a4e03b87225ea3ac521fb32c623e13c5be0ae8
63ce8a51efee6ab6775b8b30b8f198f418a66f14ac7f752ceec6f3f9d8bc359e
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
66fe074261b49c6215ea03580483cb3937347e68e1eb2fd9d9f088d4daf31883
6a5cd2f24106411506bf61f061a11d85328dad36c7c628ec1f9b00dffcfdb4be
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6afbfa79e861f9bf86b47168cf84414a18de2dbf7052b1d7b5aaea1c321302d7
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c5c6c3f7c2d60983f761b6f2e0e64e83d3fd4d974759ad1c62dd3cfa20d380d
6c74da117fba1d0129407532920d62611afc70677198b0916c4a88ec77bb954b
6d547266cf42e22e21fe94c97f9b82622b0c6891662ef3dbe202ffc174b8be1b
6dad143b545c409589079184c5458f1933645f61d8c788f799879f3181d7b2d8
6f597a8935f725a3efe74c2d8eabeed4425ab80b5ac46b49b66fe63726fdb987
6fc367483fbcfdcfa431eadf7480b963cd409423b1a70f237f85a19eb158d434
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
719b626fbf8729ff6ddbfa61061324229bcaf9452a3339c3e1e77d032a4b6671
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
78aee0c2d476350567e4eea2d0457e04462c5b246562a1adb3ca4b7297461512
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a8c0a1ec472ba44f5dda890e32fbf12ec12b59e5af784dca8adee90f5400dbd
7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7f5bbef692ca510a3745a40d7c13f644ced94e022c73b326c10fa5e9a2b76aff
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85ad10df28ecebe2639fae67915a3517d38ea52851ebb2d891948de480208a52
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c
8792afee473b1b3b939be6765e2c99cb52bb74a549d13e27c80ea1eafb692dc3
89580ca574de255e8a0658819787c30057bcf68d2c3d10593e4bfdb2b189e38f
896bb1f91a1157af27f43fb671666c0ffe66fe82bc6e2fa29ab25694ce986ceb
8a1b761b14693a18b6b91ff12f3133bdb4f17b03c147ccd65ef226ef682afcce
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8dc2a93e9294201b588b81b4b467ab7a23eb679b703cc522752b69a19743da55
8df7d21c96fac7c52fcd1a3a38abd27ebcacda1f2001552d0fd33801708df1d8
8ed03804b1943c3c59e7f9f82bb193b896317514af590639f1d43fa63d7d7553
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
903ba888bb6064c80398e51b5474fe5263d9036e0767ba36f0fafaa1a5fa61e5
91bb9babf9b922d9670efbad516ad7b026cc8bf763e1b5aaccb2e58c451e060a
922258a74ca2d3cb9b7b7edee041e9b723a4676ef2198c136668066cf0b726bb
9416990aac785337e7029ff36f8087438ae4110bc8872b23732b41b326ba8b66
94ebeacfbab6ea6e93345f504a2d91b152f9587ed8f9e04da8dc1a8ef3fe9b95
9574f766075425bf32f5da6f8681b14a7f0ffec733f73bc65b81fed9e28bcba2
978f00c9ea000638f7e8045bb93f0d04053349c5806acef19bf916d4102412fa
982231f7830f7b07b50df253c19844b81f1d41af7bbd7b0274cb2b34f37fc737
98d12b9ba526602dd9e030bb42dca8116bbd96d413b266f9612a3ea358cc7b1f
990fda61c1303a87f6317b47fef824552d611209f0537bd4faaa9648d3de1363
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b80d81bcdcba7b6f787cad8c103d520eb4b68ce9299abd52195c99f6c100900
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
9e13d94d564f3b6d420fbf4a863b273917852e9667780c0fda46743d7e3cf177
9e8abc90b695e141497f695d581cece4def4ac1b7e096b34656483d04330b6e4
9f66a8bf35477c237ece6bc9018a59bdee18cfd50755fcc2fc7b9aad9daa020e
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a660e8fed971bfee88d4330609c270eee029663f4941b21f2969d0dddcd953d0
a6bf7f10a17ce06a7307d1a9db9170035ade7bca3d6931507561c34585a8696f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d4139a86f5c5467ae6cb400f0ae7b95995f6ed3da681d17ce1cf8fdc6a0ca1
a8f006a275f7d4c59134aea69ee2ea2f1c4884e0a617b6f836d4cd50a1d944f7
aad7b6285ccfdaae0561254b9542a687fdd92b5feb035632bf44082347738891
abf7cccc17c1191c2be8827178005b218abec637f14eb9ee4c1ec5e4299acb6c
adccb209f2d056d82971427202ed93cd28ae03931619f1129e967ec058869b01
ae482924e9dc6bc4994990150f0d018c6da2aedc81bdb9b467a9e0baf1133e37
ae6349b7ffcc89a763b936e130d1af24142fe04feec19c2ca8935a82df2fb3d5
b139c83887b3f327152b436c171ff8dd9efafdf3b37cb8c81b2b402e4aacb3b6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b33c2a1a8af3dd9444c2ee084596d105caa30283325f653692f2b1e498ce99e6
b365f9b216aaa185d338b3d83f9c7ceda2fe7d56564a5efc047e98505a0f0048
b3dca6992b4f8770bc3dba5f82f6325a82d2adabf685da88d950f6fe87b16716
b3e809f009aecfc273974d59fc675eeadd49eaf726f967d28953373e6f07abf8
b563c8b0d1aba5211f9cefeca8ffbd7ea7570fe86369d9ab9c9a5eb1ce26de5a
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf
b8263731dc9f4c729f0e5ae7d3ea0b5040618bbbab11623670a4ea6ee57dc021
b8729542b8524ec597e9f8c04663363bc8ffe91712a7d4386d6f8015173cbcb0
b95712d483518fe6ed60d00dd48bb65392135f90b7197b510787fe8c1befb889
b9e0566efe009fd4fa2bb62647532bd51249326a792a47ddbaf94c7cf5550d5a
bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88
bdb4a75eabcd7cca59fe6a9d106d267a4ebd18b5f40ef05c5c3f69f9b25c48de
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
be9109112c49041568ad8154e8d1c00e2bcd17fb1ba63f7310fb419fb617dd32
be98bdf0e84591deda4699412633ffb0c3dd582d758ccd3fae88983d958ece22
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bfac38d0f2e125ddcdbc55aee747a4fc84a0d671c3984815f2c37878c0f54e73
c062dddc453b3e09ad7ddd230d0ba85be0ae9db327698abe1689478b212528cd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2f04adaac20ac1ee1185b9505879f85e33cf17550acde61dddaf2569bda6614
c4151b484ac51e68c1582eefdedb3071e791de1b0fe5bdd9cc77501133a8b14a
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c81774c8e8faf90432d6a108dd80f71cb1d3a58a7f6f7abeb863e589cc27a2b1
c976872ea724a2528135606141174cadb04180b5e6643ef2fae011a3876dbbf9
cae4ac0c98a716f2693759830797c683a3257272cd1b88617953928c1f75c740
cb0629b810643064d3bda7c1746175c4505c1b82d27d46e4c9f1a0a842e56d26
cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb
cbfcc0ee832db2027c315073370060a6e54b854d536351108b401c605f44cbbb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff7205c58418050635f4d8b08a131b1d4db8c90cbb11b7dfe68d25b66e413f0
d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03
d3e9515bc54110b70de9ee4a3750c758af01a58c4c1b2e9b220ffc1aed42a614
d6c34bec8adcc339a4500311fc706cd6845a1c88c093a8d3a407f2e766741356
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
daad06279f649dfa5488172a30d91096116e14a154648993512d8ea587e43639
db69830237fe091b27e19bac98efce09c799334fef1a679829121900a773f7bc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de3ed9a3208501d34f05f048fc420e1eb2370327374f965bb0ad00295de876da
df8736effd13f92c1d341a2a0bc5a32029ace6112b05bfea2bceb94207dee776
e04266cfe34016c06d30cc0d3df09b5e310c2539b52cf254f98cc8f905dedf5c
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e30c0e7b8ee5951abd2663cca6a2e3fbd79953cc0d311d87509d1d1976506654
e341be23dbcd93f8641dd04cd2b04474c03b5b33383043f44e06b0f330bb7648
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c9ddcfc95f4d0252b90e684c59ed3668608391a60d9d4a69bf549232a1ed6d
eb211d0226a467ca840580e1ae6f97a1b5c68b6afc1f0dfbd868c8f0586ee22f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f3bd5bae3a930ae9116e1a1bca5998ea58d6875f2efc3278348eeab627fb8d01
f46867ffd552b3aaf3581b9a6e068fb1d1134605fad12a6aed779b567fbf1928
f6cc094df7c0931c609dc9fbb03450ab7cc811fb222d6b110949827a3f84a09a
f7553a57450bb94eda9cf2ee1138a0ff3bbfe599b0c2510312a9130b54088575
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
f9a1dea99a829af064cceffabb7fe6fd63ee0328e904c0a5a25c893c2bac2fe4
fa9596229044fd9c305af8360aa8181bdaa2d2c212c2ce5e9bd99753597009f7
fc8d8b9759034f20168f51c516debfb99e0687101073f87faca73b18747eafe7
fd99fd66d7985e2f5c9581a1194b957e381c111477397f06ffb25e0c80e7f49e

extra.com.co Open in urlscan Pro 92.204.132.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

433 Requests

61 %HTTPS

25 %IPv6

60 Domains

93 Subdomains

64 IPs

11 Countries

18957 kBTransfer

24019 kBSize

78 Cookies

10 Outgoing links

Redirected requests

433 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

extra.com.co Open in urlscan Pro
92.204.132.34 Public Scan

Screenshot
Live screenshot

Full Image

433
Requests

61 %
HTTPS

25 %
IPv6

60
Domains

93
Subdomains

64
IPs

11
Countries

18957 kB
Transfer

24019 kB
Size

78
Cookies

433 HTTP transactions
10 data transactions