heraldicadman.webcindario.com Open in urlscan Pro
5.57.226.202 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://heraldicadman.webcindario.com/
Submission: On September 24 via manual (September 24th 2021, 10:22:58 pm UTC) from US — Scanned from DE

Summary HTTP 76 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 26 domains to perform 76 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks, ES. The main domain is heraldicadman.webcindario.com.

This is the only time heraldicadman.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	5.57.226.202 5.57.226.202	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks)
2	46.105.123.17 46.105.123.17	16276 (OVH) (OVH)
2 4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2 2	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
2	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::ac43:bb46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:224... 2600:9000:2240:6c00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.121.61 13.32.121.61	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	2600:9000:223... 2600:9000:223c:3e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	212.92.55.8 212.92.55.8	24592 (NEXICA-AS) (NEXICA-AS)
11	51.89.99.150 51.89.99.150	16276 (OVH) (OVH)
1	18.221.39.26 18.221.39.26	16509 (AMAZON-02) (AMAZON-02)
2	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
2	168.119.79.223 168.119.79.223	24940 (HETZNER-AS) (HETZNER-AS)
2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1	3.133.29.88 3.133.29.88	16509 (AMAZON-02) (AMAZON-02)
76	26

19 5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)

heraldicadman.webcindario.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.123.17 (Par, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns384463.ip-46-105-123.eu

www.contadorgratis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.21 (United States) 2 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:bb46 (United States)

ASN13335 (CLOUDFLARENET, US)

hosting.miarroba.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:6c00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-61.fra60.r.cloudfront.net

cdnaws.mobidea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

des.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

img.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:3e00:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.92.55.8 (Vilanova de la Roca, Spain)

ASN24592 (NEXICA-AS, ES)
PTR: unamed.nexica.net

play.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 51.89.99.150 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3163893.ip-51-89-99.eu

static.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
services.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.221.39.26 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-221-39-26.us-east-2.compute.amazonaws.com

servingcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.242.197 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.133.29.88 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-133-29-88.us-east-2.compute.amazonaws.com

jnxm2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	webcindario.com heraldicadman.webcindario.com	634 KB
11	sunmedia.tv static.sunmedia.tv services.sunmedia.tv track.sunmedia.tv	202 KB
8	blogspot.com 3.bp.blogspot.com 2.bp.blogspot.com 1.bp.blogspot.com	9 KB
6	google.com 2 redirects www.google.com cse.google.com	1 KB
4	tapad.com pandg.tapad.com pixel.tapad.com	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	spotxchange.com sync.search.spotxchange.com	722 B
2	richaudience.com sync.richaudience.com	2 KB
2	pghub.io pghub.io	4 KB
2	google.de www.google.de	629 B
2	doubleclick.net stats.g.doubleclick.net	542 B
2	quantcount.com 1 redirects rules.quantcount.com	881 B
2	sunmediaads.com img.sunmediaads.com play.sunmediaads.com	114 KB
2	miarroba.info hosting.miarroba.info	2 KB
2	paypalobjects.com www.paypalobjects.com	2 KB
2	paypal.com 2 redirects www.paypal.com	1 KB
2	contadorgratis.com www.contadorgratis.com	3 KB
1	jnxm2.com jnxm2.com	19 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	servingcdn.net servingcdn.net	32 KB
1	smartclip.net des.smartclip.net	508 B
1	quantserve.com secure.quantserve.com	9 KB
1	mobidea.com cdnaws.mobidea.com	2 KB
1	googletagmanager.com www.googletagmanager.com	51 KB
1	consensu.org quantcast.mgr.consensu.org	324 B
76	26

	Domain	Requested by
19	heraldicadman.webcindario.com	heraldicadman.webcindario.com
8	static.sunmedia.tv	heraldicadman.webcindario.com static.sunmedia.tv
4	3.bp.blogspot.com	heraldicadman.webcindario.com
4	www.google.com	2 redirects heraldicadman.webcindario.com
3	match.adsrvr.org	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	1.bp.blogspot.com	heraldicadman.webcindario.com
2	pixel.tapad.com	pandg.tapad.com
2	pandg.tapad.com	pghub.io
2	sync.search.spotxchange.com
2	track.sunmedia.tv
2	sync.richaudience.com	heraldicadman.webcindario.com
2	pghub.io	heraldicadman.webcindario.com
2	www.google.de	heraldicadman.webcindario.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	rules.quantcount.com	1 redirects heraldicadman.webcindario.com
2	hosting.miarroba.info	heraldicadman.webcindario.com
2	www.paypalobjects.com	heraldicadman.webcindario.com
2	www.paypal.com	2 redirects
2	cse.google.com	heraldicadman.webcindario.com
2	www.contadorgratis.com	heraldicadman.webcindario.com
1	jnxm2.com	servingcdn.net
1	cdnjs.cloudflare.com	servingcdn.net
1	services.sunmedia.tv	static.sunmedia.tv
1	servingcdn.net	img.sunmediaads.com
1	play.sunmediaads.com	img.sunmediaads.com
1	img.sunmediaads.com	heraldicadman.webcindario.com
1	des.smartclip.net	heraldicadman.webcindario.com
1	secure.quantserve.com	www.googletagmanager.com
1	cdnaws.mobidea.com	heraldicadman.webcindario.com
1	www.googletagmanager.com	heraldicadman.webcindario.com
1	quantcast.mgr.consensu.org	heraldicadman.webcindario.com
1	2.bp.blogspot.com	heraldicadman.webcindario.com
76	33

This site contains links to these domains. Also see Links.

Domain
www.contadorgratis.com
www.blogger.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-07-08` - `2022-01-11`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
mobidea.com Amazon	`2021-05-21` - `2022-06-19`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
leadzuin.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.sunmedia.tv Sectigo ECC Domain Validation Secure Server CA	`2021-01-13` - `2022-02-13`	a year	crt.sh
servingcdn.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-11-06`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2021-02-09` - `2022-02-16`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
jnxm2.com Amazon	`2021-05-26` - `2022-06-24`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://heraldicadman.webcindario.com/
Frame ID: D327A480B34773A4AA9B49C84E5740E4
Requests: 70 HTTP requests in this frame

Frame: http://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: 5E2A47F89D8BA952C3B25B1563A6CB58
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fheraldicadman.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D
Frame ID: F2A59B7771C2353E2BF7007D32827782
Requests: 2 HTTP requests in this frame

Frame: https://jnxm2.com/vd?ref=http%3A%2F%2Fheraldicadman.webcindario.com
Frame ID: A09F1B539053E5CE62EC1A545FE7DE59
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fheraldicadman.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Business%22%7D
Frame ID: 5B81DE2200F9909E0A006A4F38F92EAE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+_s-xclick
paypalobjects\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

76
Requests

57 %
HTTPS

43 %
IPv6

26
Domains

33
Subdomains

26
IPs

6
Countries

1117 kB
Transfer

1658 kB
Size

15
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.contadorgratis.com/

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blogger.g?blogID=XXXXXXXXXXXXXXXXXXX

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Manjarres-en-el-mundo/207663354090

Search URL Search Domain Scan URL

URL: https://twitter.com/goliatdma

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://www.google.com/cse/tools/onthefly?form=searchbox_demo&lang= HTTP 301
https://cse.google.com/cse/tools/onthefly?form=searchbox_demo&lang=

Request Chain 5

https://www.paypal.com/es_ES/ES/i/btn/btn_donateCC_LG.gif HTTP 301
https://www.paypalobjects.com/es_ES/ES/i/btn/btn_donateCC_LG.gif

Request Chain 6

https://www.paypal.com/es_ES/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/es_ES/i/scr/pixel.gif

Request Chain 28

http://cdnaws.mobidea.com/ads/popunder.js HTTP 307
https://cdnaws.mobidea.com/ads/popunder.js

Request Chain 30

http://www.google.com/cse/tools/onthefly?form=searchbox_demo&lang= HTTP 301
https://cse.google.com/cse/tools/onthefly?form=searchbox_demo&lang=

Request Chain 41

http://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js HTTP 301
https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js

Request Chain 64

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b5bc9c58-0033-48b4-b368-eb8ee15561cb&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b

Request Chain 74

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b5bc9c58-0033-48b4-b368-eb8ee15561cb&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
heraldicadman.webcindario.com/ 23 KB
8 KB 122ms
67ms Document
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: b562995cad29e2e8dea83de4e7b6d0a2113774c5398597ae5b583c0e5e9af446

Request headers

Host: heraldicadman.webcindario.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Fri, 24 Sep 2021 22:22:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120
Vary: Accept-Encoding
Set-Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1; Domain=.webcindario.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:11 GMT; HttpOnly
X-Powered-By: Webcindario Hosting Service
Content-Encoding: gzip

GET
H/1.1 200
OK 5270558dospalmas.gif
heraldicadman.webcindario.com/images/ 287 KB
287 KB 81ms
80ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/5270558dospalmas.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: ebbcdf5c1ec738c215aabf3e5b3525eb02ad43e684eb0de16856771989cc478e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
ETag: "5112adb6-47a73"
Last-Modified: Wed, 06 Feb 2013 19:23:34 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 293491

GET
H/1.1 200
OK ljkhiugti.jpg
heraldicadman.webcindario.com/images/ 14 KB
14 KB 105ms
98ms Image
image/jpeg 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/ljkhiugti.jpg
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: dc2fda0e1cfd46a8636dee819034511108e785ff5e83e0c41fe0c90d8d092ca0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
ETag: "5112aecc-3653"
Last-Modified: Wed, 06 Feb 2013 19:28:12 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 13907

GET
H/1.1 200
OK pergamino_1bb.gif
heraldicadman.webcindario.com/images/ 174 KB
175 KB 101ms
92ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/pergamino_1bb.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 37437bbb949363808c1fcd2dd67b3cc1f076344224d921e66fa2a4de0aecbed6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
ETag: "5112af09-2b9b2"
Last-Modified: Wed, 06 Feb 2013 19:29:13 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 178610

GET
H/1.1 200
OK hit.js Show response
www.contadorgratis.com/ 449 B
765 B 92ms
24ms Script
application/javascript 46.105.123.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.contadorgratis.com/hit.js
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 46.105.123.17 Par, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns384463.ip-46-105-123.eu
Software: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: ba6b1e26803471a583c0e2c60d8bb8f31fd983735a77a1c65199c4a089186dc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
Last-Modified: Wed, 05 Jul 2017 12:05:44 GMT
Server: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag: "1c1-55390d1cfb600"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 449

GET
H2

404

onthefly
cse.google.com/cse/tools/
Redirect Chain

http://www.google.com/cse/tools/onthefly?form=searchbox_demo&lang=
https://cse.google.com/cse/tools/onthefly?form=searchbox_demo&lang=

0
0

119ms
53ms

Script
text/html

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cse.google.com/cse/tools/onthefly?form=searchbox_demo&lang=
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Type: text/html; charset=UTF-8
Location: https://cse.google.com/cse/tools/onthefly?form=searchbox_demo&lang=
Cache-Control: public, max-age=1800
Content-Length: 268
X-XSS-Protection: 0
Expires: Fri, 24 Sep 2021 22:52:53 GMT

GET
H2

200

btn_donateCC_LG.gif
www.paypalobjects.com/es_ES/ES/i/btn/
Redirect Chain

https://www.paypal.com/es_ES/ES/i/btn/btn_donateCC_LG.gif
https://www.paypalobjects.com/es_ES/ES/i/btn/btn_donateCC_LG.gif

2 KB
2 KB

149ms
23ms

Image
image/webp

104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/es_ES/ES/i/btn/btn_donateCC_LG.gif

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

6bc7e0a933caf1cb1a15d5176190f825d9aae56d20bf9d1e89c80584335588a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:54 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 691
etag: "DwYiN+FG28YGvMdWXbkur7I+4YtphnQ1LfxEJbZBzEY"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Mon, 06 Sep 2021 07:26:08 GMT
content-length: 1582
server: Akamai Image Manager
expires: Sat, 25 Sep 2021 10:22:54 GMT

Redirect headers

date: Fri, 24 Sep 2021 22:22:53 GMT
via: 1.1 varnish
x-timer: S1632522174.846006,VS0,VE140
x-served-by: cache-hhn4020-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
location: https://www.paypalobjects.com/es_ES/ES/i/btn/btn_donateCC_LG.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f6074804df443
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel.gif
www.paypalobjects.com/es_ES/i/scr/
Redirect Chain

https://www.paypal.com/es_ES/i/scr/pixel.gif
https://www.paypalobjects.com/es_ES/i/scr/pixel.gif

42 B
320 B

144ms
23ms

Image
image/gif

104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/es_ES/i/scr/pixel.gif

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:54 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 1545
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-transform, max-age=43200
last-modified: Wed, 04 Aug 2021 03:38:14 GMT
content-length: 42
server: Akamai Image Manager
expires: Sat, 25 Sep 2021 10:22:54 GMT

Redirect headers

date: Fri, 24 Sep 2021 22:22:53 GMT
via: 1.1 varnish
x-timer: S1632522174.846102,VS0,VE152
x-served-by: cache-hhn4020-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
location: https://www.paypalobjects.com/es_ES/i/scr/pixel.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f60748032fa18
accept-ranges: bytes
dc: phx-origin-www-2.paypal.com
content-length: 0
x-cache-hits: 0

GET
H/1.1 200
OK nav91714230i.gif
heraldicadman.webcindario.com/images/ 1 KB
2 KB 108ms
100ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/nav91714230i.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 4fa2966874ce940b1dd2847859465702fb020427af529f7bc7582946e11330fc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
ETag: "5112aed1-575"
Last-Modified: Wed, 06 Feb 2013 19:28:17 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 1397

GET
H/1.1 200
OK historia5.gif
heraldicadman.webcindario.com/images/ 3 KB
3 KB 88ms
80ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/historia5.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: abf316d951b5b7dfdc8a7c83cfe274683e71ab2d410e950d5468e2efc8c1b8b8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
ETag: "5112aeaf-b40"
Last-Modified: Wed, 06 Feb 2013 19:27:43 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 2880

GET
H/1.1 200
OK INDEX.gif
heraldicadman.webcindario.com/images/ 92 KB
93 KB 58ms
55ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/INDEX.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 35b3e39a7821048ff6d74b90b20b3e1a068d1c01b6dd10d5066877fac384a075

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
ETag: "5112aebf-1719b"
Last-Modified: Wed, 06 Feb 2013 19:27:59 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 94619

GET
H/1.1 200
OK nav1783937570i.gif
heraldicadman.webcindario.com/images/ 1 KB
2 KB 81ms
78ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/nav1783937570i.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: c30edc95cbecbadb3d9ec6168a44ee1183147887fdd792102c3bbc9966c3bac3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
ETag: "5112aed4-585"
Last-Modified: Wed, 06 Feb 2013 19:28:20 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 1413

GET
H/1.1 200
OK nav1783993730i.gif
heraldicadman.webcindario.com/images/ 1 KB
2 KB 49ms
48ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/nav1783993730i.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 6cd8b69cc6c7eb56c0a336bc9b09fb51371720f03e0073cacb307efaf4bb71e7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
ETag: "5112aed5-5d7"
Last-Modified: Wed, 06 Feb 2013 19:28:21 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 1495

GET
H/1.1 200
OK nav1784045370i.gif
heraldicadman.webcindario.com/images/ 1 KB
2 KB 59ms
59ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/nav1784045370i.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 4f3158a86bb740985db1d4897b6055ab3b2c71210c633ee067b716ef3b73dba1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
ETag: "5112aed6-550"
Last-Modified: Wed, 06 Feb 2013 19:28:22 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 1360

GET
H/1.1 200
OK nav1784089050i.gif
heraldicadman.webcindario.com/images/ 1 KB
2 KB 81ms
80ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/nav1784089050i.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 8c17cb88ae6fe2d188c24a3eb91ab522cb941a805f7dbab1398a7519b831045d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
ETag: "5112aed7-54b"
Last-Modified: Wed, 06 Feb 2013 19:28:23 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 1355

GET
H/1.1 200
OK manjarres.gif
heraldicadman.webcindario.com/images/ 10 KB
10 KB 46ms
45ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/manjarres.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 23ac9f7ca3d79cbc4ca80735ebdd5cf8a1a68704c445324500ed6322eb987497

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
ETag: "5112aecd-265c"
Last-Modified: Wed, 06 Feb 2013 19:28:13 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 9820

GET
H/1.1 200
OK China.png
3.bp.blogspot.com/-YjvtzeavWoE/UvqWE0IhNXI/AAAAAAAALQE/OkopUueha9s/s1600/ 856 B
1 KB 40ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-YjvtzeavWoE/UvqWE0IhNXI/AAAAAAAALQE/OkopUueha9s/s1600/China.png

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

49ed0768eb1809435abbab4674a04021905796c20ac727d5b009651af90591c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 20:01:17 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 8496
ETag: "v2d04"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="China.png"
Timing-Allow-Origin: *
Content-Length: 856
X-XSS-Protection: 0
Expires: Sat, 04 Sep 2021 08:19:17 GMT

GET
H/1.1 200
OK France.png
3.bp.blogspot.com/-mhqyv4teiYw/UvqWE18tALI/AAAAAAAALQI/6Nx5YRALk6s/s1600/ 704 B
1 KB 53ms
22ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-mhqyv4teiYw/UvqWE18tALI/AAAAAAAALQI/6Nx5YRALk6s/s1600/France.png

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2b73da936208b13624b9dfe5d43eaaebdc8167dde4168b43d92e69d4dcbed792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 19:52:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 9001
ETag: "v2d05"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="France.png"
Timing-Allow-Origin: *
Content-Length: 704
X-XSS-Protection: 0
Expires: Thu, 16 Sep 2021 08:43:08 GMT

GET
H/1.1 200
OK Germany.png
2.bp.blogspot.com/-A0UatfV6RQQ/UvqWHz55_FI/AAAAAAAALRE/DWo9jk1PZaM/s1600/ 660 B
1 KB 64ms
34ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-A0UatfV6RQQ/UvqWHz55_FI/AAAAAAAALRE/DWo9jk1PZaM/s1600/Germany.png

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

293f728a766424027b7dbd72053823860540d52209b07fd376c4c015a4fbdd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v2d12"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Germany.png"
Timing-Allow-Origin: *
Content-Length: 660
X-XSS-Protection: 0
Expires: Wed, 08 Sep 2021 01:28:37 GMT

GET
H/1.1 200
OK Japan.png
3.bp.blogspot.com/-CLbJyeiBA4A/UvqWFiv9kwI/AAAAAAAALQc/l0oUvuU31Xg/s1600/ 776 B
1 KB 18ms
17ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-CLbJyeiBA4A/UvqWFiv9kwI/AAAAAAAALQc/l0oUvuU31Xg/s1600/Japan.png

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3215a8b39afd6ac0489ffd6b9b14b162b785f7c502721fbdabbc8f465b0f5de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 19:57:13 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 8740
ETag: "v2d0a"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Japan.png"
Timing-Allow-Origin: *
Content-Length: 776
X-XSS-Protection: 0
Expires: Tue, 07 Sep 2021 15:06:32 GMT

GET
H/1.1 200
OK United+States+of+America+(USA).png
1.bp.blogspot.com/-BbII8VzM4pA/UvqWG90GbCI/AAAAAAAALQ0/oxzXq1pwDuQ/s1600/ 460 B
937 B 28ms
20ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-BbII8VzM4pA/UvqWG90GbCI/AAAAAAAALQ0/oxzXq1pwDuQ/s1600/United+States+of+America+(USA).png

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b940c234fb39d942dde89446bd7c7be1fd18c22b9c64fc619db885c9ec81cab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v2d10"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="United States of America (USA).png"
Timing-Allow-Origin: *
Content-Length: 460
X-XSS-Protection: 0
Expires: Wed, 08 Sep 2021 01:28:47 GMT

GET
H/1.1 200
OK Russian+Federation.png
1.bp.blogspot.com/-mfIWKpNEvq8/UvqWGfwnJRI/AAAAAAAALQk/fXazsywCPQc/s1600/ 549 B
1014 B 40ms
34ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-mfIWKpNEvq8/UvqWGfwnJRI/AAAAAAAALQk/fXazsywCPQc/s1600/Russian+Federation.png

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2dd358c8a012b37ecc3ce739e982af9178b81623b529943f4ebd388ebcfc3dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v2d0c"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Russian Federation.png"
Timing-Allow-Origin: *
Content-Length: 549
X-XSS-Protection: 0
Expires: Wed, 08 Sep 2021 01:43:27 GMT

GET
H/1.1 200
OK Brasil.png
1.bp.blogspot.com/-xf8aRN_y0pQ/UvqWEz9jvkI/AAAAAAAALQM/l_udrbGPscY/s1600/ 548 B
1001 B 41ms
34ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-xf8aRN_y0pQ/UvqWEz9jvkI/AAAAAAAALQM/l_udrbGPscY/s1600/Brasil.png

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6c9505553c12b114a8e550d13b4263cc1125005681c5e5651e12227191132c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v2d06"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Brasil.png"
Timing-Allow-Origin: *
Content-Length: 548
X-XSS-Protection: 0
Expires: Thu, 16 Sep 2021 08:57:06 GMT

GET
H/1.1 200
OK Italy.png
3.bp.blogspot.com/-9Pr_LfbQ5rI/UvqWFlP6vwI/AAAAAAAALQg/841k0sOwojE/s1600/ 713 B
1 KB 29ms
29ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-9Pr_LfbQ5rI/UvqWFlP6vwI/AAAAAAAALQg/841k0sOwojE/s1600/Italy.png

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fed4540eb4300272e0729d364c5284c4beaa028ac92b3199ba4907340138ceb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v2d0b"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Italy.png"
Timing-Allow-Origin: *
Content-Length: 713
X-XSS-Protection: 0
Expires: Sat, 18 Sep 2021 09:23:51 GMT

GET
H/1.1 200
OK boton_facebook.jpg
heraldicadman.webcindario.com/images/ 25 KB
25 KB 47ms
46ms Image
image/jpeg 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/boton_facebook.jpg
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: dd0f389f63ff0ef7b624c01fa80375d6952f461a9bbd3d6c0d8a284ef9fce5e0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
ETag: "556a2102-6477"
Last-Modified: Sat, 30 May 2015 20:43:46 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 25719

GET
H/1.1 200
OK sigueme-twitter-animacion.png
heraldicadman.webcindario.com/images/ 3 KB
4 KB 44ms
44ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/sigueme-twitter-animacion.png
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 69ca393559d846a3607ce61f57aa113a1dd3b77a8dc36a023b34557232efdf72

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
ETag: "556a2115-deb"
Last-Modified: Sat, 30 May 2015 20:44:05 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 3563

GET
H2 200 / Show response
hosting.miarroba.info/ 1 KB
1 KB 198ms
151ms Script
application/javascript 2606:4700:3037::ac43:bb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=498917178a527b7687c4c8bc5f58ea9231c48db1&h=971454&t=1632522173&k=921d04d86b6e09d2baeb140c3772d9c9
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75b5ac62a377116258d13cf7aa299b6546210590b0b25ca07506da4afee761cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 24 Sep 2021 22:22:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiAb27MN1o0xvSAlNZjje9Dj3lbFESoujnj%2FJphCmTPiuj%2Fe3xnvB38f6CPUkjAmrCeRIsRhXCj1FAtvIM%2BgHO5aRTPG3YnYcyyN0PVtDU5N%2BTbIMU4YWaS6GlPK8MQKnL0jWAw8bGrwgAks4Y7crwjWMA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=iso-8859-1
cache-control: no-cache
cf-ray: 693f6a0229e82c32-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 choice.js Show response
quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/heraldicadman.webcindario.com/ 0
324 B 453ms
394ms Script
text/plain 2600:9000:2240:6c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/heraldicadman.webcindario.com/choice.js
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:54 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA60-P1
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Error from cloudfront
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: VJIF6u9zUJTt6I-ekgU4I9RPUOKizPjZF-8vHI8w504p4nDvxmvxog==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
51 KB 47ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70cdfa67620374166700afe06c4bbf5eec82301af5041d195e94ef9300c9af00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52104
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Sep 2021 22:22:53 GMT

GET
H/1.1

200
OK

popunder.js Show response
cdnaws.mobidea.com/ads/
Redirect Chain

http://cdnaws.mobidea.com/ads/popunder.js
https://cdnaws.mobidea.com/ads/popunder.js

3 KB
2 KB

87ms
8ms

Script
application/javascript

13.32.121.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnaws.mobidea.com/ads/popunder.js
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4822bc63c222cc64b36530ebdec58ce79a0107f3582e619d737b978813b18ee7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 06:10:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Jun 2019 13:08:52 GMT
Server: AmazonS3
Age: 58336
ETag: W/"4ccc953be748e92bf7fa08ab870dd50f"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P1
X-Amz-Cf-Id: XIsCrXEzdV6FiQSNxaGNTOLA2SAVw00UIv9ovY09oS_ga0dtiWkA0Q==

Redirect headers

Location: https://cdnaws.mobidea.com/ads/popunder.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK count.php
www.contadorgratis.com/ 2 KB
2 KB 46ms
45ms Image
image/png 46.105.123.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.contadorgratis.com/count.php?page=c07d7161b1705e3de5d9a602750aee2e&digit=chevy&refer=&temp=158228881
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 46.105.123.17 Par, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns384463.ip-46-105-123.eu
Software: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips / PHP/5.6.37
Resource Hash: 9117d92ac1ab51cc0a876e24648245d93f2a0744475919dd3222363e34588bbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
Server: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
Connection: Keep-Alive
X-Powered-By: PHP/5.6.37
Transfer-Encoding: chunked
Keep-Alive: timeout=5, max=99
Content-Type: image/png

GET
H2

404

onthefly
cse.google.com/cse/tools/
Redirect Chain

http://www.google.com/cse/tools/onthefly?form=searchbox_demo&lang=
https://cse.google.com/cse/tools/onthefly?form=searchbox_demo&lang=

0
0

18ms
17ms

Script
text/html

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cse.google.com/cse/tools/onthefly?form=searchbox_demo&lang=
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Date: Fri, 24 Sep 2021 22:22:53 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 0
Content-Type: text/html; charset=UTF-8
Location: https://cse.google.com/cse/tools/onthefly?form=searchbox_demo&lang=
Cache-Control: public, max-age=1800
Content-Length: 268
X-XSS-Protection: 0
Expires: Fri, 24 Sep 2021 22:52:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5454
date: Fri, 24 Sep 2021 20:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 24 Sep 2021 22:52:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 51ms
8ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c9d50edae9ab89f8373214510b01eb50f60e16bd5e71328173962c0e13b31c07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:54 GMT
content-encoding: gzip
etag: "dfAcRt65NMPvqdNgsZZi3w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 01 Oct 2021 22:22:54 GMT

GET
H/1.1 200
OK nav91714230a.gif
heraldicadman.webcindario.com/images/ 1 KB
2 KB 49ms
49ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/nav91714230a.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 20ee44328a15223511959e86d10fa069bcaca3cbc52669e2c5f5f532c7a8701d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:54 GMT
ETag: "5112aed0-51d"
Last-Modified: Wed, 06 Feb 2013 19:28:16 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 1309

GET
H/1.1 200
OK nav1783937570a.gif
heraldicadman.webcindario.com/images/ 1 KB
2 KB 49ms
49ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/nav1783937570a.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: fc138d182a42b5b97ff609dbf6ada2774f59edc52812a34d44569203fc2819e9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:54 GMT
ETag: "5112aed4-535"
Last-Modified: Wed, 06 Feb 2013 19:28:20 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 1333

GET
H/1.1 200
OK nav1783993730a.gif
heraldicadman.webcindario.com/images/ 1 KB
2 KB 48ms
47ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/nav1783993730a.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 8ecc0a1902a8f74a2e5d7e20cb3793f25ec0f9140eda4567fc63577db3536c66

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:54 GMT
ETag: "5112aed5-585"
Last-Modified: Wed, 06 Feb 2013 19:28:21 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 1413

GET
H/1.1 200
OK nav1784045370a.gif
heraldicadman.webcindario.com/images/ 1 KB
2 KB 155ms
154ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/nav1784045370a.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 84003f06ed457e379b2e252aa3027f40b7e15606955f53b2071c4caaa9d81b39

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:54 GMT
ETag: "5112aed6-51b"
Last-Modified: Wed, 06 Feb 2013 19:28:22 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 1307

GET
H/1.1 200
OK nav1784089050a.gif
heraldicadman.webcindario.com/images/ 1 KB
2 KB 160ms
159ms Image
image/gif 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heraldicadman.webcindario.com/images/nav1784089050a.gif
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 51acfcbf52866d19b626abacc2a6e4642068749e7d57e7f3ac939c62b7a3bbff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: heraldicadman.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://heraldicadman.webcindario.com/
Cookie: __muid=498917178a527b7687c4c8bc5f58ea9231c48db1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:54 GMT
ETag: "5112aed6-504"
Last-Modified: Wed, 06 Feb 2013 19:28:22 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 1284

GET
H/1.1 200 ads Show response
des.smartclip.net/ 20 B
508 B 33ms
9ms Script
application/javascript 35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=498917178a527b7687c4c8bc5f58ea9231c48db1&sz=400x320&rnd=2914046
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: nginx/1.17.6 /
Resource Hash: 7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:22:54 GMT
Content-Encoding: gzip
Sc-Supply-Network: 999999
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Via: 1.1 google
Sc-Uuid: 1ab0fa01-a7d7-404d-b1a7-5c21c8a5eee5
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Sc-Device-Type: PC
Server: nginx/1.17.6

GET
H2 200 lz_loader.js Show response
img.sunmediaads.com/ads/ 112 KB
113 KB 104ms
11ms Script
text/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:54 GMT
last-modified: Sun, 05 Apr 2020 16:15:53 GMT
etag: "1586103353"
x-hw: 1632522174.dop242.fr8.t,1632522174.cds284.fr8.hn,1632522174.cds208.fr8.c
content-type: text/javascript
cache-control: max-age=0
accept-ranges: bytes
content-length: 115125

POST
H/1.1 200
OK 607f6b0b381bbc1f64fa027d62891072_cookie.php Show response
hosting.miarroba.info/ Frame 5E2A 46 B
941 B 95ms
89ms Document
text/html 2606:4700:3037::ac43:bb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:bb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88

Request headers

Host: hosting.miarroba.info
Connection: keep-alive
Content-Length: 162
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: http://heraldicadman.webcindario.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://heraldicadman.webcindario.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Origin: http://heraldicadman.webcindario.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/

Response headers

Date: Fri, 24 Sep 2021 22:22:54 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
set-cookie: __weslvu=1632522173; expires=Fri, 24-Sep-2021 23:22:53 GMT; Max-Age=3599; path=/; domain=hosting.miarroba.info
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbL8iTg4NZHTvu3MrP9QZdnQb5gA8YzJ%2B%2Bjh42XamAixaw5jCO31phjx3DvlIUP7%2BImHlwuCqzGkak7Szj8rQ14fUZKTCIvRSptmnCEXN5YTrFUtKTEIU%2BJFQeccfmbojWw5EWw4Lc3Ni8XEgynwG0Ui9rI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 693f6a03e82e4351-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

rules-p-d5x2uDVHd7ALE.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js

3 B
454 B

28ms
8ms

Script
application/javascript

2600:9000:223c:3e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 07:46:07 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2f.cloudfront.net (CloudFront)
age: 52627
x-edge-origin-shield-skipped: 0
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
content-length: 3
last-modified: Sat, 04 Mar 2017 20:57:48 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: 6hkEhlzg_KafIuiyChzGP1sMJO3jOYvH-EU8XuLd4LIzpVaQByhJZA==

Redirect headers

Date: Fri, 24 Sep 2021 22:22:54 GMT
Via: 1.1 5d5481cfa85227a3fdd5ff0b03093c63.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-P2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: XBIqHzmJ21lYZFIX1JV4Cj4FzOAJa52JKNjqq0KvZ0qPJ7PNnAXXEw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
216 B 21ms
21ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1934856121&t=pageview&_s=1&dl=http%3A%2F%2Fheraldicadman.webcindario.com%2F&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABCAAAAC~&jid=1468468700&gjid=321865584&cid=1642497968.1632522174&tid=UA-597118-7&_gid=1315638131.1632522174&_r=1&gtm=2wg9m0T2VG59&z=620221275

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://heraldicadman.webcindario.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 22:22:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://heraldicadman.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 25ms
24ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1934856121&t=pageview&_s=1&dl=http%3A%2F%2Fheraldicadman.webcindario.com%2F&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABCAAAAC~&jid=1033071036&gjid=1709632165&cid=1642497968.1632522174&tid=UA-597118-1&_gid=1315638131.1632522174&_r=1&gtm=2wg9m0T2VG59&z=764092525

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://heraldicadman.webcindario.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 22:22:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://heraldicadman.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
472 B 66ms
21ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-597118-7&cid=1642497968.1632522174&jid=1468468700&gjid=321865584&_gid=1315638131.1632522174&_u=YEBAAAAACAAAAC~&z=1762741083

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://heraldicadman.webcindario.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Sep 2021 22:22:54 GMT
content-type: text/plain
access-control-allow-origin: http://heraldicadman.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 64ms
21ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-597118-1&cid=1642497968.1632522174&jid=1033071036&gjid=1709632165&_gid=1315638131.1632522174&_u=YEDAAAABCAAAAC~&z=2114754380

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://heraldicadman.webcindario.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Sep 2021 22:22:54 GMT
content-type: text/plain
access-control-allow-origin: http://heraldicadman.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 43ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-597118-7&cid=1642497968.1632522174&jid=1468468700&_u=YEBAAAAACAAAAC~&z=177070305

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 22:22:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 64ms
27ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-597118-7&cid=1642497968.1632522174&jid=1468468700&_u=YEBAAAAACAAAAC~&z=177070305

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 22:22:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 43ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-597118-1&cid=1642497968.1632522174&jid=1033071036&_u=YEDAAAABCAAAAC~&z=516301322

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 22:22:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 62ms
27ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-597118-1&cid=1642497968.1632522174&jid=1033071036&_u=YEDAAAABCAAAAC~&z=516301322

Requested by

Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 22:22:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK zone.php Show response
play.sunmediaads.com/red/ 1005 B
2 KB 141ms
34ms Script
text/html 212.92.55.8
NEXICA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=4346017000.8033144530837597
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.92.55.8 Vilanova de la Roca, Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS: unamed.nexica.net
Software: Apache /
Resource Hash: be5eeb099a1cf713146da66dd7c33e478e64d3c021a1a08fc21ba103064951a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 22:06:48 GMT
Server: Apache
Connection: close
Content-Length: 1005
Content-Type: text/html; charset=UTF-8

GET
H2 200 8c4105a4-90ec-434c-bf14-82b194e3019f.js Show response
static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/ 288 KB
93 KB 75ms
9ms Script
application/javascript 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: 88ba71ac58932991d51ca30570234136ffe588c630788cd1cbd4c58ed54af208

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:54 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 23 Sep 2021 07:48:55 GMT
server: nginx
age: 138708
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
content-length: 94482
accept-ranges: bytes
x-device: mobile

GET
H2 200 / Show response
servingcdn.net/ 32 KB
32 KB 365ms
117ms Script
application/javascript 18.221.39.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.39.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-39-26.us-east-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 826dfa7251478f0196699b51a84008a26b2e01fe4470e94c716cc30b021a1b66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 22:22:54 GMT
server: nginx/1.20.0
x-powered-by: Express
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 32856
expires: -1

GET
H2 200 adblockDetector.min.js Show response
static.sunmedia.tv/AdBlockDetection/ 3 KB
2 KB 9ms
8ms Script
application/javascript 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=_smartads_%7C-ad-plugin-%7C-google-ads-%7C-google2-ad-&ref=http%253A%252F%252Fheraldicadman.webcindario.com%252F
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: 051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:54 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 21 Dec 2020 17:00:21 GMT
server: nginx
age: 1422810
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, s-maxage=2592000
x-device: mobile
accept-ranges: bytes
content-length: 1634

GET
H2 200 geocity.php Show response
services.sunmedia.tv/geotarget/ 484 B
736 B 32ms
9ms XHR
application/json 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://services.sunmedia.tv/geotarget/geocity.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: 96067a4b1512fc93529c6c312bd9cf1832a294823763528dc536228aedd43ba5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:54 GMT
tp-cache: HIT
server: nginx
age: 1039
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://heraldicadman.webcindario.com
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 484

GET
H2 200 outstream.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 3 KB
3 KB 27ms
8ms XHR
application/json 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/outstream.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: 8fa1f4e9501aa00a6ccc86f20c82a1f2d92601bf33ba69a09ed73722750e8874

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:54 GMT
tp-cache: HIT
last-modified: Tue, 08 Jun 2021 11:59:20 GMT
server: nginx
age: 140148
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 3049
accept-ranges: bytes
x-device: mobile

GET
H2 200 inhome-1-0.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 3 KB
3 KB 28ms
9ms XHR
application/json 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/inhome-1-0.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: e3802f02f4480d3b247af948f029fc343b6947d933a8dc978a738be684e7a3f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:54 GMT
tp-cache: HIT
last-modified: Tue, 01 Dec 2020 14:41:43 GMT
server: nginx
age: 140148
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 2788
accept-ranges: bytes
x-device: mobile

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 4 KB
2 KB 41ms
8ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:05:16 GMT
content-encoding: gzip
age: 1058
x-guploader-uploadid: ADPycdtOqWemc4641ACq930bYT9L6bJzkY6jtVOOzyVL0QbN9e_kj3tINW8oG7wKO5JeVIRVOIgsHGQIIwW7QUcJvsw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1482
last-modified: Wed, 07 Apr 2021 18:40:01 GMT
server: UploadServer
etag: "dd7e4933d35d1a7cb610442e9bea8b94"
vary: Accept-Encoding
x-goog-hash: crc32c=dtXWGA==, md5=3X5JM9NdGny2EEQum+qLlA==
x-goog-generation: 1617820801121016
cache-control: public,max-age=3600
x-goog-stored-content-length: 1482
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 / Show response
sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/ 3 KB
1 KB 63ms
15ms Script
text/javascript 168.119.79.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.223.79.119.168.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 82c2f18a5c271bbff78e815df2b75236ef85350574fdfc97f9f08d3769f64c64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:54 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 37ms
9ms Image
image/gif 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=0&loop=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:54 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1422811
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 42

GET
H/1.1 400 partner
sync.search.spotxchange.com/ 0
361 B 101ms
46ms Image
text/plain 185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sync.search.spotxchange.com/partner?source=202100&gdpr=1&gdpr_consent=${gdpr_consent}
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
Date: Fri, 24 Sep 2021 22:22:55 GMT
X-fe: 138
Connection: keep-alive
Content-Length: 0
Server: nginx
Content-Type: text/plain

GET
H2 200 tag Show response
pandg.tapad.com/ Frame F2A5 188 B
671 B 75ms
16ms Document
text/html 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fheraldicadman.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

719baa2acd05d3550b5a6dcadcfc79ce2136ac47d2cfe5f37eeab674e065269b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pandg.tapad.com
:scheme: https
:path: /tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fheraldicadman.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://heraldicadman.webcindario.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/

Response headers

date: Fri, 24 Sep 2021 22:22:55 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type: text/html;charset=utf-8
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1632522175023;Expires=Tue, 23 Nov 2021 22:22:55 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=3734f9fd-12ac-4acf-a829-3e10ffb0381b;Expires=Tue, 23 Nov 2021 22:22:55 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
content-length: 188
via: 1.1 google
alt-svc: clear

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
6 KB 42ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

Requested by

Host: servingcdn.net
URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 778143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5117
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-45f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dU1BN6nSnTPSRUnTRE1MdmMFLj3LLIxTyL1qRS1jFUUwgMmRmHx0U2rCbdXoBZljnMk7FndyQqTBpP7IK%2B2QtRs5RSVfpS3dLc8VBjbCG8Ba0XzhMu9cWR9ndqmTYDAonLe%2Fyujfi%2BEhUVgQmhMNKVef"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 693f6a0a1f116997-FRA
expires: Wed, 14 Sep 2022 22:22:55 GMT

GET
H2 200 b50000f8-170a-4dc8-a66e-61993d94c500.js Show response
static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/ 287 KB
92 KB 9ms
9ms Script
application/javascript 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: a4e589e77c86f76c71b5939fc9bc299eefb00237dbaf5c04e79844f1867447fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:55 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 23 Sep 2021 07:49:01 GMT
server: nginx
age: 138778
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
content-length: 94000
accept-ranges: bytes
x-device: desktop

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame F2A5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b&gdpr=&gdpr_consent=${gdpr_consent}
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b&gdpr=&gdpr_consent=${gdpr_consent}
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b5bc9c58-0033-48b4-b368-eb8ee15561cb&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b

95 B
430 B

18ms
17ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b5bc9c58-0033-48b4-b368-eb8ee15561cb&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b

Requested by

Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fheraldicadman.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:55 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Fri, 24 Sep 2021 22:22:55 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b5bc9c58-0033-48b4-b368-eb8ee15561cb&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 347

GET
H2 200 adblockDetector.min.js Show response
static.sunmedia.tv/AdBlockDetection/ 3 KB
2 KB 8ms
8ms Script
application/javascript 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=_smartads_%7C-ad-plugin-%7C-google-ads-%7C-google2-ad-&ref=http%253A%252F%252Fheraldicadman.webcindario.com%252F
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: 051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:55 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 21 Dec 2020 17:00:21 GMT
server: nginx
age: 1422811
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, s-maxage=2592000
x-device: mobile
accept-ranges: bytes
content-length: 1634

GET
H2 200 vd Show response
jnxm2.com/ Frame A09F 19 KB
19 KB 358ms
112ms Document
text/html 3.133.29.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jnxm2.com/vd?ref=http%3A%2F%2Fheraldicadman.webcindario.com
Requested by: Host: servingcdn.net
URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.133.29.88 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-133-29-88.us-east-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 4c6afc5b1378f3fea3d0c99a982815efef84456cd665450edd29a65afbe71797

Request headers

:method: GET
:authority: jnxm2.com
:scheme: https
:path: /vd?ref=http%3A%2F%2Fheraldicadman.webcindario.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://heraldicadman.webcindario.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/

Response headers

date: Fri, 24 Sep 2021 22:22:55 GMT
content-type: text/html; charset=utf-8
content-length: 19413
server: nginx/1.20.0
x-powered-by: Express
access-control-allow-origin: *
etag: W/"4bd5-rzvjyQgMY/548F/fQzNygME67UE"

GET
H2 200 outstream.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 3 KB
3 KB 9ms
8ms XHR
application/json 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/outstream.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: 8fa1f4e9501aa00a6ccc86f20c82a1f2d92601bf33ba69a09ed73722750e8874

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:55 GMT
tp-cache: HIT
last-modified: Tue, 08 Jun 2021 11:59:20 GMT
server: nginx
age: 140149
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 3049
accept-ranges: bytes
x-device: mobile

GET
H2 200 inhome-1-0.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 3 KB
3 KB 9ms
9ms XHR
application/json 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/inhome-1-0.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: e3802f02f4480d3b247af948f029fc343b6947d933a8dc978a738be684e7a3f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:55 GMT
tp-cache: HIT
last-modified: Tue, 01 Dec 2020 14:41:43 GMT
server: nginx
age: 140149
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 2788
accept-ranges: bytes
x-device: mobile

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 4 KB
2 KB 9ms
8ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:05:16 GMT
content-encoding: gzip
age: 1059
x-guploader-uploadid: ADPycdtOqWemc4641ACq930bYT9L6bJzkY6jtVOOzyVL0QbN9e_kj3tINW8oG7wKO5JeVIRVOIgsHGQIIwW7QUcJvsw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1482
last-modified: Wed, 07 Apr 2021 18:40:01 GMT
server: UploadServer
etag: "dd7e4933d35d1a7cb610442e9bea8b94"
vary: Accept-Encoding
x-goog-hash: crc32c=dtXWGA==, md5=3X5JM9NdGny2EEQum+qLlA==
x-goog-generation: 1617820801121016
cache-control: public,max-age=3600
x-goog-stored-content-length: 1482
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 / Show response
sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/ 3 KB
1 KB 13ms
13ms Script
text/javascript 168.119.79.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
Requested by: Host: heraldicadman.webcindario.com
URL: http://heraldicadman.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.223.79.119.168.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 2d040b8ead6c94dc23b8dc081a05ef828dd4b36d6583ef958c4f13e821a8b523

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:55 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 8ms
8ms Image
image/gif 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=op&pb=1&pos=0&loop=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:55 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1422811
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 42

GET
H/1.1 400 partner
sync.search.spotxchange.com/ 0
361 B 26ms
26ms Image
text/plain 185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sync.search.spotxchange.com/partner?source=202100&gdpr=1&gdpr_consent=${gdpr_consent}
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
Date: Fri, 24 Sep 2021 22:22:55 GMT
X-fe: 107
Connection: keep-alive
Content-Length: 0
Server: nginx
Content-Type: text/plain

GET
H2 200 tag Show response
pandg.tapad.com/ Frame 5B81 188 B
429 B 16ms
16ms Document
text/html 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

719baa2acd05d3550b5a6dcadcfc79ce2136ac47d2cfe5f37eeab674e065269b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pandg.tapad.com
:scheme: https
:path: /tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fheraldicadman.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Business%22%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://heraldicadman.webcindario.com/
accept-encoding: gzip, deflate, br
cookie: TapAd_TS=1632522175023; TapAd_DID=3734f9fd-12ac-4acf-a829-3e10ffb0381b; TapAd_3WAY_SYNCS=1!6430
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://heraldicadman.webcindario.com/

Response headers

date: Fri, 24 Sep 2021 22:22:55 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type: text/html;charset=utf-8
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1632522175023;Expires=Tue, 23 Nov 2021 22:22:55 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=3734f9fd-12ac-4acf-a829-3e10ffb0381b;Expires=Tue, 23 Nov 2021 22:22:55 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
content-length: 188
via: 1.1 google
alt-svc: clear

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame 5B81
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b&gdpr=&gdpr_consent=${gdpr_consent}
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b5bc9c58-0033-48b4-b368-eb8ee15561cb&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b

95 B
419 B

16ms
16ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b5bc9c58-0033-48b4-b368-eb8ee15561cb&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 22:22:55 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Fri, 24 Sep 2021 22:22:55 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b5bc9c58-0033-48b4-b368-eb8ee15561cb&ttd_puid=3734f9fd-12ac-4acf-a829-3e10ffb0381b
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 347

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.webcindario.com/	1970-01-25 20:31:23	Name: __muid Value: 498917178a527b7687c4c8bc5f58ea9231c48db1
.paypal.com/	1970-01-20 23:45:30	Name: ts Value: vreXpYrS%3D1727216573%26vteXpYrS%3D1632523973%26vr%3D19e77de417c0a1d2e9086210ffd2e1af%26vt%3D19e77de417c0a1d2e9086210ffd2e1ae%26vtyp%3Dnew
.paypal.com/	1970-01-20 23:45:30	Name: ts_c Value: vr%3D19e77de417c0a1d2e9086210ffd2e1af%26vt%3D19e77de417c0a1d2e9086210ffd2e1ae
.webcindario.com/	1970-01-19 21:30:08	Name: _dlt Value: 1
.heraldicadman.webcindario.com/	1970-01-20 14:59:54	Name: _ga Value: GA1.3.1642497968.1632522174
.heraldicadman.webcindario.com/	1970-01-19 21:30:08	Name: _gid Value: GA1.3.1315638131.1632522174
.heraldicadman.webcindario.com/	1970-01-19 21:28:42	Name: _gat_UA-597118-7 Value: 1
.heraldicadman.webcindario.com/	1970-01-19 21:28:42	Name: _gat_UA-597118-1 Value: 1
.sunmediaads.com/	1970-01-20 06:14:18	Name: lz_frecy Value: %7B%22HEZRL65RXYI2%22%3A%7B%22times%22%3A1%2C%22time%22%3A1632607200%7D%7D
.sunmediaads.com/	1970-01-20 06:14:18	Name: lz_frecy_crea Value: %7B%22HEZRL65RXYI2%22%3A%7B%221%22%3A%7B%22visto%22%3A1%2C%22time%22%3A1632607200%7D%7D%7D
.tapad.com/	1970-01-19 22:55:06	Name: TapAd_TS Value: 1632522175023
.tapad.com/	1970-01-19 22:55:06	Name: TapAd_DID Value: 3734f9fd-12ac-4acf-a829-3e10ffb0381b
.adsrvr.org/	1970-01-20 06:14:18	Name: TDID Value: b5bc9c58-0033-48b4-b368-eb8ee15561cb
.tapad.com/	1970-01-19 22:55:06	Name: TapAd_3WAY_SYNCS Value: 1!6430
.adsrvr.org/	1970-01-20 06:14:18	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjghbe4_Oz_ORAFGAEgASgCMgsI4P255ZLt_zkQBTgBWgV0YXBhZGAC

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.contadorgratis.com/hit.js(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://cdnaws.mobidea.com/ads/popunder.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.contadorgratis.com/hit.js(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://cdnaws.mobidea.com/ads/popunder.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://cse.google.com/cse/tools/onthefly?form=searchbox_demo&lang= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cse.google.com/cse/tools/onthefly?form=searchbox_demo&lang= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://sync.search.spotxchange.com/partner?source=202100&gdpr=1&gdpr_consent=${gdpr_consent} Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: http://sync.search.spotxchange.com/partner?source=202100&gdpr=1&gdpr_consent=${gdpr_consent} Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
cdnaws.mobidea.com
cdnjs.cloudflare.com
cse.google.com
des.smartclip.net
heraldicadman.webcindario.com
hosting.miarroba.info
img.sunmediaads.com
jnxm2.com
match.adsrvr.org
pandg.tapad.com
pghub.io
pixel.tapad.com
play.sunmediaads.com
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
services.sunmedia.tv
servingcdn.net
static.sunmedia.tv
stats.g.doubleclick.net
sync.richaudience.com
sync.search.spotxchange.com
track.sunmedia.tv
www.contadorgratis.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
104.111.228.123
13.248.242.197
13.32.121.61
151.101.65.21
168.119.79.223
18.221.39.26
185.94.180.125
205.185.216.42
212.92.55.8
2600:9000:223c:3e00:6:44e3:f8c0:93a1
2600:9000:2240:6c00:9:46dc:4700:93a1
2606:4700:3037::ac43:bb46
2606:4700::6810:125e
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2001
2a00:1450:400c:c1b::9a
3.133.29.88
35.186.194.101
35.227.248.159
35.241.45.217
46.105.123.17
5.57.226.202
51.89.99.150
051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88
20ee44328a15223511959e86d10fa069bcaca3cbc52669e2c5f5f532c7a8701d
23ac9f7ca3d79cbc4ca80735ebdd5cf8a1a68704c445324500ed6322eb987497
293f728a766424027b7dbd72053823860540d52209b07fd376c4c015a4fbdd47
2b73da936208b13624b9dfe5d43eaaebdc8167dde4168b43d92e69d4dcbed792
2d040b8ead6c94dc23b8dc081a05ef828dd4b36d6583ef958c4f13e821a8b523
2dd358c8a012b37ecc3ce739e982af9178b81623b529943f4ebd388ebcfc3dd3
3215a8b39afd6ac0489ffd6b9b14b162b785f7c502721fbdabbc8f465b0f5de3
35b3e39a7821048ff6d74b90b20b3e1a068d1c01b6dd10d5066877fac384a075
37437bbb949363808c1fcd2dd67b3cc1f076344224d921e66fa2a4de0aecbed6
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259
4822bc63c222cc64b36530ebdec58ce79a0107f3582e619d737b978813b18ee7
49ed0768eb1809435abbab4674a04021905796c20ac727d5b009651af90591c5
4c6afc5b1378f3fea3d0c99a982815efef84456cd665450edd29a65afbe71797
4f3158a86bb740985db1d4897b6055ab3b2c71210c633ee067b716ef3b73dba1
4fa2966874ce940b1dd2847859465702fb020427af529f7bc7582946e11330fc
51acfcbf52866d19b626abacc2a6e4642068749e7d57e7f3ac939c62b7a3bbff
69ca393559d846a3607ce61f57aa113a1dd3b77a8dc36a023b34557232efdf72
6bc7e0a933caf1cb1a15d5176190f825d9aae56d20bf9d1e89c80584335588a0
6c9505553c12b114a8e550d13b4263cc1125005681c5e5651e12227191132c55
6cd8b69cc6c7eb56c0a336bc9b09fb51371720f03e0073cacb307efaf4bb71e7
70cdfa67620374166700afe06c4bbf5eec82301af5041d195e94ef9300c9af00
719baa2acd05d3550b5a6dcadcfc79ce2136ac47d2cfe5f37eeab674e065269b
7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb
75b5ac62a377116258d13cf7aa299b6546210590b0b25ca07506da4afee761cf
7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5
826dfa7251478f0196699b51a84008a26b2e01fe4470e94c716cc30b021a1b66
82c2f18a5c271bbff78e815df2b75236ef85350574fdfc97f9f08d3769f64c64
84003f06ed457e379b2e252aa3027f40b7e15606955f53b2071c4caaa9d81b39
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88ba71ac58932991d51ca30570234136ffe588c630788cd1cbd4c58ed54af208
8c17cb88ae6fe2d188c24a3eb91ab522cb941a805f7dbab1398a7519b831045d
8ecc0a1902a8f74a2e5d7e20cb3793f25ec0f9140eda4567fc63577db3536c66
8fa1f4e9501aa00a6ccc86f20c82a1f2d92601bf33ba69a09ed73722750e8874
9117d92ac1ab51cc0a876e24648245d93f2a0744475919dd3222363e34588bbc
96067a4b1512fc93529c6c312bd9cf1832a294823763528dc536228aedd43ba5
a4e589e77c86f76c71b5939fc9bc299eefb00237dbaf5c04e79844f1867447fc
abf316d951b5b7dfdc8a7c83cfe274683e71ab2d410e950d5468e2efc8c1b8b8
b562995cad29e2e8dea83de4e7b6d0a2113774c5398597ae5b583c0e5e9af446
b940c234fb39d942dde89446bd7c7be1fd18c22b9c64fc619db885c9ec81cab8
ba6b1e26803471a583c0e2c60d8bb8f31fd983735a77a1c65199c4a089186dc1
be5eeb099a1cf713146da66dd7c33e478e64d3c021a1a08fc21ba103064951a9
c30edc95cbecbadb3d9ec6168a44ee1183147887fdd792102c3bbc9966c3bac3
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c9d50edae9ab89f8373214510b01eb50f60e16bd5e71328173962c0e13b31c07
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
dc2fda0e1cfd46a8636dee819034511108e785ff5e83e0c41fe0c90d8d092ca0
dd0f389f63ff0ef7b624c01fa80375d6952f461a9bbd3d6c0d8a284ef9fce5e0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3802f02f4480d3b247af948f029fc343b6947d933a8dc978a738be684e7a3f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebbcdf5c1ec738c215aabf3e5b3525eb02ad43e684eb0de16856771989cc478e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc138d182a42b5b97ff609dbf6ada2774f59edc52812a34d44569203fc2819e9
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed4540eb4300272e0729d364c5284c4beaa028ac92b3199ba4907340138ceb8

heraldicadman.webcindario.com Open in urlscan Pro 5.57.226.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

76 Requests

57 %HTTPS

43 %IPv6

26 Domains

33 Subdomains

26 IPs

6 Countries

1117 kBTransfer

1658 kBSize

15 Cookies

4 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

heraldicadman.webcindario.com Open in urlscan Pro
5.57.226.202 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

57 %
HTTPS

43 %
IPv6

26
Domains

33
Subdomains

26
IPs

6
Countries

1117 kB
Transfer

1658 kB
Size

15
Cookies

76 HTTP transactions
0 data transactions