pelotainvernal.com Open in urlscan Pro
54.208.89.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pelotainvernal.com/
Submission: On December 17 via api (December 17th 2022, 8:07:47 am UTC) from DO — Scanned from DE

Summary HTTP 489 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 92 IPs in 14 countries across 85 domains to perform 489 HTTP transactions. The main IP is 54.208.89.30, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pelotainvernal.com. The Cisco Umbrella rank of the primary domain is 478236.
TLS certificate: Issued by Amazon on August 5th 2022. Valid for: a year.

This is the only time pelotainvernal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	54.208.89.30 54.208.89.30	14618 (AMAZON-AES) (AMAZON-AES)
3	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	52.216.18.171 52.216.18.171	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::ac43:b7f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:802::2008	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.145.29 13.32.145.29	16509 (AMAZON-02) (AMAZON-02)
3	104.18.132.145 104.18.132.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.19.54.139 3.19.54.139	16509 (AMAZON-02) (AMAZON-02)
2 39	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:804::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
2	142.251.208.166 142.251.208.166	15169 (GOOGLE) (GOOGLE)
1	2.18.37.67 2.18.37.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	209.191.163.152 209.191.163.152	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
1 4	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
3 5	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.32.110.61 13.32.110.61	16509 (AMAZON-02) (AMAZON-02)
2	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
10	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
4	2.18.79.136 2.18.79.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 6	54.93.177.113 54.93.177.113	16509 (AMAZON-02) (AMAZON-02)
1 1	18.196.15.33 18.196.15.33	16509 (AMAZON-02) (AMAZON-02)
2	3.66.71.88 3.66.71.88	16509 (AMAZON-02) (AMAZON-02)
4 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1 4	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
10	69.20.43.192 69.20.43.192	27357 (RACKSPACE) (RACKSPACE)
6 6	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
25	146.20.132.117 146.20.132.117	27357 (RACKSPACE) (RACKSPACE)
6 6	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
6 6	54.211.49.49 54.211.49.49	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:230... 2600:9000:2304:8a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
31	146.20.128.203 146.20.128.203	27357 (RACKSPACE) (RACKSPACE)
1 4	54.73.29.246 54.73.29.246	16509 (AMAZON-02) (AMAZON-02)
1 6	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
10 39	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
2 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	34.248.17.75 34.248.17.75	16509 (AMAZON-02) (AMAZON-02)
2 3	2a05:d018:d29... 2a05:d018:d29:3605:749a:6a0e:3033:c14	16509 (AMAZON-02) (AMAZON-02)
3 8	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	52.18.201.205 52.18.201.205	16509 (AMAZON-02) (AMAZON-02)
3 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
1	142.250.27.156 142.250.27.156	15169 (GOOGLE) (GOOGLE)
3	2600:9000:206... 2600:9000:206e:f800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2600:1f18:1ac... 2600:1f18:1aca:4281:68f:8ebb:736f:849f	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:9000:230... 2600:9000:2304:9200:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
31	2a00:1450:400... 2a00:1450:400d:803::2006	15169 (GOOGLE) (GOOGLE)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
21	2.18.36.193 2.18.36.193	16625 (AKAMAI-AS) (AKAMAI-AS)
6	172.217.19.98 172.217.19.98	15169 (GOOGLE) (GOOGLE)
4 4	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
11	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	67.220.228.201 67.220.228.201	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.252.235.208 34.252.235.208	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
2	2a02:26f0:11a... 2a02:26f0:11a::217:9a8a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.96.128.226 104.96.128.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
10	185.64.189.221 185.64.189.221	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	3.68.131.166 3.68.131.166	16509 (AMAZON-02) (AMAZON-02)
2 3	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3 3	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
5	18.218.58.137 18.218.58.137	16509 (AMAZON-02) (AMAZON-02)
1	23.62.220.47 23.62.220.47	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.229 185.64.189.229	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	63.251.232.165 63.251.232.165	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1	162.55.120.196 162.55.120.196	24940 (HETZNER-AS) (HETZNER-AS)
1 1	141.95.171.142 141.95.171.142	16276 (OVH) (OVH)
1 1	141.94.171.214 141.94.171.214	16276 (OVH) (OVH)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
489	92

6 54.208.89.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-89-30.compute-1.amazonaws.com

pelotainvernal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:79 (United States)

ASN13335 (CLOUDFLARENET, US)

flower-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.216.18.171 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:b7f8 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-conectate.kiskoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.145.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-29.cdg50.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.132.145 (None, )

ASN13335 (CLOUDFLARENET, US)

t.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:400d:804::2001 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.208.166 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.37.67 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-37-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.191.163.152 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.52 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-61.vie50.r.cloudfront.net

cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.79.136 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-136.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.93.177.113 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-177-113.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.15.33 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-15-33.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.71.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-71-88.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.214.223.115 (Groningen, Netherlands) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 146.20.132.117 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:678:cb4:bbbb::11 (United Kingdom) 6 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.211.49.49 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-49-49.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:8a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 146.20.128.203 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.73.29.246 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-29-246.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 142.251.208.98 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.17.75 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-17-75.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3605:749a:6a0e:3033:c14 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.189.115 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.201.205 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-201-205.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.27.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ra-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206e:f800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:1f18:1aca:4281:68f:8ebb:736f:849f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2304:9200:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:400d:803::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.19.98 (United States)

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.132.245 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.185 (Sweden) 4 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.228.201 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.235.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-235-208.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.91.62.186 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::217:9a8a (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.64.189.221 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

st.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.68.131.166 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-131-166.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.93 (Tuttlingen, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.218.58.137 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-218-58-137.us-east-2.compute.amazonaws.com

vid-io-cle.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.220.47 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-47.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.171.142 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-8.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.214 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139 c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com	777 KB
76	lkqd.net ad.lkqd.net — Cisco Umbrella Rank: 22754 v.lkqd.net — Cisco Umbrella Rank: 11551 cs.lkqd.net — Cisco Umbrella Rank: 2756 t.lkqd.net — Cisco Umbrella Rank: 18312	290 KB
72	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 ad.doubleclick.net — Cisco Umbrella Rank: 161 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 bid.g.doubleclick.net — Cisco Umbrella Rank: 704 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297	424 KB
62	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 716 vpaid.pubmatic.com — Cisco Umbrella Rank: 4684 ads.pubmatic.com — Cisco Umbrella Rank: 481 simage2.pubmatic.com — Cisco Umbrella Rank: 641 image2.pubmatic.com — Cisco Umbrella Rank: 852 vid.pubmatic.com — Cisco Umbrella Rank: 8864 st.pubmatic.com — Cisco Umbrella Rank: 973 aud.pubmatic.com — Cisco Umbrella Rank: 4185 image4.pubmatic.com — Cisco Umbrella Rank: 824	364 KB
31	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 267	720 KB
20	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 813 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 543 pixel.adsafeprotected.com — Cisco Umbrella Rank: 604	340 KB
15	amazonaws.com s3.amazonaws.com	145 KB
10	springserve.com vpaid.springserve.com — Cisco Umbrella Rank: 9310 vid-io-cle.springserve.com — Cisco Umbrella Rank: 8553	443 KB
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	1 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	148 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	341 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 394 mug.criteo.com — Cisco Umbrella Rank: 2835 dis.criteo.com — Cisco Umbrella Rank: 658	9 KB
7	yahoo.com 6 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 279 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408	3 KB
7	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 482 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513 dsum.casalemedia.com — Cisco Umbrella Rank: 1324	5 KB
7	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 210 secure.adnxs.com — Cisco Umbrella Rank: 414	7 KB
6	stackadapt.com 6 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 651	2 KB
6	turn.com 6 redirects ad.turn.com — Cisco Umbrella Rank: 710	3 KB
6	loopme.me 6 redirects csync.loopme.me — Cisco Umbrella Rank: 752	1 KB
6	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 282	2 KB
6	pelotainvernal.com pelotainvernal.com — Cisco Umbrella Rank: 478236	29 KB
5	spotxchange.com 1 redirects search.spotxchange.com — Cisco Umbrella Rank: 490 sync.search.spotxchange.com — Cisco Umbrella Rank: 562	5 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 315	1 KB
5	seedtag.com t.seedtag.com — Cisco Umbrella Rank: 13646 s.seedtag.com — Cisco Umbrella Rank: 5800	135 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 688	3 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 446 rtb0.doubleverify.com — Cisco Umbrella Rank: 669 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 14657	22 KB
4	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 759	2 KB
4	de17a.com 4 redirects d5p.de17a.com — Cisco Umbrella Rank: 4459	1 KB
4	mathtag.com 4 redirects sync.mathtag.com — Cisco Umbrella Rank: 434	3 KB
4	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 939 pixel.quantserve.com — Cisco Umbrella Rank: 666 cms.quantserve.com — Cisco Umbrella Rank: 639	11 KB
4	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 595	5 KB
4	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 690	893 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	3 KB
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427	2 KB
3	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 29316 ipac.ctnsnet.com — Cisco Umbrella Rank: 4752	847 B
3	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 566	2 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 24144 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26541	739 B
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 335	1 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1884 mp.4dex.io — Cisco Umbrella Rank: 1980	25 KB
3	vidoomy.com ads.vidoomy.com — Cisco Umbrella Rank: 22938 a.vidoomy.com — Cisco Umbrella Rank: 8039	6 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8549	1 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	41 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 497	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 3765	623 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1225	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 411	418 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 958 id5-sync.com — Cisco Umbrella Rank: 413	17 KB
2	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 719	531 B
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 534	749 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2234	793 B
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 30424	1 KB
2	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 462	6 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1148 cs.media.net — Cisco Umbrella Rank: 1387	1016 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 23217 cdn.firstimpression.io — Cisco Umbrella Rank: 23306	97 KB
2	kiskoo.com cdn-conectate.kiskoo.com — Cisco Umbrella Rank: 192086	3 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	36 KB
2	flower-ads.com flower-ads.com — Cisco Umbrella Rank: 861580	165 KB
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 3458	462 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2014	555 B
1	onaudience.com 1 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 12965	713 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 16075	367 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 5627
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 5149	279 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1303	283 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 578	191 B
1	dotomi.com pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2838	104 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 10374	60 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 637	13 KB
1	zeotap.com mwzeom.zeotap.com — Cisco Umbrella Rank: 2401	382 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1782	173 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 868	1 KB
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 5650	322 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 581	410 B
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1353	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	701 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	43 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 686	30 KB
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
0	tribalfusion.com Failed s.tribalfusion.com Failed
0	sportradarserving.com Failed a.sportradarserving.com Failed
0	exelator.com Failed loada.exelator.com Failed
0	semasio.net Failed uipglob.semasio.net — Cisco Umbrella Rank: 1107 Failed
0	audrte.com Failed a.audrte.com Failed
0	smartadserver.com Failed rtb-csync.smartadserver.com Failed
489	85

	Domain	Requested by
39	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com pelotainvernal.com
39	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net pelotainvernal.com tpc.googlesyndication.com c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
38	pagead2.googlesyndication.com	pelotainvernal.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com fw.adsafeprotected.com c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com s0.2mdn.net ad.doubleclick.net
31	s0.2mdn.net	pelotainvernal.com s0.2mdn.net c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
31	t.lkqd.net	ad.lkqd.net
25	cs.lkqd.net	ad.lkqd.net
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net pelotainvernal.com c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
15	s3.amazonaws.com	pelotainvernal.com
13	dt.adsafeprotected.com	googleads.g.doubleclick.net c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com pelotainvernal.com
11	simage2.pubmatic.com	ads.pubmatic.com
11	ads.pubmatic.com	vpaid.pubmatic.com ads.pubmatic.com
10	st.pubmatic.com	pelotainvernal.com
10	vpaid.pubmatic.com	vpaid.springserve.com blank
10	v.lkqd.net	ad.lkqd.net
10	ad.lkqd.net	pelotainvernal.com ad.lkqd.net
9	www.googletagservices.com	pelotainvernal.com googleads.g.doubleclick.net c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
8	image6.pubmatic.com	3 redirects ads.pubmatic.com
7	fonts.gstatic.com	fonts.googleapis.com
6	googleads4.g.doubleclick.net	pelotainvernal.com ad.doubleclick.net
6	www.google.com	1 redirects googleads.g.doubleclick.net c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com tpc.googlesyndication.com
6	sync.srv.stackadapt.com	6 redirects
6	ad.turn.com	6 redirects
6	csync.loopme.me	6 redirects
6	x.bidswitch.net	6 redirects
6	securepubads.g.doubleclick.net	www.googletagservices.com flower-ads.com securepubads.g.doubleclick.net
6	pelotainvernal.com	pelotainvernal.com
5	vid-io-cle.springserve.com	vpaid.springserve.com
5	vid.pubmatic.com	vpaid.pubmatic.com
5	vpaid.springserve.com	ad.lkqd.net
5	match.adsrvr.org	googleads.g.doubleclick.net ads.pubmatic.com c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net pelotainvernal.com
5	ib.adnxs.com	3 redirects flower-ads.com googleads.g.doubleclick.net
4	pm.w55c.net	4 redirects
4	um.simpli.fi	3 redirects ads.pubmatic.com
4	image2.pubmatic.com	ads.pubmatic.com
4	d5p.de17a.com	4 redirects
4	sync.mathtag.com	4 redirects
4	ups.analytics.yahoo.com	4 redirects
4	ads.stickyadstv.com	pelotainvernal.com ad.lkqd.net
4	onetag-sys.com	1 redirects flower-ads.com googleads.g.doubleclick.net pelotainvernal.com
4	gum.criteo.com	2 redirects static.criteo.net
4	fonts.googleapis.com	pelotainvernal.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	dsp.adfarm1.adition.com	3 redirects
3	c1.adform.net	2 redirects ads.pubmatic.com
3	static.adsafeprotected.com	googleads.g.doubleclick.net pixel.adsafeprotected.com c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
3	search.spotxchange.com	ad.lkqd.net
3	eb2.3lift.com	3 redirects
3	pr-bh.ybp.yahoo.com	2 redirects ads.pubmatic.com
3	mug.criteo.com	pelotainvernal.com
3	c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	t.seedtag.com	flower-ads.com t.seedtag.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	cdn.jsdelivr.net	pelotainvernal.com securepubads.g.doubleclick.net
2	sync.1rx.io	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	visitor.fiftyt.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	sync.search.spotxchange.com	1 redirects googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	pixel.adsafeprotected.com	c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
2	cdn.doubleverify.com	c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com cdn.doubleverify.com
2	cr.frontend.weborama.fr	2 redirects
2	sync.crwdcntrl.net	ads.pubmatic.com
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	secure.adnxs.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	match.360yield.com	2 redirects
2	r.scoota.co	2 redirects
2	fw.adsafeprotected.com	1 redirects googleads.g.doubleclick.net
2	a.vidoomy.com	pelotainvernal.com
2	s.seedtag.com	t.seedtag.com
2	fastlane.rubiconproject.com	flower-ads.com
2	script.4dex.io	flower-ads.com script.4dex.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ad.doubleclick.net	pelotainvernal.com www.googletagservices.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	cdn-conectate.kiskoo.com	pelotainvernal.com
2	cdnjs.cloudflare.com	pelotainvernal.com
2	flower-ads.com	pelotainvernal.com flower-ads.com
1	ipac.ctnsnet.com	ads.pubmatic.com
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pixel-eu.onaudience.com	1 redirects
1	green.erne.co	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	pixel-sync.sitescout.com	ads.pubmatic.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	cs.media.net	pelotainvernal.com
1	dsum.casalemedia.com	1 redirects
1	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
1	m.exactag.com	c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	id5-sync.com	cdn.id5-sync.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	bid.g.doubleclick.net	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	pixel.quantserve.com	pelotainvernal.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	t.seedtag.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	sonata-notifications.taptapnetworks.com	1 redirects
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	htlb.casalemedia.com	flower-ads.com
1	mp.4dex.io	flower-ads.com
1	prebid.media.net	flower-ads.com
1	ap.lijit.com	flower-ads.com
1	widgets.outbrain.com	pelotainvernal.com
1	ads.vidoomy.com	flower-ads.com
1	ecdn.firstimpression.io	pelotainvernal.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	pelotainvernal.com
1	code.jquery.com	pelotainvernal.com
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
0	s.tribalfusion.com Failed	ads.pubmatic.com
0	a.sportradarserving.com Failed	ads.pubmatic.com
0	loada.exelator.com Failed	ads.pubmatic.com
0	uipglob.semasio.net Failed	ads.pubmatic.com
0	a.audrte.com Failed	ads.pubmatic.com
0	rtb-csync.smartadserver.com Failed	ads.pubmatic.com
489	129

This site contains links to these domains. Also see Links.

Domain
www.conectate.com.do
emisorasdominicanasonline.com

Subject Issuer	Validity	Valid
pelotainvernal.com Amazon	`2022-08-05` - `2023-09-03`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-03`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2022-11-27` - `2023-12-05`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-28` - `2023-04-28`	a year	crt.sh
ad.lkqd.net R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-27` - `2023-07-18`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-29`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.springserve.com Amazon	`2022-03-31` - `2023-04-29`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.iprom.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
truffle.bid R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.ctnsnet.com DigiCert SHA2 Secure Server CA	`2022-09-27` - `2023-03-08`	5 months	crt.sh

This page contains 85 frames:

Primary Page: https://pelotainvernal.com/
Frame ID: A15E69BE246D26466B04E6543056988B
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 9BAA69F3A329C59B5DA40DCF8371C9B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671264457&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671264456766&bpp=2&bdt=290&idt=352&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=190859897557&frm=20&pv=2&ga_vid=624986645.1671264457&ga_sid=1671264457&ga_hid=1874097792&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794%2C44780792&oid=2&pvsid=3050005988402424&tmod=354007817&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=myFaWs2LCI&p=https%3A//pelotainvernal.com&dtd=368
Frame ID: E8918D94CAA0C74844AEB3CA27F3DE94
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671264457&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671264456769&bpp=2&bdt=293&idt=390&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=190859897557&frm=20&pv=1&ga_vid=624986645.1671264457&ga_sid=1671264457&ga_hid=1874097792&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794%2C44780792&oid=2&pvsid=3050005988402424&tmod=354007817&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OoqH954pte&p=https%3A//pelotainvernal.com&dtd=400
Frame ID: 6CCEAE1BD39B84E6CB839B08897B764D
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&adk=1812271804&adf=3025194257&lmt=1671264457&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fpelotainvernal.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671264457576&bpp=3&bdt=1100&idt=3&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100%2C728x90&nras=1&correlator=190859897557&frm=20&pv=1&ga_vid=624986645.1671264457&ga_sid=1671264457&ga_hid=1874097792&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794%2C44780792&oid=2&pvsid=3050005988402424&tmod=354007817&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=12
Frame ID: 3BCF068DEBE2F5057D83A331A385DC11
Requests: 1 HTTP requests in this frame

Frame: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2079E4569ACDEFDA82F2530251AADC0
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 3482D540289F7DABEF975E735C2FCCFA
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: C2DE8F9C784B663A8AA8362480829621
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: A684CA1F334F1D20E9FFC5139CEA1869
Requests: 1 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 7DF67FDB3B7DC0ED764C97AF377CF53F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 09021B019B34930BFA9AFA0F942425E4
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: F36A0727AB075AED89451CDF45110E22
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 3F96DB056927E4D964D317081A440AC5
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 02A847A7118151E6A432FEC6B6868406
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 24BB7D90DE13EF7A4626CBE299BF0F94
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 0449BA0A438151611807A6CF56D89BEB
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 6CA2DE8B8D07481376C9A5137C8989AB
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 734ADFAC8B0819C74268155CD327353A
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 867088303A72224A8EC12780D36FC02F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQqafRlQIYgdWz2AEwAQ&v=APEucNV7R5GaxBJLG9KLqnor_7AtNj6qyuLsayLf4maoMpuzy-pqs4AQqdTjTsdoCJgXrxNuaTAv0P9lPpI51JRfGvvJ-63NB_yCZ2aEQN6iRMMUeRSXKnozK_bPWUhsUEZ7GRw8o7_n7achbcpQxOibckX77Gdm7TEFB68Su34PHNu3KrNKWSk
Frame ID: C9EA074079E7FD4D54F476BF96A4D856
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Frame ID: 92DC6E2EA0AD33BEE84FEB0A5AFA9867
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3E281AAC1206C493272A1071412F64D1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 64E7B97EB45F092F1751BBA8A6B65649
Requests: 9 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 56E6DBC6DCCCFC00A9C723FA90F0A67A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AE8B1F8C26BB8859B8F175C557B9B22C
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7EF067E5D9B6336DEDB224CB31BB1BF3
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Frame ID: F4B4D2ACD2E04E1253ED29D961AED9D6
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7427D78F81637073E6519DF94F162331
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
Frame ID: 690758F2F794A77B904B0390FD290750
Requests: 18 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459067,,
Frame ID: 781E28F5C154FD88E4D0AB1A96A57CA1
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 261AF5F602D81611567D61753321F843
Requests: 11 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:132d639d-78cd-4100-bd71-bacb350a17e7&gdpr=0&gdpr_consent=
Frame ID: 8516D587040C3016B23E9BCC10610451
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 913A2804FEA2637467B833C467AC069A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7395731750294412503
Frame ID: 9236D4AA2090E54AC28098092719771B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=280CD529-6208-45F6-8529-B0BE05611F49&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 392AA9059EADA00982EE7683F8B35A9E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=680161537510071120&gdpr=0&gdpr_consent=
Frame ID: 8E3586C69FFF72402E1DEC042D97538D
Requests: 1 HTTP requests in this frame

Frame: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0DE7A72531A499759025723F30A6D82B
Requests: 22 HTTP requests in this frame

Frame: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B6D7E3C365C65CE383AB46B9B863FF5B
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGPuul9sBMAE&v=APEucNUKAANZUygKHObpwYS_Hn7-sQKpWWmunKTDXeZ9SownQR3CwCVKfysiedwFTYvDVHSxu_VHMDNP5NcB7am8jIrEGwYd3jMre6uOwXomGGMImrjRMZ4jyo6QcAsCYAbji3D3pC8WBSBFVGTfTTgqUYv0kJgEtAKMA2tprv2eC0wxhMgcZGw
Frame ID: 8857712A8A323E71B4A2F44572DE206B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNWPGZDzP8rd-b-Yk1qyGkvHdWbGQ6SmEpBkPyy-_4-Z0DnKs0g57vX237YtxeK3hAqMe1f1qhG9qznanpwmofxKYfQ2vg-GLaRrvUu-_ezALbKASkD5YF5pO7VPcEQOlmpmczzIElIVSI7-AxQP5QI5HqzpamgzCNNJ0T1wOpkACEQLUis
Frame ID: 0AB6DDF907C6EFC127F4426560725850
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D6A68BEE2430E2E8ED734EF658F4150F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2F7A45E5A367CEAB2B23374667DB570E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EFF36B2F8EE928B46345BC160232901C
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2FB0FB92BF9B243104D9CEED2E7A45AF
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247
Frame ID: 12872BF0F78207C3291971894E130B0F
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pelotainvernal.com
Frame ID: 2988086F903050C64B16EF9D07A61740
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 016D1FA9412487690A71B6BB9DA921A3
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Frame ID: 28128DCA2964CBA3151E63D3174922EC
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 756B4C068A68687A1093D2E23FF2B13F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C9166515344D6C7A5D1790E66C5522F5
Requests: 9 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459066,,
Frame ID: 21AC7EBC32FE8FA80198236EB2AF0790
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 89C741A05CCBFFDC19BA76D947901E5D
Requests: 11 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jvYUeY_9TnyV804kiPAALo6gHySV_UkqivC6rkMt
Frame ID: CF7291073722A127174DEDB75E2B9A9D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7178026198688790683&gdpr=0&gdpr_consent=
Frame ID: 3E244C011EF1AFA555D1B5DD3D06AF50
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACqBE7HOvIAAB9vT69Lzw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0
Frame ID: 645C26C8634E50D1E7285517FA0A8448
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WjomeRqfQjtRmQiNFeo4pdly2hY
Frame ID: 835D17DDF0457789BFBCACE83C55962C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y514ywAAALNDNgAZ&gdpr=0&gdpr_consent=
Frame ID: 427FDDDBDA6600F92DB16BA1EFEBA452
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 157842347F0A8F1572C37364CC57CBB3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 169A33013E25BF61924D1B49BD71B3CD
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 40B1E4D96B4E29AE34B0DFA065AD16F0
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 9DD8BF1FAB32BA37002F351103721AB7
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: CBF463492CA268CD93CAD968B8170E99
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Frame ID: CD935ABA59D962BCD1ACD4963EBEDED2
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264463023,,
Frame ID: 75C8DDC9B9F91C7EF2162367434A8FB0
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5E4307969745921FD936C0821001FE0D
Requests: 6 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=280CD529-6208-45F6-8529-B0BE05611F49&gdpr=0&gdpr_consent=
Frame ID: 637F96396693D2D9953FAF01D13BEE07
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 0B2787B7F03BB38F875220F3AD454940
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 248486F88A78CDA1E55D9CBCF6206C3E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 26D410FAC108C5D36DBF90E2C35EA5D5
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4056150493
Frame ID: 8FFB9EAB32090E2977827D0058B25840
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: BB4F48E79714E765F75917198D928E5C
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: DD916FA36B4E90747B37B17844330194
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznVhYWYRRTMnhMMVR
Frame ID: 11819667FB4037DD4C88F1D69FD7BCFA
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: D27684FBE3A3E68786D6D882C022A550
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 56C1141B839DC8AAB899EA51A4E4B265
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 05865D6828A7FB468A7F71FDAB572616
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Frame ID: 4691C9B66653D6858A4006DE7B80AF3E
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,
Frame ID: C6E1B09DCC153D59BB2CCA18E5F1D645
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5AE3F1E3E3EBD8B09A93E4ABCF97D9F0
Requests: 2 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 4721CEEF2F5A58F8C9DAD3138C78BCDC
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 225AD0F5E072DE5487ACBA1C976FB340
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0DBD4F893D4F4D98A323225492AEFE7C&gdpr=0&gdpr_consent=
Frame ID: FFF5FB5FA38E8C992619198E2E2CF9C9
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Frame ID: 3978A6767FCE5528230D6162A63D8542
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,
Frame ID: 647469A0769023EE5A653C8832DFEC85
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 42EBF9C413564A5E6FD085D64087EE6B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PelotaInvernal.com | Resultados, Calendarios y Posiciones

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

489
Requests

85 %
HTTPS

32 %
IPv6

85
Domains

129
Subdomains

92
IPs

14
Countries

4724 kB
Transfer

13489 kB
Size

98
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.conectate.com.do/articulo/campeones-beisbol-invernal-dominicano/?swcfpc=1
Title: campeón del torneo invernal Dominicano

Search URL Search Domain Scan URL

URL: https://emisorasdominicanasonline.com/
Title: EmisorasDominicanasOnline.com

Search URL Search Domain Scan URL

URL: https://www.conectate.com.do/articulo/estadio-quisqueya-santo-domingo-republica-dominicana/
Title: Estadio Quisqueya Juan Marichal de Santo Domingo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 69

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=gSTu2HxZQ3FaRG5lRDlvZjZhaGNIb0Rnc2JJOHRCN2ZkQnEvN1dhS1R6RXppRkZUQWF6SlZyK2xqZXg3UXZtWWlibU9mVjNmb1dFUnpjajVWekczZXNoUHhzTk93U3A1Uml0WW1EdXJ5aHFOOHY3a29iV1ZXM1RsK3RIQ1cwUE1JNkZSOGlFZGpMR0JjSWZEa2daVERDWkdmUlpmNi9yTS9jNkNIN1lSSmpDeUR2aFVYcll1d0JTbGdqUXh4YUpzR0YxMDRwTnBhWm5jdnlFSE84Sjh0dzJraHpJbExXVHM1Wk1lTXBwS2kzNWU5aEpxbkgvSGtMU2E4V2JZMDVkanM3d214fA&cppv=2

Request Chain 93

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 98

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=523908388.49827271643240414.9467888 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=523908388.49827271643240414.9467888 HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=e49456df-4916-4db4-97d2-a925ebc1c45f&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_88e9e579-1fd8-4465-ba69-7c02a4b7c10d&bsw_param=e49456df-4916-4db4-97d2-a925ebc1c45f&expires=10 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e49456df-4916-4db4-97d2-a925ebc1c45f

Request Chain 99

https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58610/occ?verify=true HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-DJR1u_pE2uHx2u6xlMnHrpSV06eUXV1rLJI6Soc-~A

Request Chain 111

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=aa553c72-09d4-4f65-8a05-221431b1ec1c

Request Chain 114

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722

Request Chain 115

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Zntl_SEeSWJKke9M0LFU0Nly2hY

Request Chain 117

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=77aa6e58-6c22-482f-9838-7dc41ede2842

Request Chain 120

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665714732453111658

Request Chain 121

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Q5PfMHMpSDF2oX8eV6kBiNly2hY

Request Chain 133

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=66c56d3a-8216-4763-8629-bbc0b178522b

Request Chain 136

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722

Request Chain 137

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WjomeRqfQjtRmQiNFeo4pdly2hY

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKqTehErn9XFC71OxeBvfCM&google_cver=1

Request Chain 163

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y514y.QJ13jpKNHYD59KMgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKqTehErn9XFC71OxeBvfCM&google_cver=1&google_hm=2

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMgd5Ruwv8lK76zPEhxeZYc&google_cver=1

Request Chain 165

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMTYxNTM3NTEwMDcxMTIw

Request Chain 176

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBqdPBgY5L7fHYtT9kZf5Ag&google_cver=1&google_push=AavPq0MlX4n-GHkDZb01mG3nuPdoSlmRy0O-idNQj00q1bOJZlwkX5hIsUqDTYqNwkyAHuBDGUsoh8SYvEMaT2STsIqbdYMJP8_PMA4 HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=27235952-f12c-4060-9e47-fe2b74706ef6&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MlX4n-GHkDZb01mG3nuPdoSlmRy0O-idNQj00q1bOJZlwkX5hIsUqDTYqNwkyAHuBDGUsoh8SYvEMaT2STsIqbdYMJP8_PMA4&google_hm=5JRW30kWTbSX0qkl68HEXw==

Request Chain 177

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOSNE3d-qFQWJ4gkXd8YiwY&google_cver=1&google_push=AavPq0OdUwUu3FZCixl3EobBeQoP0RAp7U-sMznCD2ZFauiStHRcTuVBJ5L2gcPBdffkzgNX90TJIa8_E9M8BUbUl2zBTCv-_Ex6ww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OdUwUu3FZCixl3EobBeQoP0RAp7U-sMznCD2ZFauiStHRcTuVBJ5L2gcPBdffkzgNX90TJIa8_E9M8BUbUl2zBTCv-_Ex6ww&google_hm=eS14R0FXTTFaRTJwRTNyZEtjZ29qakIuRzQzMUhXVmFZY35B

Request Chain 178

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBfiZEVP0DcHwGYVTlc_utw&google_cver=1&google_push=AavPq0Ne7gA9qT5KYolqd0Np_9NxGZd-95U8urdvYzOvDDJAtMLOLOa-PxGmLsehNPeVwify8z5ZAXhAxWWGGHz40Tm7H-bgxmuRtIw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBfiZEVP0DcHwGYVTlc_utw&google_cver=1&google_push=AavPq0Ne7gA9qT5KYolqd0Np_9NxGZd-95U8urdvYzOvDDJAtMLOLOa-PxGmLsehNPeVwify8z5ZAXhAxWWGGHz40Tm7H-bgxmuRtIw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KAzVKWIIRfaFKbC-BWEfSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Ne7gA9qT5KYolqd0Np_9NxGZd-95U8urdvYzOvDDJAtMLOLOa-PxGmLsehNPeVwify8z5ZAXhAxWWGGHz40Tm7H-bgxmuRtIw

Request Chain 179

https://match.360yield.com/match/ebda?google_gid=CAESEIB-H10VP8_UhyRbShaqHsg&google_cver=1&google_push=AavPq0PTGVjZAYg74TxS3-8QvRjuhRmT4kp_lY8vjbJg04M6t1riFEeN2CsTYJwSSe4AwLvKEJ4lxz6JA14WM3unEdnzFhNqLJIEqQ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIB-H10VP8_UhyRbShaqHsg&google_cver=1&google_push=AavPq0PTGVjZAYg74TxS3-8QvRjuhRmT4kp_lY8vjbJg04M6t1riFEeN2CsTYJwSSe4AwLvKEJ4lxz6JA14WM3unEdnzFhNqLJIEqQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SHCX8DlBTcyuEe4jSBp7tw&google_push=AavPq0PTGVjZAYg74TxS3-8QvRjuhRmT4kp_lY8vjbJg04M6t1riFEeN2CsTYJwSSe4AwLvKEJ4lxz6JA14WM3unEdnzFhNqLJIEqQ

Request Chain 180

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEDHfyRJguM3xLIAD-xQ7Hg&google_cver=1&google_push=AavPq0PPrJXuefX_eBVZqSrmmLOKXMVrnQeudLCd4vn3Bwe3-KNmQssOHzhQbrGjfB-lNZae_57IrIW0ZzArNf_qZejmosPT_9fQRiY HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PPrJXuefX_eBVZqSrmmLOKXMVrnQeudLCd4vn3Bwe3-KNmQssOHzhQbrGjfB-lNZae_57IrIW0ZzArNf_qZejmosPT_9fQRiY&google_gid=CAESEEDHfyRJguM3xLIAD-xQ7Hg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ3MzczOTQzOTU3MTc2NTgzMTI0&google_push=AavPq0PPrJXuefX_eBVZqSrmmLOKXMVrnQeudLCd4vn3Bwe3-KNmQssOHzhQbrGjfB-lNZae_57IrIW0ZzArNf_qZejmosPT_9fQRiY

Request Chain 182

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 188

https://fw.adsafeprotected.com/rfw/bgd/1203349/67009481/xbbe/creative/adj?p=APEucNXUQEF-4rfSacNQQcmCuEwcxl_bBxyZCpKiQXmDnOzyk__G-zc&d=CokBAKAmf-DHiY-SvFL3bDhgUPNY54S-lEy6qT3EhJVBbzbj9izEMfmLUcRp4NdE3G3B2CHpl97cIXcNkJ9EWZBWjQ9jIh4VjqQlGUp6HYyZgarZM23IosD0HlmtBtvoqj2GI6VukF97sgjTwS69oj9J7StRPQGVCvtKfF2TqXt_11L8_IyCNqAPZZ8S6RMAoCZ_4JwdD3tRMKTIPRu4xfXViOZeS1HQVgvrkSiVZiyCBun5Q7HEDYVxXO4F5ym_PDFBuIUi_bDB1PUTFhM0QuPQZp9oFYW3E1jG2-IRJbUN_wnWiQQ7OdL4Vj9Ob_SXfAnPg__hxhxqNJ7fEtKv1QjaGYfYBTbmKxF79oigDkdLsF6CRkICYToolVXsUNyKwVCwyY6PGyVyUAHHATTMXAcrS8AzTqGTi9TrhO-a3ge6adB4msB639rqsDrjNV2DmxmvZnBdTyq1cBoca7qBi7RGHuSeaujtdwGQO_Z3MpdUVsDxDbC6zbfeRi3he7CB740S-zwTvXEsS3Vg-tjfYwWVWJxUwaF4wK4ecuYwyfHCU_Z324OyIkQceRqpMAuIYJ7xklC_ZgpuFptOV1EdB4iSwMsQSGfeGZ3J7sk7WNQTDkpt-2UihKP2C2Hd4zOixxUgMZ8q91cpmxnYIoBLZ_U7opjtKaTIsq1NgNajSqd2ZeKJ-aSaq5EEwAwojb7zNCGnnq76JX4zv4v3FrDp1tqGpjoTHquH01_KMraDRUAv_tBHipZAOpLIWQY-RHKSKGe1-2JE_8-BbHEWPLrc1Ue8AjmNK1lBxD7IdFGF8lanu9Bi3m2NhU-d-iqXyxzPdnHNgceixQOET2EwRe6UtyGRnS7C4dzG8313wMbNWeXcrurWlCo9s2VUJdUv2FrmY-eM_8cG7CXZwh8PSGEclRTFhpozMcuKe08sWnkH0CVz1Ef1KPGfvGZOg4ejF7dekAl2g8UxQoQNKJEBEkQNU8PQfaAV7fVAgDAPT9SMnq23e1-enXDp0psj_PLcZhGLESa0dDb_RJGfelpsXMxNcU5mHsbuFkas8ItoSwmDLIMiAR_I8HNxkzWLDXbrMlvhDb7SDAI6RVt7qaRlOSmA2PJdQTMsZZEfA-UGOmVAU-8H4I4e9HH_-Jz96wBccBqpokzPwm7nqLesjwNQUFKWI5N6jkAkU40ti6ky9Tpv6dDtd7JnBRG5JZTIiaeh76-k-XX0l9aj4YG_fBX79z-5yfPXGXuhA1w-FToGCK17UMG609rStRMhkxgiz_AFeNWEkvtaSQkTrnCQh_hX0h5pQONtDgOpmCNjTGTQeEK3rcZZsf9Q_BKHIgheKWkvKvdiwsvo8-Bqht6mI0bijJ6FI4W7ET4-5vfNBnOFp3syrzsCafh5iEZ95nbK3d-4tXNAeKc89solpPq7RRx8hie-c0bVocdKogd3AAOrrIFw-7K3_9zpDTCeVbHuLSX1_O6S5bD2YIMtHqInfYRm_1f2owLgBgDYGV9pcvheMf_nQIbdCKTsNIeuWQy4Kv84pLrM4YTegTR4-eryp6hPRuI4LpvfK8C3UfQtMFBr8FXjNZMCLfYsYZUqBZB5_1sw06cvsy08GiSYk6Ur7g04tQvS39dZN5v2Tz2BwsvarFo8FbTRa_rMyIkStU0lT6MC9rcvBenEU44q3Owa5SKiON0KrlQ46ViKk161VOG2h_oiwGTWGwWaHOm6QghW0TXZK2nMZwCCkwcN_fJPM6bzNX9SkERuk5GVBTPIj-x4V8jOkQ9UaiM2dhHDN2cGQU4TpNS2PTtPdgvQ0GEk-NnXyx-X771w6jP-UoFE76J0NVgnTMGZ1yXETlS8Dqq9Dibe-71I4D3U4bMNJ7aIgn4IkXT_YwdOM14FiFKqRtXqIo_bWEWVnGdTV5ihZmM5IdVODizfh1LSGhV3djTeHke5xnaLMvz-vpDkwSgdVUvRuq1oYnQZZowaeoX0FiNFhYnpv1ZhC_IwdaQhH4QRwPmLqd4-tPiB8Saf_YYQltCb_r94aPEeworGd2QRaWQ6ld15mdmi0Tgi8vYwmB4JoY9vMejXtC-_Kfuk2g85N9reu-SC_s-4jG9tIQ-258gxRluP3HxRFj3i-XuTONFDJiKFpAxDw9Nf_BhPD96rZdEhSfa06uadBDRuJJRbEI-DK1MZkslXan9b0kGvWdTKT3klBhy3CF6FjUDOIFrZKJu2hy0jusMkTSZ_u45Zn2e3OIbXKHRWiqdGn3Ymc5T3U_raoeyTwusvCQWxWzQ_lNNxuT0aUgw5S_G6-kqFs4DVAuXhl-9-5FLZk5Z1kg7Kmt0ZDllpgFjPPIou_vpiP57pwiJlrqqt5KDDN4xVupxzDVmarlgQ2XwaFeIoNR7Llvka326jTQ4PJG2A300woBtwZTHsUxHBk4xRWI5GhQlW69UIDZzOGpkcajZan6CcZqS1htP6GVQ003oYx1trSrBi1mlXnqMFgHeeksAEwxutiZsFGxF78UtYqVG9CA3RQdxMC8yR80riMnFd8ClSCAdXSnT65DDTuIZ8lPBoILPAEemXRkhjPZTmUjvcG8hYS3t6OGhvuk15MSTHfIC-Vl3f3RnfQzPA8x1t4D7v4W3P-Uw_3DFoCuZ8Hzu2bATlfD9nH2QNb8u8D0ca9OfpZ7ABH1GQlfF-_31Q0xhHDpsCOSeJH_topOhqL3ZNdAyKlFIqVec1jKqzIS5Ky9elxCTFzb8DpbpCW5c2eivlUT4DCcUFPnP-QGGCmb-XZC80PB5XlWHev7tC-agzhqfKW_vpjWElqmGnfSyM0-gaIMxX9QWpWXAELrKAKETwFkA1qfJfTx0LdI-ZlixnfruSED1xjIbo3No1IGiLb28i2edBht1p7MdrZw4EEoEscnNujUk-nt2sE_Mkxve7h5DpwJC2EExhz_46RTyO7TYykWjs9Q5RusATMj7tHBo-T_cljr0pwubM-JBAI9uScfvmENz72nrgrA29gcF8u-U6Z5DJKgjCTbWGpHoaDJAdsPRYGiy0etjMUGaqs_QpK5DyI3kzSvICYH9jR-BPr2ITeDwm_6zwmVD2xg0OGXpGHhsEwWazOX_WczprhZK7gO2svu4ZsWJwL84vi4cqLDHuVsxhm5yJjc26jjWgJgAdzsrd5MA0cD-XxY44XeIQxlMMWDYpkwXh2kV-5BtU1xMfQpqghMEbFjE7ckhoE90dixZdriJLySqQEumHusdRcjLW6gsJgngORuXC19c6ip5tNl6BlbYUsK-dnMRY4yzvZPioxux7lWbsIBmQ3gGLkWcFxsduBgiEBimkiSVC0JQcY90VjKTHDR-W8m14DBvIMJYqnaYVUavrI4x7XwhcowuU0EmHgJ-Ap5_zf6yjv_68HNUWErp5kBR6J5r-X6hUSFlx4Mprj2aLZHcfAUQJaADTB5FRfE_8yWLR_dFx8DdmaH01-5YW8O5jWyPb1EJzgQRuSPpP6W82m6PABFF33an5KCHso8O_R5BGEduJPk8uID3lhCtRasusW7RC7MsPLxQmwWrRICflTOgjxrG1gCN3sQUA0Wv7Tn9GKYChoXu6tBoxCAQSKQDq26N9cAtjYefID8LU01iXG_PH40I5BrXpWrcRtk17x4EJRSTzr3obGAEgE2AB&cry=1&bidurl=https://pelotainvernal.com/&bundleId=&adsafe_url=https%3A%2F%2Fpelotainvernal.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpelotainvernal.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20221207%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-3139134883708761%26fa%3D3%26ifi%3D5%26uci%3Da!5%26btvi%3D1%26xpc%3DSlzeJvG4ng%26p%3Dhttps%253A%2F%2Fpelotainvernal.com&adsafe_type=d&adsafe_jsinfo=,id:9d7d88cb-1a33-1b1a-7ba4-5e44f4fa56ee,c:x2uJ3S,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-mx69m,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:dfhui1,mtim:3,mot:0,app:0,maw:0,fm:tqg7lPH+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b*.1203349-67009481%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3,idMap:1b*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:df92d92e-7de1-11ed-a906-7e8647aa2870,v:19.8.377,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXUQEF-4rfSacNQQcmCuEwcxl_bBxyZCpKiQXmDnOzyk__G-zc&d=CokBAKAmf-DHiY-SvFL3bDhgUPNY54S-lEy6qT3EhJVBbzbj9izEMfmLUcRp4NdE3G3B2CHpl97cIXcNkJ9EWZBWjQ9jIh4VjqQlGUp6HYyZgarZM23IosD0HlmtBtvoqj2GI6VukF97sgjTwS69oj9J7StRPQGVCvtKfF2TqXt_11L8_IyCNqAPZZ8S6RMAoCZ_4JwdD3tRMKTIPRu4xfXViOZeS1HQVgvrkSiVZiyCBun5Q7HEDYVxXO4F5ym_PDFBuIUi_bDB1PUTFhM0QuPQZp9oFYW3E1jG2-IRJbUN_wnWiQQ7OdL4Vj9Ob_SXfAnPg__hxhxqNJ7fEtKv1QjaGYfYBTbmKxF79oigDkdLsF6CRkICYToolVXsUNyKwVCwyY6PGyVyUAHHATTMXAcrS8AzTqGTi9TrhO-a3ge6adB4msB639rqsDrjNV2DmxmvZnBdTyq1cBoca7qBi7RGHuSeaujtdwGQO_Z3MpdUVsDxDbC6zbfeRi3he7CB740S-zwTvXEsS3Vg-tjfYwWVWJxUwaF4wK4ecuYwyfHCU_Z324OyIkQceRqpMAuIYJ7xklC_ZgpuFptOV1EdB4iSwMsQSGfeGZ3J7sk7WNQTDkpt-2UihKP2C2Hd4zOixxUgMZ8q91cpmxnYIoBLZ_U7opjtKaTIsq1NgNajSqd2ZeKJ-aSaq5EEwAwojb7zNCGnnq76JX4zv4v3FrDp1tqGpjoTHquH01_KMraDRUAv_tBHipZAOpLIWQY-RHKSKGe1-2JE_8-BbHEWPLrc1Ue8AjmNK1lBxD7IdFGF8lanu9Bi3m2NhU-d-iqXyxzPdnHNgceixQOET2EwRe6UtyGRnS7C4dzG8313wMbNWeXcrurWlCo9s2VUJdUv2FrmY-eM_8cG7CXZwh8PSGEclRTFhpozMcuKe08sWnkH0CVz1Ef1KPGfvGZOg4ejF7dekAl2g8UxQoQNKJEBEkQNU8PQfaAV7fVAgDAPT9SMnq23e1-enXDp0psj_PLcZhGLESa0dDb_RJGfelpsXMxNcU5mHsbuFkas8ItoSwmDLIMiAR_I8HNxkzWLDXbrMlvhDb7SDAI6RVt7qaRlOSmA2PJdQTMsZZEfA-UGOmVAU-8H4I4e9HH_-Jz96wBccBqpokzPwm7nqLesjwNQUFKWI5N6jkAkU40ti6ky9Tpv6dDtd7JnBRG5JZTIiaeh76-k-XX0l9aj4YG_fBX79z-5yfPXGXuhA1w-FToGCK17UMG609rStRMhkxgiz_AFeNWEkvtaSQkTrnCQh_hX0h5pQONtDgOpmCNjTGTQeEK3rcZZsf9Q_BKHIgheKWkvKvdiwsvo8-Bqht6mI0bijJ6FI4W7ET4-5vfNBnOFp3syrzsCafh5iEZ95nbK3d-4tXNAeKc89solpPq7RRx8hie-c0bVocdKogd3AAOrrIFw-7K3_9zpDTCeVbHuLSX1_O6S5bD2YIMtHqInfYRm_1f2owLgBgDYGV9pcvheMf_nQIbdCKTsNIeuWQy4Kv84pLrM4YTegTR4-eryp6hPRuI4LpvfK8C3UfQtMFBr8FXjNZMCLfYsYZUqBZB5_1sw06cvsy08GiSYk6Ur7g04tQvS39dZN5v2Tz2BwsvarFo8FbTRa_rMyIkStU0lT6MC9rcvBenEU44q3Owa5SKiON0KrlQ46ViKk161VOG2h_oiwGTWGwWaHOm6QghW0TXZK2nMZwCCkwcN_fJPM6bzNX9SkERuk5GVBTPIj-x4V8jOkQ9UaiM2dhHDN2cGQU4TpNS2PTtPdgvQ0GEk-NnXyx-X771w6jP-UoFE76J0NVgnTMGZ1yXETlS8Dqq9Dibe-71I4D3U4bMNJ7aIgn4IkXT_YwdOM14FiFKqRtXqIo_bWEWVnGdTV5ihZmM5IdVODizfh1LSGhV3djTeHke5xnaLMvz-vpDkwSgdVUvRuq1oYnQZZowaeoX0FiNFhYnpv1ZhC_IwdaQhH4QRwPmLqd4-tPiB8Saf_YYQltCb_r94aPEeworGd2QRaWQ6ld15mdmi0Tgi8vYwmB4JoY9vMejXtC-_Kfuk2g85N9reu-SC_s-4jG9tIQ-258gxRluP3HxRFj3i-XuTONFDJiKFpAxDw9Nf_BhPD96rZdEhSfa06uadBDRuJJRbEI-DK1MZkslXan9b0kGvWdTKT3klBhy3CF6FjUDOIFrZKJu2hy0jusMkTSZ_u45Zn2e3OIbXKHRWiqdGn3Ymc5T3U_raoeyTwusvCQWxWzQ_lNNxuT0aUgw5S_G6-kqFs4DVAuXhl-9-5FLZk5Z1kg7Kmt0ZDllpgFjPPIou_vpiP57pwiJlrqqt5KDDN4xVupxzDVmarlgQ2XwaFeIoNR7Llvka326jTQ4PJG2A300woBtwZTHsUxHBk4xRWI5GhQlW69UIDZzOGpkcajZan6CcZqS1htP6GVQ003oYx1trSrBi1mlXnqMFgHeeksAEwxutiZsFGxF78UtYqVG9CA3RQdxMC8yR80riMnFd8ClSCAdXSnT65DDTuIZ8lPBoILPAEemXRkhjPZTmUjvcG8hYS3t6OGhvuk15MSTHfIC-Vl3f3RnfQzPA8x1t4D7v4W3P-Uw_3DFoCuZ8Hzu2bATlfD9nH2QNb8u8D0ca9OfpZ7ABH1GQlfF-_31Q0xhHDpsCOSeJH_topOhqL3ZNdAyKlFIqVec1jKqzIS5Ky9elxCTFzb8DpbpCW5c2eivlUT4DCcUFPnP-QGGCmb-XZC80PB5XlWHev7tC-agzhqfKW_vpjWElqmGnfSyM0-gaIMxX9QWpWXAELrKAKETwFkA1qfJfTx0LdI-ZlixnfruSED1xjIbo3No1IGiLb28i2edBht1p7MdrZw4EEoEscnNujUk-nt2sE_Mkxve7h5DpwJC2EExhz_46RTyO7TYykWjs9Q5RusATMj7tHBo-T_cljr0pwubM-JBAI9uScfvmENz72nrgrA29gcF8u-U6Z5DJKgjCTbWGpHoaDJAdsPRYGiy0etjMUGaqs_QpK5DyI3kzSvICYH9jR-BPr2ITeDwm_6zwmVD2xg0OGXpGHhsEwWazOX_WczprhZK7gO2svu4ZsWJwL84vi4cqLDHuVsxhm5yJjc26jjWgJgAdzsrd5MA0cD-XxY44XeIQxlMMWDYpkwXh2kV-5BtU1xMfQpqghMEbFjE7ckhoE90dixZdriJLySqQEumHusdRcjLW6gsJgngORuXC19c6ip5tNl6BlbYUsK-dnMRY4yzvZPioxux7lWbsIBmQ3gGLkWcFxsduBgiEBimkiSVC0JQcY90VjKTHDR-W8m14DBvIMJYqnaYVUavrI4x7XwhcowuU0EmHgJ-Ap5_zf6yjv_68HNUWErp5kBR6J5r-X6hUSFlx4Mprj2aLZHcfAUQJaADTB5FRfE_8yWLR_dFx8DdmaH01-5YW8O5jWyPb1EJzgQRuSPpP6W82m6PABFF33an5KCHso8O_R5BGEduJPk8uID3lhCtRasusW7RC7MsPLxQmwWrRICflTOgjxrG1gCN3sQUA0Wv7Tn9GKYChoXu6tBoxCAQSKQDq26N9cAtjYefID8LU01iXG_PH40I5BrXpWrcRtk17x4EJRSTzr3obGAEgE2AB&cry=1

Request Chain 212

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFj0uTQ71HinEQJBYQj5i5U&google_cver=1&google_push=AavPq0N4vxWGsNVDAiCkdAqVUygYf-M28C9DlAYmVDlSeXwiDS5rYYEHnwCFQnLlzccYv02MvwyvMffH7AJmbwk8SVI-hCwJPt5_VQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFj0uTQ71HinEQJBYQj5i5U&google_push=AavPq0N4vxWGsNVDAiCkdAqVUygYf-M28C9DlAYmVDlSeXwiDS5rYYEHnwCFQnLlzccYv02MvwyvMffH7AJmbwk8SVI-hCwJPt5_VQ

Request Chain 213

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOSNE3d-qFQWJ4gkXd8YiwY&google_cver=1&google_push=AavPq0OxlGDIlG6L1_jQaOA-ay-Zsc3B6WcDDJ2thpSOD1oC1HbieqvHarKhjNZfZSe00rNO0Jy7HlzLQ8JXA5AuAfCsf7mCz_RhJQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OxlGDIlG6L1_jQaOA-ay-Zsc3B6WcDDJ2thpSOD1oC1HbieqvHarKhjNZfZSe00rNO0Jy7HlzLQ8JXA5AuAfCsf7mCz_RhJQ&google_hm=eS14R0FXTTFaRTJwRTNyZEtjZ29qakIuRzQzMUhXVmFZY35B

Request Chain 214

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEDHfyRJguM3xLIAD-xQ7Hg&google_cver=1&google_push=AavPq0Ng59pW36VZYeN2OpEL7ZLA7pBlwHw12Bf4az3ov1DOo6dIjt88g24Kv7nHVSHJmM-U79uYtqMcadA-oMKGzESDpH2dTcTv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ3MzczOTQzOTU3MTc2NTgzMTI0&google_push=AavPq0Ng59pW36VZYeN2OpEL7ZLA7pBlwHw12Bf4az3ov1DOo6dIjt88g24Kv7nHVSHJmM-U79uYtqMcadA-oMKGzESDpH2dTcTv

Request Chain 215

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEG-jGeejozf-D7pfhl3Z0zA&google_cver=1&google_push=AavPq0OFvwbrC_S1x-BbI5QJbIzBoK60EZ9UMnWyH1eRjMEmGpvZhPdhceCzLfuNxLC1PaVF0OyCopUL4OXkWnKsWIO1NFpYJyHIi14 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OFvwbrC_S1x-BbI5QJbIzBoK60EZ9UMnWyH1eRjMEmGpvZhPdhceCzLfuNxLC1PaVF0OyCopUL4OXkWnKsWIO1NFpYJyHIi14 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 216

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEC57awIScBWvk2SBzgmj7nM&google_cver=1&google_push=AavPq0OPmHoWc6dWzBNFtumwOm1Cc-d0nillMTGC8kHnWARi252faIA7W3cRA63yNKYUYImluIqthiavTr4Ep8eNLGDxeIBqSOG0Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjgwMTYxNTM3NTEwMDcxMTIw&google_gid=CAESEC57awIScBWvk2SBzgmj7nM&google_cver=1&google_push=AavPq0OPmHoWc6dWzBNFtumwOm1Cc-d0nillMTGC8kHnWARi252faIA7W3cRA63yNKYUYImluIqthiavTr4Ep8eNLGDxeIBqSOG0Nw

Request Chain 217

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBxKhE9QiiuZ9RgNdMRQbSQ&google_cver=1&google_push=AavPq0PZn_IqctzdczRx-ro8Ct5Zut5rsGrRCiNXOq5Iq-YbSrro50tJu4ZJ9YW4--WD_i85y02heuox6valXDkpKMa5CdNz9Jpgx4w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e49456df-4916-4db4-97d2-a925ebc1c45f&%%GOOGLE_PUSH_PAIR%%

Request Chain 247

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:132d639d-78cd-4100-bd71-bacb350a17e7&gdpr=0&gdpr_consent=

Request Chain 249

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7395731750294412503

Request Chain 250

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=280CD529-6208-45F6-8529-B0BE05611F49&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=280CD529-6208-45F6-8529-B0BE05611F49&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 251

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=680161537510071120&gdpr=0&gdpr_consent=

Request Chain 252

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KAzVKWIIRfaFKbC-BWEfSQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 255

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3200421385 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=280CD529-6208-45F6-8529-B0BE05611F49

Request Chain 256

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjgwQ0Q1MjktNjIwOC00NUY2LTg1MjktQjBCRTA1NjExRjQ5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFrHGGVQ2SH4_bkO3wHPTQ4&google_cver=1

Request Chain 259

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5933519048619694325

Request Chain 285

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELZUW869VHsPa4vxdnimZgs&google_cver=1

Request Chain 287

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEIvjMW5MjX2kewgpO5I7C90&google_cver=1

Request Chain 289

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEK8jK1TtRlRN7rhvW8UxVWE&google_cver=1

Request Chain 290

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGZiYmE5MTQtN2RlMS0xMWVkLTg2NGItMWZlM2NkOGYwMDA2

Request Chain 291

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS01Um80Xy5WRTJ1RVo5WTNMcmJ3ZFdpVkVfcG1XV2dtc35B

Request Chain 306

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&google_cver=1&google_push=AavPq0PVvp0IRFVLs7ikPkbLDQ4FzdzTWtDdJpGHOOor_1pZ4ebeIoI_-ePn0EZtkH_HtZn6yORhNon5jHQnAJA5onkF_qiRD7t- HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&google_cver=1&google_push=AavPq0PVvp0IRFVLs7ikPkbLDQ4FzdzTWtDdJpGHOOor_1pZ4ebeIoI_-ePn0EZtkH_HtZn6yORhNon5jHQnAJA5onkF_qiRD7t- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dlRvSkNZcFcxUDZzZW81&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&google_cver=1&google_push=AavPq0PVvp0IRFVLs7ikPkbLDQ4FzdzTWtDdJpGHOOor_1pZ4ebeIoI_-ePn0EZtkH_HtZn6yORhNon5jHQnAJA5onkF_qiRD7t-

Request Chain 307

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJfQnQ8M4lw7zSSHb5qGGlo&google_cver=1&google_push=AavPq0O6WvWppvgPvPqLYzq_ND3GomisSXXM4y2iWSrLUpM3My3xf8nx8IdcaZWj5MYd_pezWWb2o97n3PMi1LXfvfOWs0t-tuX9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Ey1jnXjNQQC9cbrLNQoX5w&google_push=AavPq0O6WvWppvgPvPqLYzq_ND3GomisSXXM4y2iWSrLUpM3My3xf8nx8IdcaZWj5MYd_pezWWb2o97n3PMi1LXfvfOWs0t-tuX9

Request Chain 308

https://um.simpli.fi/gp_match?google_gid=CAESEK0p_Qxw7HLalcNHahgXp8g&google_cver=1&google_push=AavPq0O42o_NQoVPKiVlCU3EvMy9LKet3GvIcl5zZXgJat4f_0rMwdZTiKStuUE7N6IOSFPby5AjGaTiArva58wXg1Evr-TXIMTS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0DBD4F893D4F4D98A323225492AEFE7C&google_push=AavPq0O42o_NQoVPKiVlCU3EvMy9LKet3GvIcl5zZXgJat4f_0rMwdZTiKStuUE7N6IOSFPby5AjGaTiArva58wXg1Evr-TXIMTS

Request Chain 310

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKetfxybpjIzHT98vEkJXxw&google_cver=1&google_push=AavPq0NrBHnkzMnSvOYj52X1P8DnIhdXQ6VDuFJXDrFCjDmI18g96O6ICczCWiAnkTRZw7YUQEIplbWzR21IgYxUmDLFlOrNYOgH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NrBHnkzMnSvOYj52X1P8DnIhdXQ6VDuFJXDrFCjDmI18g96O6ICczCWiAnkTRZw7YUQEIplbWzR21IgYxUmDLFlOrNYOgH&google_hm=InfHfZ6pTTKOzjmm35tUSBY

Request Chain 311

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECvmxxTvUBHVWVOxVsvo8z4&google_cver=1&google_push=AavPq0MvHuQNwt_DJ6PWqNodEYcSUG25TfQGdB4mymPbLbXXRhzvCT30KPseuyxw6j_CrXngUyTSfmmM58CMa_Nb69_XrfSX_YUp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3ODAyNjE5ODY4ODc5MDY4Mw%3D%3D&google_push=AavPq0MvHuQNwt_DJ6PWqNodEYcSUG25TfQGdB4mymPbLbXXRhzvCT30KPseuyxw6j_CrXngUyTSfmmM58CMa_Nb69_XrfSX_YUp

Request Chain 312

https://d5p.de17a.com/cookies/google?google_gid=CAESEAPEc2jrumx2cnIeSodDyyY&google_cver=1&google_push=AavPq0MOqsrcqAj_Zk1PURU2t509KlU-S2MKASXyZtt0WjkyrHC8hX7Lszs6k_MCxSfkgqseHR1xWXslVLkIfZQQrOUKNquCMkFN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MOqsrcqAj_Zk1PURU2t509KlU-S2MKASXyZtt0WjkyrHC8hX7Lszs6k_MCxSfkgqseHR1xWXslVLkIfZQQrOUKNquCMkFN

Request Chain 330

https://gum.criteo.com/sid/json?origin=publishertagids&domain=pelotainvernal.com&sn=ChromeSyncframe&so=3&topUrl=pelotainvernal.com&bundle=HFGyJF9Cam1ZdjQ1QSUyRmxpQ0N4TkZJWUUzd3pUZUZwOVRINGV0T2xKRkZsNUtzeiUyRnQ2cTQ5JTJGYzdhQTdXQ0h3eEtTVmRxWnZ6cE1PNmplUFcyOGFyWGozNyUyQmI3bXEwZUxoV1hsY3gyc2tBbzAycEMlMkJjQVNLZFRpQ2FPdUs1ckVBaVJUd3A&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ZIyH8nxqKzVrZ2JpY3E2M3FEeWpXdDBEVi9YYzN3cWd0ZEFqYU1QMUVvbWRtYXZFZVoyL0M2ZWVURzRPQ1EvTUhPU2VxUUl3dVpCVDB4N1NTNzlGTGxLWEFoNlp2VlVNUERrQkN4Y245TUJ2K2p2Q1VPWWRGYkI3ekVrTnk2M0xGN2NCdXpKNGdlOFQxS2hwVmhna2ZFbzlSVzhqYzY5QnZiVUc3dFUrVHNaNXByQUhuaXJUNUZPOWV0ZzNZWDZ6QmFuRHZCUHJQcU5NSDhOZVZUUG1MdGtGa2thY1A0SHoxbEszQTdxd2VCNXVnSURCcVNsRVBSSlBGUnFKb2dBS2haVFVHVTFaZVRHZmVXbm1zNTVjSzdJVjdKZEhoODZPVURNRzBsYU9yaTJZUk55MD18&cppv=2

Request Chain 359

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=vToJCYpW1P6seo5&gdpr=0

Request Chain 362

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&google_cver=1&google_push=AavPq0PoPJZFg92o-7OW0UlkhT5kg4sNLwSCJWgc8b3aSDDNOsj-fyDkdXHxapEbhtiU3jVZI6z528AKCoG5dKfrt-XntPnbDajqpA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dlRvSkNZcFcxUDZzZW81&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&google_cver=1&google_push=AavPq0PoPJZFg92o-7OW0UlkhT5kg4sNLwSCJWgc8b3aSDDNOsj-fyDkdXHxapEbhtiU3jVZI6z528AKCoG5dKfrt-XntPnbDajqpA

Request Chain 363

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJfQnQ8M4lw7zSSHb5qGGlo&google_cver=1&google_push=AavPq0Pvp7zcvLhldR6mwm1PkHN5jZhi_k20Tg5Dfq2g8u17iZdH-LvAIWwo5XLJtMA5-UKQP64dTzrLDQmIZlTzHFgXovUEeojh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Ey1jnXjNQQC9cbrLNQoX5w&google_push=AavPq0Pvp7zcvLhldR6mwm1PkHN5jZhi_k20Tg5Dfq2g8u17iZdH-LvAIWwo5XLJtMA5-UKQP64dTzrLDQmIZlTzHFgXovUEeojh

Request Chain 364

https://um.simpli.fi/gp_match?google_gid=CAESEK0p_Qxw7HLalcNHahgXp8g&google_cver=1&google_push=AavPq0NoCYesieug-bdtfDeNAMu_QB-Pf2uFHUq6yc70o8PwZ_pUZsu6A2U4Y3a39URaLEP3rMFJfFc-UXG-lLLTypqrCbhH05MQfQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0DBD4F893D4F4D98A323225492AEFE7C&google_push=AavPq0NoCYesieug-bdtfDeNAMu_QB-Pf2uFHUq6yc70o8PwZ_pUZsu6A2U4Y3a39URaLEP3rMFJfFc-UXG-lLLTypqrCbhH05MQfQ

Request Chain 366

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKetfxybpjIzHT98vEkJXxw&google_cver=1&google_push=AavPq0N-wdPb-ReumnEbrlVzvNTkCQRCnNhwG2qsfQYTpgSQearOGuoC5rBXwaKedHZkDDHGmL715kqpKDpr8TDvY0RB4t0828AL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0N-wdPb-ReumnEbrlVzvNTkCQRCnNhwG2qsfQYTpgSQearOGuoC5rBXwaKedHZkDDHGmL715kqpKDpr8TDvY0RB4t0828AL&google_hm=InfHfZ6pTTKOzjmm35tUSBY

Request Chain 367

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECvmxxTvUBHVWVOxVsvo8z4&google_cver=1&google_push=AavPq0N2ayBQfxww427l7TC0ppOTSOwsLXp7UDjmqYhwnKAboPmT9eXzzIFsKtAneqDKUlKbERzX_HF9Dbr8lyKx151_3sodRH0snA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3ODAyNjE5ODY4ODc5MDY4Mw%3D%3D&google_push=AavPq0N2ayBQfxww427l7TC0ppOTSOwsLXp7UDjmqYhwnKAboPmT9eXzzIFsKtAneqDKUlKbERzX_HF9Dbr8lyKx151_3sodRH0snA

Request Chain 368

https://d5p.de17a.com/cookies/google?google_gid=CAESEAPEc2jrumx2cnIeSodDyyY&google_cver=1&google_push=AavPq0MrLcQWWn9W1LdR4I3xEHGlc_FAmztnlCJlZkL9PsG8422jouLfMMtP1HhHHnGY2FgvaVbNLYp7juE2mxokmjmyPVTy6LY1Lw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MrLcQWWn9W1LdR4I3xEHGlc_FAmztnlCJlZkL9PsG8422jouLfMMtP1HhHHnGY2FgvaVbNLYp7juE2mxokmjmyPVTy6LY1Lw

Request Chain 376

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jvYUeY_9TnyV804kiPAALo6gHySV_UkqivC6rkMt

Request Chain 377

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7178026198688790683&gdpr=0&gdpr_consent=

Request Chain 378

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDcUJFN0hPdklBQUI5dlQ2OUx6dw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACqBE7HOvIAAB9vT69Lzw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0

Request Chain 379

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WjomeRqfQjtRmQiNFeo4pdly2hY

Request Chain 380

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y514ywAAALNDNgAZ&gdpr=0&gdpr_consent=

Request Chain 382

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=280CD529-6208-45F6-8529-B0BE05611F49&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=280CD529-6208-45F6-8529-B0BE05611F49&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 383

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=280CD529-6208-45F6-8529-B0BE05611F49&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=280CD529-6208-45F6-8529-B0BE05611F49&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=280CD529-6208-45F6-8529-B0BE05611F49&addseg=19,36,42

Request Chain 384

https://pixel.onaudience.com/?partner=214&mapped=280CD529-6208-45F6-8529-B0BE05611F49&gdpr=0&gdpr_consent= HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0

Request Chain 385

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

Request Chain 387

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=280CD529-6208-45F6-8529-B0BE05611F49&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9tFavHZE2uWwfCq5DXoOj__fGZPDpoc-~A&gdpr=0&gdpr_consent=

Request Chain 415

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1e434d1f-99a5-4230-a206-5436e12638b4

Request Chain 418

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722

Request Chain 419

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WjomeRqfQjtRmQiNFeo4pdly2hY

Request Chain 437

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 438

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 440

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1671264463650 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4056150493

Request Chain 443

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznVhYWYRRTMnhMMVR

Request Chain 444

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=132d639d-78cd-4100-bd71-bacb350a17e7

Request Chain 445

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7593657138415183722&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 446

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:77aba6bb-b021-44a0-827b-6296dbf52548&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 447

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=680161537510071120

Request Chain 459

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=acf8bbe4-0986-4c88-83b1-e5ee17a27290

Request Chain 462

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722

Request Chain 463

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WjomeRqfQjtRmQiNFeo4pdly2hY

Request Chain 481

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0DBD4F893D4F4D98A323225492AEFE7C&gdpr=0&gdpr_consent=

489 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pelotainvernal.com/ 80 KB
16 KB 490ms
230ms Document
text/html 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0fc22832567771085068ce18bb7546c776e378638e9fe825a7d4f625754a83c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:36 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/ 160 KB
24 KB 86ms
23ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/bootstrap.min.css

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bd558b6b0fa8256504d6f1796203c55c540013d7d4021f79241476f3ac49dac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Dec 2022 08:07:36 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 967799
x-jsd-version: 5.1.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23945
x-served-by: cache-fra-eddf8230024-FRA, cache-hhn-etou8220067-HHN
x-jsd-version-type: version
etag: W/"28033-Lut6yvcPnqX8AiDhXoU9TgvRAp8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 responsiveslides.css
pelotainvernal.com/vendor/slider/ 490 B
421 B 114ms
113ms Stylesheet
text/css 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/vendor/slider/responsiveslides.css
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2017 10:38:14 GMT
server: nginx
etag: W/"59dca316-1ea"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 site.css
pelotainvernal.com/css/ 18 KB
4 KB 115ms
114ms Stylesheet
text/css 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/css/site.css?v=2.50
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d74835ebc144bb92d18a970ca79cae0840c356a5967bb1d1d9428c32c183cdb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: gzip
last-modified: Sun, 26 Dec 2021 10:53:15 GMT
server: nginx
etag: W/"61c8499b-4711"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 162ms
57ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Dec 2022 08:06:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Dec 2022 08:07:36 GMT

GET
H2 200 smart-app-banner.css
pelotainvernal.com/js/smartapp/ 6 KB
1 KB 115ms
115ms Stylesheet
text/css 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/js/smartapp/smart-app-banner.css
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 43ed01782a52f74351b31f996f02f0761540c3af7cdbd0693891a3e5abcfa3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 12:50:23 GMT
server: nginx
etag: W/"5bc8818f-17b9"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 198ms
91ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a0533a13afb670ec11ee5ff801847283430c2a115dcef0c96934cd6096987d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49464
x-xss-protection: 0
server: cafe
etag: 6753722082902200838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 08:07:36 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 199ms
70ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27542
x-xss-protection: 0
server: sffe
etag: "1423 / 897 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 17 Dec 2022 08:07:36 GMT

GET
H2 200 pelotainvernal.js Show response
flower-ads.com/tag/pelotainvernal/ 231 KB
68 KB 337ms
209ms Script
application/x-javascript 2606:4700:20::681a:79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3620d28357207cd4b8092fe728bed5a606c78c07d4043ed225b7c3e8e58fa731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 30 Nov 2022 14:17:03 GMT
server: cloudflare
etag: W/"39a62-638765df-0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZtvmU%2FDeFi5EHSkzcZyeDk1WevIwipwpnLHkA9sLuaJNmlX7rCbUYjyvxf0YPALpKncYPFw%2FUuPh2SlzvY53VSX5rUntH%2BaroTE9seu6NaFX1NckA%2F7MeRj5g78AWjTB1yh2DUz38zC5JaW"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=300
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 77ae2a879ec89b67-FRA
expires: Sat, 17 Dec 2022 08:11:49 GMT

GET
H/1.1 200
OK 7902d366eeaba88fdaf00c9aad70217a.png
s3.amazonaws.com/cdn.baseball-new.com/ 4 KB
5 KB 477ms
128ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/7902d366eeaba88fdaf00c9aad70217a.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ffe1619d0cddcd71c73eb41dcf1bf9219646f36b90667b3746c8a6771375fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Sun, 22 Nov 2020 13:46:40 GMT
Server: AmazonS3
x-amz-request-id: 2C4QRSN2T3HV3E55
ETag: "883334535bb63d443032135b065e0884"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 4585
x-amz-id-2: pHm0pXBLDZuY0ashGntJNNZomG1YiqccAhlhZxASM4hBbr6bQGXyfMoWXwpSEPZn3gQgnZmWRek=

GET
H/1.1 200
OK f0fb0b8bc2a38afca24fa01fd5f74635.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
12 KB 475ms
126ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/f0fb0b8bc2a38afca24fa01fd5f74635.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 87ec184cd9b3cfb5ccbf631c766fc0d6b01d8811184a5f6f49f2ec528429dad4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Sat, 14 Nov 2020 22:58:57 GMT
Server: AmazonS3
x-amz-request-id: 2C4W02TA0CDSS1NY
ETag: "c8fac8558e3e9e13ca76375e6b1e95fa"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 11566
x-amz-id-2: xOvwb4l8X7GbXLQsfv2PLshno5JqPZ8jyAIh2p6rp5mAkrvMiOTu1mTEckjCjaRYUYxelb+UFAY=

GET
H/1.1 200
OK bc83c5669a23ea41ef5f755bfbd50ebd.png
s3.amazonaws.com/cdn.baseball-new.com/ 12 KB
13 KB 504ms
155ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/bc83c5669a23ea41ef5f755bfbd50ebd.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 19737707017ce7f188707e1e6fbae40088945cb235a8c37971b507b97d771a4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:20 GMT
Server: AmazonS3
x-amz-request-id: 2C4J78Z5S954BSGZ
ETag: "97c26d2ba9057f036660b0f2c8b181ab"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 12564
x-amz-id-2: L7GHRxZrUoA50JoKFDlFQVP7TVxXAKi70YlCkkklK3WNdwMZEWWuqVXKlWuVWcMW1DmA/O4RK9Q=

GET
H/1.1 200
OK 0d180431331e93a791f23a77d4b94122.png
s3.amazonaws.com/cdn.baseball-new.com/ 12 KB
12 KB 452ms
125ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/0d180431331e93a791f23a77d4b94122.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a67612c801d54b2817687d2155b63f849b671d96ffd423cb77b36b0b66fa2192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:14 GMT
Server: AmazonS3
x-amz-request-id: 2C4J9S1WPS8GYQ96
ETag: "1fc02092dc83a776e055b8df83f64b50"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 11790
x-amz-id-2: lV052zcPOkM0pTkzK25DwHRZ99jZipZDYbGPSNdgDYC2GiuXl7ZJIRm7X8RmfJwAyNPaMe+NIQI=

GET
H/1.1 200
OK 3657a463e594aec7d83697355ad2e541.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
11 KB 453ms
127ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/3657a463e594aec7d83697355ad2e541.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 09778ab5d08d1983b0ba1d423603b1b0f2214947ed465534dcc9ac047bf929ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:02 GMT
Server: AmazonS3
x-amz-request-id: 2C4ZAY179KCQDQ6G
ETag: "1375b3cdbbeb3aa10a2abef1543beafd"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 11177
x-amz-id-2: bSfGhgkh5BWIokhB9oFYEurVp6Mmn79TOgS8GG7xYP8etvsOcGwdegJ5uFzeBNyoJtumCQG4vZs=

GET
H/1.1 200
OK d8b8a0a312b685f33e63d453b0d2db83.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
11 KB 331ms
119ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/d8b8a0a312b685f33e63d453b0d2db83.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bac0705d11ffc896d765dc3507e2ad3abb961795b05bb857039ca92f649a0745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:09 GMT
Server: AmazonS3
x-amz-request-id: 2C4RVH810TVEZW6A
ETag: "d00fe6039c67811cd9e76529a3d298df"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10968
x-amz-id-2: NPO0MysfNf7by2Hr3vNXxizFDDiYXZULV4OcZ2rGV2YvNEqq39EDIIfDrB6xzu7gbMxDz/hUbm4=

GET
H/1.1 200
OK 9888ecc384811ab5781b0310ae9401a9.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
11 KB 118ms
118ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/9888ecc384811ab5781b0310ae9401a9.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 36c2343f3359688c9948184e631420db683b3d1a105206fcf76f1354c106425e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Sat, 14 Nov 2020 22:58:50 GMT
Server: AmazonS3
x-amz-request-id: 2C4TGHBS6WER29BS
ETag: "25b21a978a769c711a8cc5c6fe2b22a9"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10966
x-amz-id-2: WxPBcPkAjJrGZ5SQ6PWUIq44ipkqpNewwbNDH/gkwiTYzbOrogF1ETRXe9bebQqXFQVq3mRFtLM=

GET
H/1.1 200
OK c7c5d314bd780195ca2739e007b04e63.png
s3.amazonaws.com/cdn.baseball-new.com/ 10 KB
10 KB 116ms
116ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/c7c5d314bd780195ca2739e007b04e63.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 47f719c1691461a5d778135c0512d51c87f8eea39be7ddad829830925902674b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Tue, 15 Dec 2020 13:21:55 GMT
Server: AmazonS3
x-amz-request-id: 2C4GXDTEXR3YRTMG
ETag: "344653c6dda80cd480444be1aef2a807"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10027
x-amz-id-2: wC4/CE3ngOBUXotd2H2KRbjyrOTRVZuyilVZ/Ex5a3cY9pUvayB/Q4K02YaLMFgiwJkIntLSobI=

GET
H/1.1 200
OK 8f6f2a20b0b9cd88bcff3b93bdd9c615.png
s3.amazonaws.com/cdn.baseball-new.com/ 8 KB
8 KB 117ms
117ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/8f6f2a20b0b9cd88bcff3b93bdd9c615.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bdbbb447bf69f791cb6717a186852f2b9661ca900a74d8235d37ef9ed65ac0dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:04 GMT
Server: AmazonS3
x-amz-request-id: 2C4XEEVYMA8KVS4W
ETag: "f372c04545a398bbcfd0256f8e49d1ac"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 7971
x-amz-id-2: aeeIDG5Pdy/t2sJ9RuIPmCouZshALzCUhpR4Rohms9cJNmRz+Z2VaTI3Tws1HeoeBVo916OlQEs=

GET
H/1.1 200
OK fa5ccb26f0dc095843644942bde4b7cd.png
s3.amazonaws.com/cdn.baseball-new.com/ 10 KB
10 KB 118ms
118ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/fa5ccb26f0dc095843644942bde4b7cd.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3aa5cdd18374b285ddc76c94ee1735df8b3e518cb7202fa7feec77a3b13437a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:20 GMT
Server: AmazonS3
x-amz-request-id: 2C4J79KQHHCF1PVM
ETag: "687caec8c60c4146282dc57feb116506"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 9897
x-amz-id-2: R5ULo4y+nl7wN48FX+LtZIb1f4UC0hQo8hykMEMw08cELOrtpNnTUjAcXdPLnEagZ/at8WDZkgo=

GET
H/1.1 200
OK 0ac73fe9baac5a44d5760cf8eca6394f.png
s3.amazonaws.com/cdn.baseball-new.com/ 10 KB
11 KB 115ms
115ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/0ac73fe9baac5a44d5760cf8eca6394f.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cd257ced5860b54b3c71dd2e1c9704a552f0c2be8e63ef42cdf47e05293da1bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Sat, 14 Nov 2020 22:57:44 GMT
Server: AmazonS3
x-amz-request-id: 2C4WAPQ3MPT4E2AB
ETag: "757f209841921bd84efe00e6415c5118"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10369
x-amz-id-2: vijM2BGG3eCi8196JfaZsEqUlsalG7WISVHaAxcWuuY2+3aiyfq5csAjnUzs0qzq6yL9wR9hAuI=

GET
H/1.1 200
OK 4a9533cbf5e05f2abc7515331906d891.png
s3.amazonaws.com/cdn.baseball-new.com/ 8 KB
8 KB 121ms
120ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/4a9533cbf5e05f2abc7515331906d891.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 52084175f1ddbd7e4168245880f4dd0c69cedbcac6096306ecae4e56181ad545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:12 GMT
Server: AmazonS3
x-amz-request-id: 2C4TT1CP3VPMN9WA
ETag: "aad87560e4512c4693466db607703d76"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 8155
x-amz-id-2: EkHmAIzWZIGUeecDj+g3vNrYv0yDzCsl8DPWx42ina8ylUqxnSC8zoHFzqotYEfZMnNRVIwe0Ow=

GET
H/1.1 200
OK 45017492450cd1f4a0003643f186f5a3.png
s3.amazonaws.com/cdn.baseball-new.com/ 6 KB
7 KB 118ms
118ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/45017492450cd1f4a0003643f186f5a3.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b59274b06fc793177aedbfa4b52d6d2571528266198414ae2b1795d7d87bff48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:30 GMT
Server: AmazonS3
x-amz-request-id: 2C4J6YSP1QHGPEMF
ETag: "d5e4057bad41787bb08c8c943e446a95"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 6654
x-amz-id-2: OVRhfkoJs+wphIExVJc0Hg13pCC6Ipy+IIX4gvB2CUmcJQBwJKdiNzQl4PlEjiKdPxesGhGO2sg=

GET
H/1.1 200
OK 0ac7c75550df48fba0d82e80f05a0e63.png
s3.amazonaws.com/cdn.baseball-new.com/ 7 KB
8 KB 115ms
114ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/0ac7c75550df48fba0d82e80f05a0e63.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 14fa937604e0fd3f7f1f8fa5daa5ab7e25052e1b1b826688b0109fac4251bf6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:47 GMT
Server: AmazonS3
x-amz-request-id: 2C4GK4P1A7J7E6JD
ETag: "e5144af4c4398b7856b08750c111a29f"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 7432
x-amz-id-2: R1mpAxJ0N0pRMEzFjlYVjAtltZq4rJv+edoX5yrTuO5hPyaT683pRWADI/bSjUlBmgoiUjuqvR8=

GET
H/1.1 200
OK b91a8061b0b3557371fed15068f48586.png
s3.amazonaws.com/cdn.baseball-new.com/ 8 KB
8 KB 121ms
121ms Image
image/png 52.216.18.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/b91a8061b0b3557371fed15068f48586.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee735ad9351455e1417cd144ed24de18f6311c98a1284b55cd59fd0d25489d22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
Last-Modified: Fri, 28 Oct 2022 15:31:56 GMT
Server: AmazonS3
x-amz-request-id: 2C4VCZ63NY160YJ9
ETag: "780b528b59b0bc2a422527bb6507da39"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 7952
x-amz-id-2: VIHXsv4XsaxECEL2wxu0mN7wY5/2Ekr+nG+3ZLZFLCQudobreKofeYdIcvm/C3X9zO6JXHOWF/Q=

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 458ms
218ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15283"
vary: Accept-Encoding
x-hw: 1671264456.dop126.fr8.t,1671264456.cds160.fr8.hn,1671264456.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/ 58 KB
16 KB 48ms
47ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/bootstrap.min.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7e9276746ee6d70a75d8362ddd8e20aa1ce8a008c8e39c66a9e05b758f636d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Dec 2022 08:07:36 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 4927667
x-jsd-version: 5.1.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16337
x-served-by: cache-fra-eddf8230063-FRA, cache-hhn-etou8220067-HHN
x-jsd-version-type: version
etag: W/"e753-WcAbHa+/9xO8ID8ILaCWP92iBPQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ 50 KB
16 KB 163ms
33ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/moment.min.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 388768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15476
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-c909"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEGswXICO9do5JjSEnYrcuXyVDB3fzWd1kSeLrg1PdTgd6WAHwsBXhDEpFGUQkXmDkVjS4ZpNr%2FeoRKXE8Hyexs%2FKviQ1XdnDjDM4h4Lq0BXpXJSGSYeYqqETxHMICKkK0TsJ5POSQyb9EgxkWlQGEGG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77ae2a879cc0bb3d-FRA
expires: Thu, 07 Dec 2023 08:07:36 GMT

GET
H2 200 knockout-min.js Show response
cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/ 59 KB
20 KB 166ms
36ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/knockout-min.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2723020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19879
last-modified: Mon, 04 May 2020 16:11:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ecf-ebc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2c3AOBGpvaa2%2BHUBVoqUEpl49goeHTv8sfXsSaHwFAT2TdqrmhdPuhXnZPUX9OKiIGkjWHSQp2fJaC0%2B%2Fw2qDaWp6c3B2X7dkHRhsJ5Tu3H19en8p7HC40VdrK9FlKj2sBql6OLkr5C50vbh1CZdjrV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77ae2a879cc4bb3d-FRA
expires: Thu, 07 Dec 2023 08:07:36 GMT

GET
H2 200 knockout-switch-case.min.js Show response
cdn-conectate.kiskoo.com/web/js/ 3 KB
2 KB 159ms
30ms Script
application/javascript 2606:4700:3031::ac43:b7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-conectate.kiskoo.com/web/js/knockout-switch-case.min.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74df90f5f0e27dd5df2470215692754169878aa5443c25a3515e1768e3db03b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EVR35W6TSMSNQP1G
age: 2277
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: p8dGa9ncmCnZUM0gIBTpSpCclc9AJmXdb+gOhyyNK79iEsr727h8KKhXa12LaWl/wT+huDAmOTE=
last-modified: Sat, 13 Oct 2018 08:10:55 GMT
server: cloudflare
etag: W/"c6682e07d18a5a4b0209d9351134154e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljsLKx%2F97brI9XWtRibWd7ZpQgs%2FY2TWnu0ZMB2HNOvuwSEfXyy7QXdKtiSkf4%2FzcC3WBkg1YCOX0s2O0rx3G2QsfrRG83J1NcuBk2bHOwS2uc6jfq3%2FZD4Uke119lsmoGbTFyCZWnX2NO6A6NNCkfE6XsiqTjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77ae2a879edcbbf8-FRA

GET
H2 200 game-socket.js Show response
cdn-conectate.kiskoo.com/modules/sport/frontend/assets/js/ 1 KB
907 B 160ms
31ms Script
application/javascript 2606:4700:3031::ac43:b7f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-conectate.kiskoo.com/modules/sport/frontend/assets/js/game-socket.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 008be15ff7db879ddccb3bf415d1143924af4eca6d1dd5250726ac423624f9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2A087CE5J1VNZMSE
age: 438
x-amz-storage-class: REDUCED_REDUNDANCY
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XTI2ZCKJkVJ0VqxSiASnb5V3yFoT/B83AuTQBqBqkSiVGD+D1APgCTa2n0drBNCRBV881zxz1eA=
last-modified: Wed, 24 Aug 2022 17:10:05 GMT
server: cloudflare
etag: W/"0b6216bc1faa63361b5940d7cea9db21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoaTIGzQBqQPCuqHK500fKWqbufMr1e39iJpRLTVotgKJxT48okLVvcVxj%2BruaEumVE%2B2CRK6vpxUvLRVddFsgd5Ykqw%2BD2kQ2nDq97yJduS6eJdggC6SA8PGUr5TLE5zfZiKpKrtkpXMZklPsFUECmhnlVAdFk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77ae2a879edebbf8-FRA

GET
H2 200 responsiveslides.min.js Show response
pelotainvernal.com/vendor/slider/ 3 KB
2 KB 115ms
112ms Script
application/javascript 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/vendor/slider/responsiveslides.min.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2017 10:38:14 GMT
server: nginx
etag: W/"59dca316-d44"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 smart-app-banner.js Show response
pelotainvernal.com/js/smartapp/ 17 KB
7 KB 116ms
113ms Script
application/javascript 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/js/smartapp/smart-app-banner.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1e894e7cf7187c224f386656a508446013f4cd6edea742f5241ce57258db06c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 12:50:23 GMT
server: nginx
etag: W/"5bc8818f-444b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 252ms
62ms Script
application/javascript 2a00:1450:400d:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-19230497-1

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

964d62b1d7dfaffc9cc325d0c996b7e19c00aa3915e58a7ffe5a2e41a7aefc8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43582
x-xss-protection: 0
last-modified: Sat, 17 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Dec 2022 08:07:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 9BAA 10 KB
5 KB 127ms
35ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 02:49:30 GMT
etag: 10353107486223812946
expires: Sat, 31 Dec 2022 02:49:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 199 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 162ms
37ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pelotainvernal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:33:00 GMT
x-content-type-options: nosniff
age: 218076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:33:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
117 KB 103ms
102ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67b55fa1ac1eb182c16573559fb708578b5ff0677b376090584be98f40f7cb5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119959
x-xss-protection: 0
server: cafe
etag: 619685096949698281
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 08:07:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 162ms
45ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pelotainvernal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:33:08 GMT
x-content-type-options: nosniff
age: 218068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:33:08 GMT

GET
H2 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 63ms
36ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 12 Dec 2023 16:16:52 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 127 B
719 B 188ms
68ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pelotainvernal.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c54527742912dc24ffdbc35d926d8d76f016b8258e9ebb94dfb50a729d6901df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84
x-xss-protection: 0
expires: Sat, 17 Dec 2022 08:07:37 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
701 B 251ms
55ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pelotainvernal.com&callback=_gfp_s_&client=ca-pub-3139134883708761&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89c93cbf2f461176e5f7c51294ecc9e70570187c31f766d9a42804b5895c4b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 230ms
57ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 167ms
57ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E891 102 KB
33 KB 793ms
717ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671264457&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671264456766&bpp=2&bdt=290&idt=352&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=190859897557&frm=20&pv=2&ga_vid=624986645.1671264457&ga_sid=1671264457&ga_hid=1874097792&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794%2C44780792&oid=2&pvsid=3050005988402424&tmod=354007817&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=myFaWs2LCI&p=https%3A//pelotainvernal.com&dtd=368

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4618254f188a729ee1f2634282a44f2555cc478dc76936d04e1add77091c13d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33472
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:37 GMT
expires: Sat, 17 Dec 2022 08:07:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6CCE 99 KB
32 KB 342ms
302ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671264457&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671264456769&bpp=2&bdt=293&idt=390&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=190859897557&frm=20&pv=1&ga_vid=624986645.1671264457&ga_sid=1671264457&ga_hid=1874097792&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794%2C44780792&oid=2&pvsid=3050005988402424&tmod=354007817&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OoqH954pte&p=https%3A//pelotainvernal.com&dtd=400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6761422a7411c94e55f44cb30ae52f1e1b404c217c274631abc6a1dac608af40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33108
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:37 GMT
expires: Sat, 17 Dec 2022 08:07:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 347 KB
92 KB 134ms
37ms Script
application/javascript 13.32.145.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-29.cdg50.r.cloudfront.net

Software

nginx/1.20.0 / PHP/8.0.14

Resource Hash

f46bd08554535b5a3d16c9dceb14b39dfff05bab3a7137ad3904b96433cf9b19

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:47:31 GMT
content-encoding: br
via: 1.1 f1c346ef88f452565cb5e3b14fa76bb6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Dec 2022 07:47:31 UTC
server: nginx/1.20.0
x-amz-cf-pop: CDG50-C2
age: 1206
x-powered-by: PHP/8.0.14
etag: W/"03b18e1be01ef6e29d070005752454c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ibGAb-udwyXiTEq63k_GComPfBVN3jUnixv8tpBL65mVRFYOfz_2aA==
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 107ms
106ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27542
x-xss-protection: 0
server: sffe
etag: "1423 / 733 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 17 Dec 2022 08:07:37 GMT

GET
H2 200 prebid7.25.0.pelotainvernal.js Show response
flower-ads.com/tag/pelotainvernal/ 316 KB
97 KB 221ms
221ms Script
application/x-javascript 2606:4700:20::681a:79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3521616fbd1415fd86988bfc9773f6044497f54354e0b924f7db878f91c1af83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=324455
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 18:22:14 GMT
server: cloudflare
etag: W/"4f367-6373d8d6-0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wynWTaPErIhPweS8iyhEqfRGsqzy1x%2FkKza0SwEKdzXVtdVI996QWKFjDbSQdbj72rAcCieKlaBGe5HfUrX1zt%2FTv9PiG1CrLHrIxm0BDXPgXBTd4cBBDuqPPNFt4yK9IzwAz6cAS2EXFJHI"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=300
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 77ae2a8b7f029b67-FRA
expires: Sat, 17 Dec 2022 08:12:02 GMT

GET
H2 200 2717-2424-01.js Show response
t.seedtag.com/t/ 41 KB
13 KB 115ms
50ms Script
application/javascript 104.18.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/t/2717-2424-01.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.132.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f272fccfb3459a79bd48d562cd33cf5086280c5039268ab4d22e2f59b0981de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"a2e3-pDVF3zGkS6jY8wETUfSPira+w6s"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
cf-ray: 77ae2a8c28a59261-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 17 Dec 2022 08:27:37 GMT

GET
H/1.1 200
OK pelotainvernal_21072.js Show response
ads.vidoomy.com/ 5 KB
5 KB 432ms
132ms Script
application/javascript 3.19.54.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/pelotainvernal_21072.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: ea1b70e59d71bb9824849949981e1ca343ebfd3f5cad1eabdeb8a5bbfd7a453f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:37 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 4999

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
68ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpelotainvernal.com%2F&tn=NAV&id=w0&cls=navbar%20navbar-dark%20fixed-top%20bg-dark&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BCF 192 KB
59 KB 958ms
957ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&adk=1812271804&adf=3025194257&lmt=1671264457&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fpelotainvernal.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671264457576&bpp=3&bdt=1100&idt=3&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100%2C728x90&nras=1&correlator=190859897557&frm=20&pv=1&ga_vid=624986645.1671264457&ga_sid=1671264457&ga_hid=1874097792&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794%2C44780792&oid=2&pvsid=3050005988402424&tmod=354007817&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8343c228a756770850a52f0f7ed91e53e611471c7f2ed208799a24491694902e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 60534
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:38 GMT
expires: Sat, 17 Dec 2022 08:07:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 6CCE 4 KB
621 B 136ms
61ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671264457&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671264456769&bpp=2&bdt=293&idt=390&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=190859897557&frm=20&pv=1&ga_vid=624986645.1671264457&ga_sid=1671264457&ga_hid=1874097792&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794%2C44780792&oid=2&pvsid=3050005988402424&tmod=354007817&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OoqH954pte&p=https%3A//pelotainvernal.com&dtd=400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Dec 2022 08:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Dec 2022 07:38:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Dec 2022 08:07:37 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6CCE 2 KB
846 B 213ms
47ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:18:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 6CCE 23 KB
10 KB 202ms
36ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6CCE 3 KB
1 KB 146ms
46ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6CCE 18 KB
7 KB 207ms
41ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:19:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CCE 153 KB
47 KB 165ms
92ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 08:07:37 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 6CCE 34 KB
14 KB 138ms
35ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 22:26:46 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 553 B
313 B 86ms
86ms XHR
text/plain 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3050005988402424&correlator=4000423534525355&eid=44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=40135427%2Cpelotainvernal_Video_Intext&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=1276542802&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1671264457630&lmt=1671264457&dlt=1671264456476&idt=1138&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=1600x1200&msz=1x-1&fws=0&ohw=0&ga_vid=624986645.1671264457&ga_sid=1671264457&ga_hid=1874097792&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e791e480dde83b8f74afa00a76d796ad8f123c3708e9efa8268bb039e30236d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 282
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E207 6 KB
3 KB 279ms
67ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:37 GMT
expires: Sun, 17 Dec 2023 08:07:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6CCE 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 6CCE
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

113ms
35ms

Image
image/png

2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Protocol

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:55:06 GMT
x-content-type-options: nosniff
age: 119551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Dec 2023 22:55:06 GMT

Redirect headers

date: Fri, 16 Dec 2022 13:09:55 GMT
x-content-type-options: nosniff
server: cafe
age: 68262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 15 Jan 2023 13:09:55 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 139ms
34ms Image
image/x-icon 142.251.208.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Dec 2022 13:58:17 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 189ms
34ms Image
image/svg+xml 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Mon, 16 Jan 2023 08:07:37 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6CCE 0
0 78ms
78ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cp4jwyXidY4j7D5SMywWVsrKIBNr2yZdov8ivrL8OzMeapv0IEAEgrZD0HmCVgoCAoAegAbC6odcDyAEJqQLOG7AQ3cKxPqgDAcgDywSqBM0BT9DaizHwx8p1wCnPTLIAh9u3OdV_JvAc7Hp4G0NJKj9BlIizkkd0L-IpmOffi4yIPJbihmn4WRSEdvl0y9YR47ZPIhznlqqhoMV5O-pCt4FUIohizXKzxOZatHrrsSlsDoEBF9mdT9t4nruaJGaCyNZ3ZQk3Gim3f8minpyQ9VYwmsJ27LkCoajKRXQL67zuqPviZ3l3jV4RKle1JgrYjTPv6poVFGhsa8tdpEdbBpTF0nM3HxB7jD8-YlVAj6WVFDsqLQF-n7PuRfGUysAEyZipquADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQrL0F0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItMzEzOTEzNDg4MzcwODc2MRgA&sigh=wG0J01OOIZM&uach_m=[UACH]&cid=CAQSGwDq26N9bAa52yDcI9_HF9g_IvuHqSMqswux4RgBIBM&template_id=494&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671264457&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671264456769&bpp=2&bdt=293&idt=390&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=190859897557&frm=20&pv=1&ga_vid=624986645.1671264457&ga_sid=1671264457&ga_hid=1874097792&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794%2C44780792&oid=2&pvsid=3050005988402424&tmod=354007817&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OoqH954pte&p=https%3A//pelotainvernal.com&dtd=400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Dec 2022 08:07:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Dec 2022 08:07:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 132ms
37ms Script
text/javascript 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-19230497-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Dec 2022 06:27:24 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6013
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 17 Dec 2022 08:27:24 GMT

GET
H3 200 st_3.a87c55e82f4e38c7c339.js Show response
t.seedtag.com/c/ 66 KB
21 KB 122ms
96ms Script
application/javascript 104.18.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_3.a87c55e82f4e38c7c339.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/2717-2424-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.132.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568264bc1c4cc59e47bc677e8f8133ea8b5c684ddb911913a5ffe2a91161faac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 51967
x-guploader-uploadid: ADPycduNZf12vdd9F1FjIAIX8HmH_D5CCWuwqdhGiqIT5_6rneBzjDv0ZGy3n-eSwMz_P7_akRujTyAPLBX9GXAHLrOMbQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Dec 2022 17:41:24 GMT
server: cloudflare
etag: W/"5b791030ad87e0d00e8d05462eb077f5"
vary: Accept-Encoding
x-goog-hash: crc32c=f3Cb9w==, md5=W3kQMK2H4NAOjQVGLrB39Q==
x-goog-generation: 1671126084511604
content-type: application/javascript
cache-control: public, max-age=5356800
x-goog-stored-content-length: 19733
cf-ray: 77ae2a8d6e878fdc-FRA
expires: Fri, 17 Feb 2023 08:07:37 GMT

GET
H3 200 st_2.9100ea3f41d5301dbd48.js Show response
t.seedtag.com/c/ 373 KB
100 KB 143ms
119ms Script
application/javascript 104.18.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_2.9100ea3f41d5301dbd48.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/2717-2424-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.132.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7382d2ae003d2c93657df0912f924975ba279a3f78743aa90ae0ef63502eb19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 51967
x-guploader-uploadid: ADPycdulLPDCTjuc1eY4tFTbUpXDNnBrLmxJkipUDPiU2fozc7C5fIgXFgPlincvin4PzWT4jhn0DouF6i2Rbx44QmXE4w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Dec 2022 17:41:24 GMT
server: cloudflare
etag: W/"52d53d7b494dbf7305f3f5e9e9171d69"
vary: Accept-Encoding
x-goog-hash: crc32c=c1u8/w==, md5=UtU9e0lNv3MF8/Xp6RcdaQ==
x-goog-generation: 1671126084634646
content-type: application/javascript
cache-control: public, max-age=5356800
x-goog-stored-content-length: 103323
cf-ray: 77ae2a8d6e868fdc-FRA
expires: Fri, 17 Feb 2023 08:07:37 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 311ms
39ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 17 Dec 2022 08:07:37 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 330604
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=gSTu2HxZQ3FaRG5lRDlvZjZhaGNIb0Rnc2JJOHRCN2ZkQnEvN1dhS1R6RXppRkZUQWF6SlZyK2xqZXg3UXZtWWlibU9mVjNmb1dFUnpjajVWekczZXNoUHhzTk93U3A1Uml0WW1EdXJ5aHFOOHY3a29iV1ZXM1RsK3RIQ1...

367 B
654 B

94ms
33ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gSTu2HxZQ3FaRG5lRDlvZjZhaGNIb0Rnc2JJOHRCN2ZkQnEvN1dhS1R6RXppRkZUQWF6SlZyK2xqZXg3UXZtWWlibU9mVjNmb1dFUnpjajVWekczZXNoUHhzTk93U3A1Uml0WW1EdXJ5aHFOOHY3a29iV1ZXM1RsK3RIQ1cwUE1JNkZSOGlFZGpMR0JjSWZEa2daVERDWkdmUlpmNi9yTS9jNkNIN1lSSmpDeUR2aFVYcll1d0JTbGdqUXh4YUpzR0YxMDRwTnBhWm5jdnlFSE84Sjh0dzJraHpJbExXVHM1Wk1lTXBwS2kzNWU5aEpxbkgvSGtMU2E4V2JZMDVkanM3d214fA&cppv=2

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e7762b2fbdbaa7526bcbf86a221f88ba9e091f9af2a7ff7ac32ac7c91776ac95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1553854
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=gSTu2HxZQ3FaRG5lRDlvZjZhaGNIb0Rnc2JJOHRCN2ZkQnEvN1dhS1R6RXppRkZUQWF6SlZyK2xqZXg3UXZtWWlibU9mVjNmb1dFUnpjajVWekczZXNoUHhzTk93U3A1Uml0WW1EdXJ5aHFOOHY3a29iV1ZXM1RsK3RIQ1cwUE1JNkZSOGlFZGpMR0JjSWZEa2daVERDWkdmUlpmNi9yTS9jNkNIN1lSSmpDeUR2aFVYcll1d0JTbGdqUXh4YUpzR0YxMDRwTnBhWm5jdnlFSE84Sjh0dzJraHpJbExXVHM1Wk1lTXBwS2kzNWU5aEpxbkgvSGtMU2E4V2JZMDVkanM3d214fA&cppv=2
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 510436
content-length: 0
expires: 0

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1021 B 91ms
31ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:37 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2043386
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JVESCM2URyMF7h7SUBBbzlIu7ZIr%2FQAdldflGonPuZFmVSGkHdznnpRKbCNTvQDhC%2F3Y6lphswtTSL8XL5RCy%2FVtK5tdCMvfmqAqCZ5DNKQa3S9o576cD2MF8XtX7gVQNobv%2FA4kWpZBEsN"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 77ae2a8d9f466964-FRA

GET
DATA 200
OK truncated
/ Frame 6CCE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b4fa1fbd4126989cd1faf5d75f69203706ef1a02c920813cc8838970e133f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
410 B 529ms
169ms XHR
application/json 209.191.163.152
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.25.0
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.152 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: a839e7cc1bd5c7d118823ef1fcb4fc397c581b3ff442e46124ffa22412284e66

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
pod: X-Sovrn-Pod: ad_ap1sfo1
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
366 B 97ms
24ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
951 B 110ms
28ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

239e835ed72c6b871d73b000d86c3b5d08bbc547df9e84cee8938756b225eeb9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:37 GMT
AN-X-Request-Uuid: 98e2049f-614c-432c-8ae1-bf8fb96bda80
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
606 B 114ms
34ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU15JWV5
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 22601341dcd3ae1b5159bc4d1b7a0b6309ffa1285a427d3ccc220fc06c37a691

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:37 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sat, 17 Dec 2022 08:07:37 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
451 B 114ms
47ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9aea573b4ea60e87c8d6b19c88dc1d00bcf6f1a1b63a44bdcf5e591e2be1617

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:37 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 77ae2a8e28de9b49-FRA
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
574 B 106ms
41ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=910000
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b88c189e013b355da90b0d7074d85ceea9cf7b20c23ff066c80ef0e35716337

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81OS%2FRMg2sPvviThc06cVqstfUMLwfUIOHmpts8xNYwU4UxBIjsFW%2Fy%2FB6muh8B9Y7MA9BvZNEu5ASxR4pbyoQO16%2FIyokCkcFN%2FGNG0VUelIzwd4ubfgNKZBRNv3FDEIRE%2F13%2BZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77ae2a8e286c9225-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 8 KB
5 KB 427ms
258ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24930&site_id=447118&zone_id=2620778&size_id=10&rp_schain=1.0,1!flower-ads.com,fw0108,1,,,&eid_pubcid.org=4a9fc5b5-fc3a-4ee6-99ef-32171eba3704%5E1&rf=https%3A%2F%2Fpelotainvernal.com%2F&kw=pelotainvernal%2Cposicionespelotainvernal%2Ccalendariopelotainvernal&tg_i.page=https%3A%2F%2Fpelotainvernal.com%2F&tg_i.domain=pelotainvernal.com&tg_i.pbadslot=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&tk_flint=pbjs_lite_v7.25.0&x_source.tid=8b6a0c98-eb6d-4f72-b51b-c72c6a33c924&l_pb_bid_id=18c0d058516146c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&slots=1&rand=0.690077593404562
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 66c1d4fcfbf0da9349992e22675f034041aae91ad2cd6505c86564c281986c32

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 373 B
936 B 378ms
209ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24930&site_id=447118&zone_id=2620778&size_id=2&rp_schain=1.0,1!flower-ads.com,fw0108,1,,,&eid_pubcid.org=4a9fc5b5-fc3a-4ee6-99ef-32171eba3704%5E1&rf=https%3A%2F%2Fpelotainvernal.com%2F&kw=pelotainvernal%2Cposicionespelotainvernal%2Ccalendariopelotainvernal&tg_i.page=https%3A%2F%2Fpelotainvernal.com%2F&tg_i.domain=pelotainvernal.com&tg_i.pbadslot=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&tk_flint=pbjs_lite_v7.25.0&x_source.tid=58e64d44-51ca-42df-bb6c-15a85443a69d&l_pb_bid_id=1996e8e42057c15&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&slots=1&rand=0.9843556912268552
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7cb2efcc5d453f6ac99a8ccec267e3780da3fef194100af8be268cae0d62a3ff

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 373
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6CCE 16 KB
16 KB 116ms
37ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:34:12 GMT
x-content-type-options: nosniff
age: 218005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:34:12 GMT

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 19 KB
5 KB 160ms
76ms XHR
application/json 13.32.110.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7293&url=%2F&charset=UTF-8&ch=8&ref=pelotainvernal.com&viewerId=null&referer=&_firid=28311503
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-61.vie50.r.cloudfront.net
Software: nginx/1.20.0 / PHP/8.0.14
Resource Hash: 55fdec27e59d14197a4141899c3edaf2880a7d21ba309b1c23451801a55fda62

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
via: 1.1 412b915bb2572a86aaa8bdf21eb381fc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-powered-by: PHP/8.0.14
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: nginx/1.20.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: kGysXCUYKy5ygVgWBjCRMNzVo25vTl4Tks6FiQmMBVB9_O4Wb_-YtA==
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 126ms
55ms XHR
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1874097792&t=pageview&_s=1&dl=https%3A%2F%2Fpelotainvernal.com%2F&ul=en-us&de=UTF-8&dt=PelotaInvernal.com%20%7C%20Resultados%2C%20Calendarios%20y%20Posiciones&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1627948170&gjid=2050428470&cid=624986645.1671264457&tid=UA-19230497-1&_gid=176069806.1671264458&_r=1&gtm=2oubu0&z=1642680001

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
24 KB 88ms
39ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:37 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4DTB9JJ2NTDF1YQK
Age: 2151522
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: w6Tib7TuwkFQhbY6jJVUrIfy8/ni00IrCXkH3qwf0IEzBgnLaQiLbE/eGAIn9gQJSi9KNdI0gjg=
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnU%2FgDO1OvhbcgbcVadgSieFpZVGTe5CXHoqvaiEFbe9aWdeG74vo13vkf0R8K9dszEjZkstvXJU7VuO5ERq7QZmKs2PJ1jIyWMzOl1rZB8feyvAWBw1EcDhjRLDOphyHcrHiJKq06PPwSeN"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY: 77ae2a8e3d819b2e-FRA

GET
H3 200 css
fonts.googleapis.com/ Frame E891 4 KB
621 B 61ms
60ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671264457&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671264456766&bpp=2&bdt=290&idt=352&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=190859897557&frm=20&pv=2&ga_vid=624986645.1671264457&ga_sid=1671264457&ga_hid=1874097792&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794%2C44780792&oid=2&pvsid=3050005988402424&tmod=354007817&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=myFaWs2LCI&p=https%3A//pelotainvernal.com&dtd=368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Dec 2022 08:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Dec 2022 07:31:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Dec 2022 08:07:37 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E891 2 KB
765 B 38ms
35ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:18:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E891 0
0 79ms
78ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoqgPyXidY4afEJOAygXc05vIBs2q28Ztqb7swagMs6nFjM4IEAEgrZD0HmCVgoCAoAegAbC6odcDyAEJqQLOG7AQ3cKxPqgDAcgDywSqBNIBT9AWk8WtR3G6BtyzrE06mKjZiLr8-6N2pIQRpfY6GMZGXKwcfXsA3hgQLobDJtwCCgP2O0EpmzX27YqSrk85TAo7uQWk1bVPaGnIx85ydbGeWxW0G6TJE-EZvn7bGjA3UhzF6LHy942E2GYIjaQd-Fxz5BQlEUyY7ToGV9LhT9cT4Ym-h3SLdJijNnccpXgFv3rMNSXO4rewK2oqRzEsBFJ87zH2fLk3t3XjTOlZ69hGzwBb647BSR-ICmKlNnj6qaCcxyBT5gzi7hCj9M2mvvS3wASx4OLKjgOSBQQIBBgBkgUECAUYBKAGLoAHv9m9YKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCamxLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi0zMTM5MTM0ODgzNzA4NzYxGAA&sigh=4skjYQovGJ0&uach_m=[UACH]&cid=CAQSGwDq26N91sExL6zyWL7FxOsKt0kTuR3ZHqJE7xgBIBM&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671264457&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671264456766&bpp=2&bdt=290&idt=352&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=190859897557&frm=20&pv=2&ga_vid=624986645.1671264457&ga_sid=1671264457&ga_hid=1874097792&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794%2C44780792&oid=2&pvsid=3050005988402424&tmod=354007817&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=myFaWs2LCI&p=https%3A//pelotainvernal.com&dtd=368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Dec 2022 08:07:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame E891 23 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E891 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E891 18 KB
7 KB 41ms
39ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:19:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E891 153 KB
47 KB 88ms
86ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 08:07:38 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame E891 34 KB
14 KB 112ms
36ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 22:26:46 GMT

GET
DATA 200
OK truncated
/ Frame E891 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame E891
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

35ms
35ms

Image
image/png

2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Protocol

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:11:03 GMT
x-content-type-options: nosniff
age: 309395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Dec 2023 18:11:03 GMT

Redirect headers

date: Fri, 16 Dec 2022 12:22:04 GMT
x-content-type-options: nosniff
server: cafe
age: 71133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 15 Jan 2023 12:22:04 GMT

GET
H2 200 pv Show response
s.seedtag.com/c/ 987 B
1 KB 133ms
69ms XHR
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/pv?token=2717-2424-01&device=desktop&fullUrl=https%3A%2F%2Fpelotainvernal.com%2F&cache=1671264457991&v=-&ft=true
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.9100ea3f41d5301dbd48.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: af9474e5a7a9093351569e5cb64b9b34596d02e5cd1ede8ead7acf41740f76cf

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
etag: W/"3db-d56IUQUr0/Vgjj1mzqd29BR6edI"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pelotainvernal.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 3482 118 KB
35 KB 125ms
27ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1671264458.cds216.fr8.hn,1671264458.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame C2DE 118 KB
35 KB 138ms
52ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1671264458.cds216.fr8.hn,1671264458.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
540 B 255ms
51ms Image
image/gif 2.18.79.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:38 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1671264458218064-503
Expires: Sat, 17 Dec 2022 08:07:38 GMT

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=523908388.49827271643240414.9467888
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=523908388.49827271643240414.9467888
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=e49456df-4916-4db4-97d2-a925ebc1c45f&gdpr=&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_88e9e579-1fd8-4465-ba69-7c02a4b7c10d&bsw_param=e49456df-4916-4db4-97d2-a925ebc1c45f&expires=10
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e49456df-4916-4db4-97d2-a925ebc1c45f

43 B
357 B

35ms
23ms

Image
image/gif

3.66.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e49456df-4916-4db4-97d2-a925ebc1c45f
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Server: 3.66.71.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-71-88.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e49456df-4916-4db4-97d2-a925ebc1c45f
date: Sat, 17 Dec 2022 08:07:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58610/occ
https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-DJR1u_pE2uHx2u6xlMnHrpSV06eUXV1rLJI6Soc-~A

43 B
356 B

236ms
56ms

Image
image/gif

3.66.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-DJR1u_pE2uHx2u6xlMnHrpSV06eUXV1rLJI6Soc-~A
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Server: 3.66.71.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-71-88.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-DJR1u_pE2uHx2u6xlMnHrpSV06eUXV1rLJI6Soc-~A
date: Sat, 17 Dec 2022 08:07:38 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 102ms
30ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-19230497-1&cid=624986645.1671264457&jid=1627948170&gjid=2050428470&_gid=176069806.1671264458&_u=YAhAAUAAAAAAACAAI~&z=373086234

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 17 Dec 2022 08:07:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame A684 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 18:33:48 GMT

GET
DATA 200
OK truncated
/ Frame E891 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fdf38ed7e2cf81d106ebd9af9c5ac0e7628a619e41c4fb4a489439ba5a2d6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E891 16 KB
16 KB 36ms
36ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:34:12 GMT
x-content-type-options: nosniff
age: 218006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:34:12 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 7DF6 25 KB
10 KB 80ms
21ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.9100ea3f41d5301dbd48.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
etag: "StHfV9prSwQMxjKWocWEFw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 24 Dec 2022 08:07:38 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 0902 36 KB
16 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 18:33:48 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame F36A 4 KB
2 KB 26ms
25ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Sat, 17 Dec 2022 08:07:38 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671264458.cds216.fr8.hn,1671264458.cds226.fr8.c

GET
H2 200 ad Show response
v.lkqd.net/ Frame 3482 2 KB
2 KB 366ms
114ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=76858227&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: f67c3d3aff432b76fefe04b15fd91f197e2ea49a37acad35e14759b4444e1753

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1407

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 3F96 4 KB
2 KB 25ms
25ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Sat, 17 Dec 2022 08:07:38 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671264458.cds216.fr8.hn,1671264458.cds226.fr8.c

GET
H2 200 ad Show response
v.lkqd.net/ Frame C2DE 180 B
357 B 353ms
112ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171094&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=26705628&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 257ms
31ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 17 Dec 2022 08:07:37 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 465202
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

cs
cs.lkqd.net/ Frame F36A
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=aa553c72-09d4-4f65-8a05-221431b1ec1c

43 B
308 B

106ms
106ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=aa553c72-09d4-4f65-8a05-221431b1ec1c
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=aa553c72-09d4-4f65-8a05-221431b1ec1c
date: Sat, 17 Dec 2022 08:07:38 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame F36A 43 B
308 B 344ms
107ms Image
image/gif 146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame F36A 43 B
309 B 343ms
106ms Image
image/gif 146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame F36A
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722

43 B
308 B

230ms
108ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:37 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame F36A
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Zntl_SEeSWJKke9M0LFU0Nly2hY

43 B
308 B

107ms
106ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Zntl_SEeSWJKke9M0LFU0Nly2hY
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Zntl_SEeSWJKke9M0LFU0Nly2hY
Date: Sat, 17 Dec 2022 08:07:38 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2 200 rules-p-PFW5FesqXn206.js Show response
rules.quantcount.com/ Frame 7DF6 1 KB
1 KB 114ms
33ms Script
application/javascript 2600:9000:2304:8a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:46:31 GMT
content-encoding: gzip
via: 1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 1268
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 15:36:52 GMT
server: AmazonS3
etag: W/"a521a7bf6d17b50bc9827eaad4be8ecc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: AJqNHfws7kfGnHpyuZBzkn5LBVcCCkm34gRhlkiFWM9cnzAtqnvu5g==

GET
H2

200

cs
cs.lkqd.net/ Frame 3F96
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=77aa6e58-6c22-482f-9838-7dc41ede2842

43 B
308 B

107ms
107ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=77aa6e58-6c22-482f-9838-7dc41ede2842
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=77aa6e58-6c22-482f-9838-7dc41ede2842
date: Sat, 17 Dec 2022 08:07:38 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 3F96 43 B
308 B 341ms
107ms Image
image/gif 146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 3F96 43 B
308 B 342ms
109ms Image
image/gif 146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 3F96
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665714732453111658

43 B
308 B

231ms
109ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665714732453111658
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665714732453111658
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:37 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 3F96
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Q5PfMHMpSDF2oX8eV6kBiNly2hY

43 B
308 B

108ms
107ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Q5PfMHMpSDF2oX8eV6kBiNly2hY
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Q5PfMHMpSDF2oX8eV6kBiNly2hY
Date: Sat, 17 Dec 2022 08:07:38 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2 200 pixel;r=2088335497;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpelotainvernal.com%2F;ref=https%3A%2F%2Fpelotainvernal.com%2F;uht=2;fpan=1;fpa=P0-2110882463-1671264458279;pbc=4a9fc5b5-fc3...
pixel.quantserve.com/ Frame 7DF6 35 B
372 B 59ms
23ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2088335497;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpelotainvernal.com%2F;ref=https%3A%2F%2Fpelotainvernal.com%2F;uht=2;fpan=1;fpa=P0-2110882463-1671264458279;pbc=4a9fc5b5-fc3a-4ee6-99ef-32171eba3704;ns=1;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;d=pelotainvernal.com;dst=0;et=1671264458397;tzo=0;ogl=;ses=d1a5271f-1229-4566-9c0a-032e8c3e4de8

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 356ms
108ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx

POST t
t.lkqd.net/ Frame 02A8 0
0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 341ms
107ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 24BB 0
167 B 341ms
112ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 0449 230 KB
61 KB 26ms
25ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1671264458.cds216.fr8.hn,1671264458.cds253.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 150 KB
51 KB 82ms
82ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa0a235a0edb76846d6a656d6b81b3308d36d4f3411cb6c73df7b15da0782ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52347
x-xss-protection: 0
server: cafe
etag: 10991984308195028232
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 08:07:38 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 6CA2 4 KB
2 KB 24ms
24ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Sat, 17 Dec 2022 08:07:38 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671264458.cds216.fr8.hn,1671264458.cds226.fr8.c

POST
H2 200 ad Show response
v.lkqd.net/ Frame 0449 38 KB
4 KB 161ms
161ms XHR
application/json 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=76858227&m=&rtv=1&thost=pelotainvernal.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 8eb46fa1663f13361f33d3aebf03d3cdef67349a4ce5e6ea38e3964072bf39f2

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4199

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 322ms
107ms Preflight 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=76858227&m=&rtv=1&thost=pelotainvernal.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

cs
cs.lkqd.net/ Frame 6CA2
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=66c56d3a-8216-4763-8629-bbc0b178522b

43 B
308 B

108ms
107ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=66c56d3a-8216-4763-8629-bbc0b178522b
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=66c56d3a-8216-4763-8629-bbc0b178522b
date: Sat, 17 Dec 2022 08:07:38 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 6CA2 43 B
308 B 108ms
107ms Image
image/gif 146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 6CA2 43 B
308 B 106ms
106ms Image
image/gif 146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 6CA2
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722

43 B
308 B

106ms
106ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:38 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 6CA2
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WjomeRqfQjtRmQiNFeo4pdly2hY

43 B
308 B

106ms
106ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WjomeRqfQjtRmQiNFeo4pdly2hY
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WjomeRqfQjtRmQiNFeo4pdly2hY
Date: Sat, 17 Dec 2022 08:07:38 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 132ms
58ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 131ms
60ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 734A 10 KB
4 KB 36ms
36ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 04:52:16 GMT
etag: 10353107486223812946
expires: Sat, 31 Dec 2022 04:52:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 8670 10 KB
4 KB 36ms
36ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 04:52:16 GMT
etag: 10353107486223812946
expires: Sat, 31 Dec 2022 04:52:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C9EA 624 B
242 B 71ms
71ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQqafRlQIYgdWz2AEwAQ&v=APEucNV7R5GaxBJLG9KLqnor_7AtNj6qyuLsayLf4maoMpuzy-pqs4AQqdTjTsdoCJgXrxNuaTAv0P9lPpI51JRfGvvJ-63NB_yCZ2aEQN6iRMMUeRSXKnozK_bPWUhsUEZ7GRw8o7_n7achbcpQxOibckX77Gdm7TEFB68Su34PHNu3KrNKWSk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 734A 15 KB
11 KB 84ms
83ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dh4xiXgzJEN1CwIFg5gAxQkKS0P69vguDG2BhYywGe5qM0s8eLBissBx1YDvoXbbCbqG4iNeWnVmgkhhPeZfCV5k5f3IcJSaeOoVEFoZRMM1Jr0lBY80PHlf4S53J6xERCIGHVkqHq13wnHH6nU0BtgmlQifrd17jvWRZoK9q6qsfAiDU&cry=1&dbm_d=AKAmf-D_yIHbL6Y4S7dqa1rGm3Ew1tQH0hQ9yDpYNPcJdFm3J_fITs5HwaYnlJtcbPvslTRXvtDgToRSSBxh2SIa7afmp0uVMncSeaGBLikSQZTgPLKCmp7YyrECDU1E3OI5IX8vJm6QNe7listQ8S2GUMdBdfY4T9hwNaIF_L_RVLInk-g9crx2L5jFoC3IYOk2d_o0GlKe6gATmJB9sZV-Lg9P03p9SxKFORDFEcYQcyDDRJRXmfZ5xfaS3FfVbE91wGqtM3WCkU1yyUpwF7J4LxJMbDSMSezuBfcTpbdGqHxSSnq-CXPO_RV4vlUY4Y8yMjeLQa0JbX9ZhPv0vqeNLOBnna_JZRF2ZRCaxGLpX9nWIMbZl4WpCr-s4Ti_70ekqTRt--ZVYcwSzr-jKAABmpIIMIikWfDtzDzrjUsEy4C0B4tYrpqOmhn9zb5seTpeRpncGBPhjIIE7nbRkBcZm29noRHXwzz_GxfahdoY9XOzItPnaHSmgtOjx9aVQqGnzYlO6FC7efUAzgr7iNRsjf4hTE82TGc4awBO-Ai6TAFaAty6vMSrOH2EGe1HfIvukVDoVpiSIDXzMmfc1BnkkISbBrXL0cbnkIMulSr6VQIgcFG83DmAZQ8MddNU3941JkGHG5xgrTJ3-L2I3_NVjAtFPEzjBTDDY-AeoCtxbYlezKErFwSRc9pa6Pk0r8rIhNGa8ea_JeP0b1uYoi-3od9flwUWX-ty9oEg4lghla-slLCWjMbB0qyjXlGQg92HPZWjPYpXXmAP-QGeMhH9ub1TDn2zxvNT7u-fG-M02va2XyVctAt6WQza3l2d6sC5Mv0Aq0Nu5XvQYE_8cIuQwuPE6YSNcFJ-UszLvdxClPFjkTamjrCV_UOv8eCQNh-zjO3kzvLFblYnHJ_HP2_lcG8AWoX0-wVpQLB7AApxy0X4EG3_IXll644NmDsMDVBIDSR4T1ul9kEg-Skhymn8dbb9GvAXujhv7wdnA_H_o0d3twK1GeDWjt8345-9Mcy0pkb08VYF3Y1QXpkAi7EA4so14u8WmT0BK1QMFlIRlYB3gprmR0IfePPoWODZ9Q17fCGRbe9vW91WEQMwaOmn3qeWQpA0JDDTRw6Ja12ARXygLyE_Nw7xsF2c4EQFtuw0p-yVmUSU478VQE8nI6IOH-Xiq_ebGsiAaODMhLLIIw4iRZSn6CkECBeuUpy8LQ98h_aiMB9_RUly_bNh2YTZopf6_gXjsrf74q3N9zNOifPpjU16K_qhA4nmDmyLYM7cIE_P6SM3cTuXfMB7ogGxUlzzrd6bd9qABHqyNDgaH8Y1Pi1ihiOfh0zWp6Q_wle-GGEtnImlTqxMqEm3VghyyE3G46R-A41HaD5Cq7kAjfsF5YwOj5C0WhMFf9sey4BMyoc5DuBY-WA8_2P8WJrRUmUv37e9fuBAI7EHVaB0s10RwQiID6GhI45JLN-GNSM_uvwqiW_izcD47GjP7Hb0yZS-t0Q9uCUbIxPHRtdBm_cWGQDVXNrWqqB-667qKZ9sJFMTKvYLkA5FcIRuz91W8Um4gOGNHaLDhordDVm5GfPaI5aKJOeDlbhU74v6t6AGMJ9KO7bDNDDzfy6Ag2J_cmrTbguU9QQoRCGQfWBdyG-S7eH8M9LEXJi4GWZ1pmkJ1F_DcoW1Sc10wTtpLaf6LCRbmWmJv-0PYCmP9yrg-xbFG3p3AJUDVtyMZu0v2fnhHBx2rRfUp6DRyDCH37Be4eYywKiW9tzCLz8gKSFnsXJqXPy1H_YeZ-xW0DgfUncfBG-ZQM_Vtk_HOeShUecH-Gcpb3u91e-9EDsNv4Xdv5HSY59P8GoVNs9iQyIqCyxUgb9IlZE66OcbGN78-I7FaFLB7lwpfg030CCkpS808Bl5fdshVzj39v7TYOGAjLp9QJ1HrxB7YIO65l9SFHJ0a34DYAXQQb67AzkvKETw8OSgGVjDM0nPLExNZmkOtfhZIlR8_WK3xUnjvOK2CzKBuSzXInayREDK2QYh9jDH_IqQYeD7IB2c9wMv2DzLn_LAo7Wk3q3yHqiqWFFEzNW2c7NMIv93DZGNwhJ28H6WZcfVYASJKplp1N97etN-_km8k6Mqock9aZqzru7xSSWQV2znG6E02uza3OljjtXx3wlHlQeJmr2hLYB4Vgk3Tayw9hHOOHaWbUaQJVvpNItgrXw5rjEj_qmBkMiz-kF3CYmTbHd71AVIWk9Yq2PXoQlvctxd--n4Ae0uJKBUWbqUxwJ0l4I8MVHfElXQUDohtDPyffAj_mfCUs0wW5wq4j3uWm894Z-xgNI9b9ljrgzZrclWuJNAfjf8rtHqMRDVqPSFe4Hq_Mzpjcf5xgP1B4Ur_Jx5SLuGxRb-Qyq1T0OhkenFZ7ls7h7F6Uw8CbRFo0_gnTbgGbDiGgTWfqgO5Hz_7pBZDqJZu06FCeZ6AOqVVo8dp1hzrW8-5-oryXpEee1YeHNtw8whWhJa8CBKCl9bnoaAiYoaEAIxhm6x1ItE2oCph4cMnK76HKzKwnzrjrWV_rBnncUuuDcbh96FQKNQ-vBz1rYoejuh1uHT0HjbiFbXLjcPRGn-7PA4kCbbwvXgAYFEpE6pwxunP3gOBwQvlvQNLp3_CQEkYS-8Lbv7kq0-RjOujhabrfOL7cW_y-CnrRZYqecEkzwtWY2s0czd2ZEm5KmDDGOMli-PrbtNbhQJJpv30g2rpfAWxjQhpB0sOaSjgXUf3Hminu4sMQW1RRsmKvE8mLbXVUxQRuHfEutJYicx7E2jOjKtSwgVBEg98lf0fbUYBmdYMHQECOTImmWeZWc6MqvAWe9CR1oMMvQCzTvDZqguk8FBIAdqqUb2TxzhxZodi61tLO4PVt9fqzs29dMsi-syeNpuaJ9VlrIHfCwXgA&cid=CAQSKQDq26N9cAtjYefID8LU01iXG_PH40I5BrXpWrcRtk17x4EJRSTzr3obGAEgEw&rfl=1%2Chttps%253A%252F%252Fpelotainvernal.com%252F%240

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dabee15e932985f02ada69507a5520a35cf1f0ffe134758d0cfe74ffbad4113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 734A 42 B
63 B 69ms
68ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BkiDb8ZaGQCG1IrgWHK-9iR1KeMIZFMSPa5_P9tvyYWhxrlxn7Yyr3NdkFlns2k4Q9G-H2692nr2lfwUgDpkYeIxFHabA4kRFq8GoIWLiXzI8Ub3Y

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1203349/67009481/xbbe/creative/ Frame 734A 248 KB
76 KB 278ms
56ms Script
application/javascript 54.73.29.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1203349/67009481/xbbe/creative/adj?p=APEucNXUQEF-4rfSacNQQcmCuEwcxl_bBxyZCpKiQXmDnOzyk__G-zc&d=CokBAKAmf-DHiY-SvFL3bDhgUPNY54S-lEy6qT3EhJVBbzbj9izEMfmLUcRp4NdE3G3B2CHpl97cIXcNkJ9EWZBWjQ9jIh4VjqQlGUp6HYyZgarZM23IosD0HlmtBtvoqj2GI6VukF97sgjTwS69oj9J7StRPQGVCvtKfF2TqXt_11L8_IyCNqAPZZ8S6RMAoCZ_4JwdD3tRMKTIPRu4xfXViOZeS1HQVgvrkSiVZiyCBun5Q7HEDYVxXO4F5ym_PDFBuIUi_bDB1PUTFhM0QuPQZp9oFYW3E1jG2-IRJbUN_wnWiQQ7OdL4Vj9Ob_SXfAnPg__hxhxqNJ7fEtKv1QjaGYfYBTbmKxF79oigDkdLsF6CRkICYToolVXsUNyKwVCwyY6PGyVyUAHHATTMXAcrS8AzTqGTi9TrhO-a3ge6adB4msB639rqsDrjNV2DmxmvZnBdTyq1cBoca7qBi7RGHuSeaujtdwGQO_Z3MpdUVsDxDbC6zbfeRi3he7CB740S-zwTvXEsS3Vg-tjfYwWVWJxUwaF4wK4ecuYwyfHCU_Z324OyIkQceRqpMAuIYJ7xklC_ZgpuFptOV1EdB4iSwMsQSGfeGZ3J7sk7WNQTDkpt-2UihKP2C2Hd4zOixxUgMZ8q91cpmxnYIoBLZ_U7opjtKaTIsq1NgNajSqd2ZeKJ-aSaq5EEwAwojb7zNCGnnq76JX4zv4v3FrDp1tqGpjoTHquH01_KMraDRUAv_tBHipZAOpLIWQY-RHKSKGe1-2JE_8-BbHEWPLrc1Ue8AjmNK1lBxD7IdFGF8lanu9Bi3m2NhU-d-iqXyxzPdnHNgceixQOET2EwRe6UtyGRnS7C4dzG8313wMbNWeXcrurWlCo9s2VUJdUv2FrmY-eM_8cG7CXZwh8PSGEclRTFhpozMcuKe08sWnkH0CVz1Ef1KPGfvGZOg4ejF7dekAl2g8UxQoQNKJEBEkQNU8PQfaAV7fVAgDAPT9SMnq23e1-enXDp0psj_PLcZhGLESa0dDb_RJGfelpsXMxNcU5mHsbuFkas8ItoSwmDLIMiAR_I8HNxkzWLDXbrMlvhDb7SDAI6RVt7qaRlOSmA2PJdQTMsZZEfA-UGOmVAU-8H4I4e9HH_-Jz96wBccBqpokzPwm7nqLesjwNQUFKWI5N6jkAkU40ti6ky9Tpv6dDtd7JnBRG5JZTIiaeh76-k-XX0l9aj4YG_fBX79z-5yfPXGXuhA1w-FToGCK17UMG609rStRMhkxgiz_AFeNWEkvtaSQkTrnCQh_hX0h5pQONtDgOpmCNjTGTQeEK3rcZZsf9Q_BKHIgheKWkvKvdiwsvo8-Bqht6mI0bijJ6FI4W7ET4-5vfNBnOFp3syrzsCafh5iEZ95nbK3d-4tXNAeKc89solpPq7RRx8hie-c0bVocdKogd3AAOrrIFw-7K3_9zpDTCeVbHuLSX1_O6S5bD2YIMtHqInfYRm_1f2owLgBgDYGV9pcvheMf_nQIbdCKTsNIeuWQy4Kv84pLrM4YTegTR4-eryp6hPRuI4LpvfK8C3UfQtMFBr8FXjNZMCLfYsYZUqBZB5_1sw06cvsy08GiSYk6Ur7g04tQvS39dZN5v2Tz2BwsvarFo8FbTRa_rMyIkStU0lT6MC9rcvBenEU44q3Owa5SKiON0KrlQ46ViKk161VOG2h_oiwGTWGwWaHOm6QghW0TXZK2nMZwCCkwcN_fJPM6bzNX9SkERuk5GVBTPIj-x4V8jOkQ9UaiM2dhHDN2cGQU4TpNS2PTtPdgvQ0GEk-NnXyx-X771w6jP-UoFE76J0NVgnTMGZ1yXETlS8Dqq9Dibe-71I4D3U4bMNJ7aIgn4IkXT_YwdOM14FiFKqRtXqIo_bWEWVnGdTV5ihZmM5IdVODizfh1LSGhV3djTeHke5xnaLMvz-vpDkwSgdVUvRuq1oYnQZZowaeoX0FiNFhYnpv1ZhC_IwdaQhH4QRwPmLqd4-tPiB8Saf_YYQltCb_r94aPEeworGd2QRaWQ6ld15mdmi0Tgi8vYwmB4JoY9vMejXtC-_Kfuk2g85N9reu-SC_s-4jG9tIQ-258gxRluP3HxRFj3i-XuTONFDJiKFpAxDw9Nf_BhPD96rZdEhSfa06uadBDRuJJRbEI-DK1MZkslXan9b0kGvWdTKT3klBhy3CF6FjUDOIFrZKJu2hy0jusMkTSZ_u45Zn2e3OIbXKHRWiqdGn3Ymc5T3U_raoeyTwusvCQWxWzQ_lNNxuT0aUgw5S_G6-kqFs4DVAuXhl-9-5FLZk5Z1kg7Kmt0ZDllpgFjPPIou_vpiP57pwiJlrqqt5KDDN4xVupxzDVmarlgQ2XwaFeIoNR7Llvka326jTQ4PJG2A300woBtwZTHsUxHBk4xRWI5GhQlW69UIDZzOGpkcajZan6CcZqS1htP6GVQ003oYx1trSrBi1mlXnqMFgHeeksAEwxutiZsFGxF78UtYqVG9CA3RQdxMC8yR80riMnFd8ClSCAdXSnT65DDTuIZ8lPBoILPAEemXRkhjPZTmUjvcG8hYS3t6OGhvuk15MSTHfIC-Vl3f3RnfQzPA8x1t4D7v4W3P-Uw_3DFoCuZ8Hzu2bATlfD9nH2QNb8u8D0ca9OfpZ7ABH1GQlfF-_31Q0xhHDpsCOSeJH_topOhqL3ZNdAyKlFIqVec1jKqzIS5Ky9elxCTFzb8DpbpCW5c2eivlUT4DCcUFPnP-QGGCmb-XZC80PB5XlWHev7tC-agzhqfKW_vpjWElqmGnfSyM0-gaIMxX9QWpWXAELrKAKETwFkA1qfJfTx0LdI-ZlixnfruSED1xjIbo3No1IGiLb28i2edBht1p7MdrZw4EEoEscnNujUk-nt2sE_Mkxve7h5DpwJC2EExhz_46RTyO7TYykWjs9Q5RusATMj7tHBo-T_cljr0pwubM-JBAI9uScfvmENz72nrgrA29gcF8u-U6Z5DJKgjCTbWGpHoaDJAdsPRYGiy0etjMUGaqs_QpK5DyI3kzSvICYH9jR-BPr2ITeDwm_6zwmVD2xg0OGXpGHhsEwWazOX_WczprhZK7gO2svu4ZsWJwL84vi4cqLDHuVsxhm5yJjc26jjWgJgAdzsrd5MA0cD-XxY44XeIQxlMMWDYpkwXh2kV-5BtU1xMfQpqghMEbFjE7ckhoE90dixZdriJLySqQEumHusdRcjLW6gsJgngORuXC19c6ip5tNl6BlbYUsK-dnMRY4yzvZPioxux7lWbsIBmQ3gGLkWcFxsduBgiEBimkiSVC0JQcY90VjKTHDR-W8m14DBvIMJYqnaYVUavrI4x7XwhcowuU0EmHgJ-Ap5_zf6yjv_68HNUWErp5kBR6J5r-X6hUSFlx4Mprj2aLZHcfAUQJaADTB5FRfE_8yWLR_dFx8DdmaH01-5YW8O5jWyPb1EJzgQRuSPpP6W82m6PABFF33an5KCHso8O_R5BGEduJPk8uID3lhCtRasusW7RC7MsPLxQmwWrRICflTOgjxrG1gCN3sQUA0Wv7Tn9GKYChoXu6tBoxCAQSKQDq26N9cAtjYefID8LU01iXG_PH40I5BrXpWrcRtk17x4EJRSTzr3obGAEgE2AB&cry=1&bidurl=https://pelotainvernal.com/&bundleId=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.29.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-29-246.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 99b030c09a284e08ff678c3ecdc15a3651c05b3ede236851a32ea0f755d109b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 734A 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 734A 18 KB
7 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:19:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 734A 0
0 95ms
29ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSL19ufRJT-1lkTAvpbwiqEe-P8Br1_jokxbjKGWl62vP0nU3Cz4nyd4hhNbG162GwOiIrWbrZdSSxRjS86MwNObOyJIQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 734A 153 KB
47 KB 96ms
95ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 08:07:38 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 92DC 20 KB
5 KB 35ms
35ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 14582
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4775
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 04:04:36 GMT
expires: Sun, 17 Dec 2023 04:04:36 GMT
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8670 0
0 79ms
79ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAcZnyXidY4uhJ4WUygXJ5ZLQBPj0t_pt-t6R9ZARttmLvJU4EAEgrZD0HmCVgoCAoAegAbKKwaoByAEJqQJo9hsMQX6oPqgDAcgDSKoE3AFP0HnprGWwBjsIhclaga--RbcgWJeQxX0moWhJ0NWJexyQAIeYAOVzuzy-quvk2Dc4zp_4oYrvokCJjlAs2MuZaQGYvo8UMiyIftDSq5OCvuhzaELfYRKltC_5sgfWn2RY2VGzSBtiEpWapgNux6RznHBABu2DbGD0ZuxCLliwxAQbB24gYP39m3xlYz7p1zzYI8gcVQN5mU0tKnQUAHkO5xUJdYcSGlMjmLCa-vfXIgszW4Nzd99HTI6VOiysizixYb1cUnzWw0A6xBVxHZMEyGD1gM1YJbG6Q9_fwASV3s36mQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDazx7SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMTM5MTM0ODgzNzA4NzYxGAA&sigh=Q7Ap6CIzusw&uach_m=[UACH]&cid=CAQSKQDq26N9cAtjYefID8LU01iXG_PH40I5BrXpWrcRtk17x4EJRSTzr3obGAEgEw&template_id=419

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Dec 2022 08:07:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 8670 23 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:37 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 92DC 6 KB
3 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2568
x-xss-protection: 0
server: cafe
etag: 6734328975651772599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 17 Dec 2022 21:29:21 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 92DC 34 KB
13 KB 42ms
40ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 17 Dec 2022 15:59:13 GMT

GET
H3 200 120fb889c9d3d02c8d3dd0555cf62ab3.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 92DC 104 KB
30 KB 38ms
36ms Script
application/x-javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Dec 2022 04:04:36 GMT
age: 14582
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30375
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Dec 2023 04:04:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E28 143 B
166 B 38ms
37ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 07:43:40 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8670 3 KB
1 KB 39ms
37ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 64E7 1 KB
643 B 38ms
37ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 18 Dec 2022 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8670 18 KB
7 KB 37ms
35ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:19:44 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 56E6 0
166 B 309ms
114ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:38 GMT
server: nginx

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C9EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKqTehErn9XFC71OxeBvfCM&google_cver=1

43 B
766 B

24ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKqTehErn9XFC71OxeBvfCM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQqafRlQIYgdWz2AEwAQ&v=APEucNV7R5GaxBJLG9KLqnor_7AtNj6qyuLsayLf4maoMpuzy-pqs4AQqdTjTsdoCJgXrxNuaTAv0P9lPpI51JRfGvvJ-63NB_yCZ2aEQN6iRMMUeRSXKnozK_bPWUhsUEZ7GRw8o7_n7achbcpQxOibckX77Gdm7TEFB68Su34PHNu3KrNKWSk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKqTehErn9XFC71OxeBvfCM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C9EA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y514y.QJ13jpKNHYD59KMgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKqTehErn9XFC71OxeBvfCM&google_cver=1&google_hm=2

43 B
766 B

25ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKqTehErn9XFC71OxeBvfCM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQqafRlQIYgdWz2AEwAQ&v=APEucNV7R5GaxBJLG9KLqnor_7AtNj6qyuLsayLf4maoMpuzy-pqs4AQqdTjTsdoCJgXrxNuaTAv0P9lPpI51JRfGvvJ-63NB_yCZ2aEQN6iRMMUeRSXKnozK_bPWUhsUEZ7GRw8o7_n7achbcpQxOibckX77Gdm7TEFB68Su34PHNu3KrNKWSk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKqTehErn9XFC71OxeBvfCM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C9EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMgd5Ruwv8lK76zPEhxeZYc&google_cver=1

43 B
1 KB

22ms
22ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMgd5Ruwv8lK76zPEhxeZYc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQqafRlQIYgdWz2AEwAQ&v=APEucNV7R5GaxBJLG9KLqnor_7AtNj6qyuLsayLf4maoMpuzy-pqs4AQqdTjTsdoCJgXrxNuaTAv0P9lPpI51JRfGvvJ-63NB_yCZ2aEQN6iRMMUeRSXKnozK_bPWUhsUEZ7GRw8o7_n7achbcpQxOibckX77Gdm7TEFB68Su34PHNu3KrNKWSk

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:39 GMT
AN-X-Request-Uuid: 5a0dd3de-8ed0-4917-a0dc-8039be75f262
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMgd5Ruwv8lK76zPEhxeZYc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C9EA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMTYxNTM3NTEwMDcxMTIw

170 B
243 B

140ms
89ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMTYxNTM3NTEwMDcxMTIw

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Dec 2022 08:07:38 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8fe9f109-3856-4af1-9b1b-77997ede2182
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMTYxNTM3NTEwMDcxMTIw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 734A 41 KB
15 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dh4xiXgzJEN1CwIFg5gAxQkKS0P69vguDG2BhYywGe5qM0s8eLBissBx1YDvoXbbCbqG4iNeWnVmgkhhPeZfCV5k5f3IcJSaeOoVEFoZRMM1Jr0lBY80PHlf4S53J6xERCIGHVkqHq13wnHH6nU0BtgmlQifrd17jvWRZoK9q6qsfAiDU&cry=1&dbm_d=AKAmf-D_yIHbL6Y4S7dqa1rGm3Ew1tQH0hQ9yDpYNPcJdFm3J_fITs5HwaYnlJtcbPvslTRXvtDgToRSSBxh2SIa7afmp0uVMncSeaGBLikSQZTgPLKCmp7YyrECDU1E3OI5IX8vJm6QNe7listQ8S2GUMdBdfY4T9hwNaIF_L_RVLInk-g9crx2L5jFoC3IYOk2d_o0GlKe6gATmJB9sZV-Lg9P03p9SxKFORDFEcYQcyDDRJRXmfZ5xfaS3FfVbE91wGqtM3WCkU1yyUpwF7J4LxJMbDSMSezuBfcTpbdGqHxSSnq-CXPO_RV4vlUY4Y8yMjeLQa0JbX9ZhPv0vqeNLOBnna_JZRF2ZRCaxGLpX9nWIMbZl4WpCr-s4Ti_70ekqTRt--ZVYcwSzr-jKAABmpIIMIikWfDtzDzrjUsEy4C0B4tYrpqOmhn9zb5seTpeRpncGBPhjIIE7nbRkBcZm29noRHXwzz_GxfahdoY9XOzItPnaHSmgtOjx9aVQqGnzYlO6FC7efUAzgr7iNRsjf4hTE82TGc4awBO-Ai6TAFaAty6vMSrOH2EGe1HfIvukVDoVpiSIDXzMmfc1BnkkISbBrXL0cbnkIMulSr6VQIgcFG83DmAZQ8MddNU3941JkGHG5xgrTJ3-L2I3_NVjAtFPEzjBTDDY-AeoCtxbYlezKErFwSRc9pa6Pk0r8rIhNGa8ea_JeP0b1uYoi-3od9flwUWX-ty9oEg4lghla-slLCWjMbB0qyjXlGQg92HPZWjPYpXXmAP-QGeMhH9ub1TDn2zxvNT7u-fG-M02va2XyVctAt6WQza3l2d6sC5Mv0Aq0Nu5XvQYE_8cIuQwuPE6YSNcFJ-UszLvdxClPFjkTamjrCV_UOv8eCQNh-zjO3kzvLFblYnHJ_HP2_lcG8AWoX0-wVpQLB7AApxy0X4EG3_IXll644NmDsMDVBIDSR4T1ul9kEg-Skhymn8dbb9GvAXujhv7wdnA_H_o0d3twK1GeDWjt8345-9Mcy0pkb08VYF3Y1QXpkAi7EA4so14u8WmT0BK1QMFlIRlYB3gprmR0IfePPoWODZ9Q17fCGRbe9vW91WEQMwaOmn3qeWQpA0JDDTRw6Ja12ARXygLyE_Nw7xsF2c4EQFtuw0p-yVmUSU478VQE8nI6IOH-Xiq_ebGsiAaODMhLLIIw4iRZSn6CkECBeuUpy8LQ98h_aiMB9_RUly_bNh2YTZopf6_gXjsrf74q3N9zNOifPpjU16K_qhA4nmDmyLYM7cIE_P6SM3cTuXfMB7ogGxUlzzrd6bd9qABHqyNDgaH8Y1Pi1ihiOfh0zWp6Q_wle-GGEtnImlTqxMqEm3VghyyE3G46R-A41HaD5Cq7kAjfsF5YwOj5C0WhMFf9sey4BMyoc5DuBY-WA8_2P8WJrRUmUv37e9fuBAI7EHVaB0s10RwQiID6GhI45JLN-GNSM_uvwqiW_izcD47GjP7Hb0yZS-t0Q9uCUbIxPHRtdBm_cWGQDVXNrWqqB-667qKZ9sJFMTKvYLkA5FcIRuz91W8Um4gOGNHaLDhordDVm5GfPaI5aKJOeDlbhU74v6t6AGMJ9KO7bDNDDzfy6Ag2J_cmrTbguU9QQoRCGQfWBdyG-S7eH8M9LEXJi4GWZ1pmkJ1F_DcoW1Sc10wTtpLaf6LCRbmWmJv-0PYCmP9yrg-xbFG3p3AJUDVtyMZu0v2fnhHBx2rRfUp6DRyDCH37Be4eYywKiW9tzCLz8gKSFnsXJqXPy1H_YeZ-xW0DgfUncfBG-ZQM_Vtk_HOeShUecH-Gcpb3u91e-9EDsNv4Xdv5HSY59P8GoVNs9iQyIqCyxUgb9IlZE66OcbGN78-I7FaFLB7lwpfg030CCkpS808Bl5fdshVzj39v7TYOGAjLp9QJ1HrxB7YIO65l9SFHJ0a34DYAXQQb67AzkvKETw8OSgGVjDM0nPLExNZmkOtfhZIlR8_WK3xUnjvOK2CzKBuSzXInayREDK2QYh9jDH_IqQYeD7IB2c9wMv2DzLn_LAo7Wk3q3yHqiqWFFEzNW2c7NMIv93DZGNwhJ28H6WZcfVYASJKplp1N97etN-_km8k6Mqock9aZqzru7xSSWQV2znG6E02uza3OljjtXx3wlHlQeJmr2hLYB4Vgk3Tayw9hHOOHaWbUaQJVvpNItgrXw5rjEj_qmBkMiz-kF3CYmTbHd71AVIWk9Yq2PXoQlvctxd--n4Ae0uJKBUWbqUxwJ0l4I8MVHfElXQUDohtDPyffAj_mfCUs0wW5wq4j3uWm894Z-xgNI9b9ljrgzZrclWuJNAfjf8rtHqMRDVqPSFe4Hq_Mzpjcf5xgP1B4Ur_Jx5SLuGxRb-Qyq1T0OhkenFZ7ls7h7F6Uw8CbRFo0_gnTbgGbDiGgTWfqgO5Hz_7pBZDqJZu06FCeZ6AOqVVo8dp1hzrW8-5-oryXpEee1YeHNtw8whWhJa8CBKCl9bnoaAiYoaEAIxhm6x1ItE2oCph4cMnK76HKzKwnzrjrWV_rBnncUuuDcbh96FQKNQ-vBz1rYoejuh1uHT0HjbiFbXLjcPRGn-7PA4kCbbwvXgAYFEpE6pwxunP3gOBwQvlvQNLp3_CQEkYS-8Lbv7kq0-RjOujhabrfOL7cW_y-CnrRZYqecEkzwtWY2s0czd2ZEm5KmDDGOMli-PrbtNbhQJJpv30g2rpfAWxjQhpB0sOaSjgXUf3Hminu4sMQW1RRsmKvE8mLbXVUxQRuHfEutJYicx7E2jOjKtSwgVBEg98lf0fbUYBmdYMHQECOTImmWeZWc6MqvAWe9CR1oMMvQCzTvDZqguk8FBIAdqqUb2TxzhxZodi61tLO4PVt9fqzs29dMsi-syeNpuaJ9VlrIHfCwXgA&cid=CAQSKQDq26N9cAtjYefID8LU01iXG_PH40I5BrXpWrcRtk17x4EJRSTzr3obGAEgEw&rfl=1%2Chttps%253A%252F%252Fpelotainvernal.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 15:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 15:58:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 92DC 6 KB
730 B 64ms
62ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Dec 2022 08:07:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Dec 2022 08:07:38 GMT

GET
H3 200 7296e22ca20ac6472628647a52a912af.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame 92DC 9 KB
9 KB 38ms
36ms Image
image/jpeg 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/7296e22ca20ac6472628647a52a912af.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Dec 2022 04:04:37 GMT
x-content-type-options: nosniff
age: 14581
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8880
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Dec 2023 04:04:37 GMT

GET
H3 200 0eeebe2aab7fa2fb99c2a447383fb9a6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame 92DC 9 KB
9 KB 39ms
37ms Image
image/png 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/0eeebe2aab7fa2fb99c2a447383fb9a6.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Dec 2022 04:04:37 GMT
x-content-type-options: nosniff
age: 14581
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9647
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Dec 2023 04:04:37 GMT

GET
H3 404 undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 92DC 43 B
69 B 516ms
514ms Image
image/gif 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 17 Dec 2022 08:07:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8670 0
0 81ms
30ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQe_zadZYkGotNFj0yOlh-m2Q18RF7GzWhq9F9XmGIcMIEZeHPghLrimz-lyWGdcB2UKsn3CSU66k7SVINneM3ePfIihQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8670 153 KB
47 KB 76ms
75ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 08:07:38 GMT

GET
DATA 200
OK truncated
/ Frame 8670 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1ac2302fad1d30571d4eec6194f7402b7ff855aa9cde40eafb9347b9d33ff4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 64E7 70 B
265 B 165ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGWn_12qTl01qQdkzsYfyw4&google_cver=1&google_push=AavPq0NCkRJxkg4zFHHHG_z5nn1xF0yfIqCu7vWMv3Lwfpx6Q2yD1qUX1FLLWAj8Fz6F1nodqQYc4PdvzxsIHjK1ldKgPptRTJfAkk4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 64E7 0
173 B 110ms
30ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAR-AyILTMDiqPnDxLeF-bM&google_cver=1&google_push=AavPq0O4V0R2Z2rt7x_zW4szAu6Rj0YYH8YG-g3tYrYKqcDVbfNOlP06jAp6Gn4tk3RPBlVDl29xwZHzfQzY_-il8YlFmPOT4g54kw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64E7
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBqdPBgY5L7fHYtT9kZf5Ag&google_cver=1&google_push=AavPq0MlX4n-GHkDZb01mG3nuPdoSlmRy0O-idNQj00q1bOJZlwkX5hIsUqDTYqNwkyAHuBDGUsoh8SYvEMaT2STsIqb...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=27235952-f12c-4060-9e47-fe2b74706ef6&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MlX4n-GHkDZb01mG3nuPdoSlmRy0O-idNQj00q1bOJZlwkX5hIsUqDTYqNwkyAHuBDGUsoh8SYvEMaT2STsIqbdYMJP8_PMA4&google_hm=5JRW30kWTbSX0qkl68HE...

170 B
188 B

57ms
57ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MlX4n-GHkDZb01mG3nuPdoSlmRy0O-idNQj00q1bOJZlwkX5hIsUqDTYqNwkyAHuBDGUsoh8SYvEMaT2STsIqbdYMJP8_PMA4&google_hm=5JRW30kWTbSX0qkl68HEXw==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MlX4n-GHkDZb01mG3nuPdoSlmRy0O-idNQj00q1bOJZlwkX5hIsUqDTYqNwkyAHuBDGUsoh8SYvEMaT2STsIqbdYMJP8_PMA4&google_hm=5JRW30kWTbSX0qkl68HEXw==
date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64E7
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOSNE3d-qFQWJ4gkXd8YiwY&google_cver=1&google_push=AavPq0OdUwUu3FZCixl3EobBeQoP0RAp7U-sMznCD2ZFauiStHRcTuVBJ5L2gcPBdffkzgNX90TJIa8_E9M8BUbUl2zBTCv...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OdUwUu3FZCixl3EobBeQoP0RAp7U-sMznCD2ZFauiStHRcTuVBJ5L2gcPBdffkzgNX90TJIa8_E9M8BUbUl2zBTCv-_Ex6ww&google_hm=eS14R0FXTTFaRTJwRTNy...

170 B
188 B

116ms
58ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OdUwUu3FZCixl3EobBeQoP0RAp7U-sMznCD2ZFauiStHRcTuVBJ5L2gcPBdffkzgNX90TJIa8_E9M8BUbUl2zBTCv-_Ex6ww&google_hm=eS14R0FXTTFaRTJwRTNyZEtjZ29qakIuRzQzMUhXVmFZY35B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Dec 2022 08:07:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OdUwUu3FZCixl3EobBeQoP0RAp7U-sMznCD2ZFauiStHRcTuVBJ5L2gcPBdffkzgNX90TJIa8_E9M8BUbUl2zBTCv-_Ex6ww&google_hm=eS14R0FXTTFaRTJwRTNyZEtjZ29qakIuRzQzMUhXVmFZY35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64E7
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KAzVKWIIRfaFKbC-BWEfSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

124ms
58ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KAzVKWIIRfaFKbC-BWEfSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Ne7gA9qT5KYolqd0Np_9NxGZd-95U8urdvYzOvDDJAtMLOLOa-PxGmLsehNPeVwify8z5ZAXhAxWWGGHz40Tm7H-bgxmuRtIw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KAzVKWIIRfaFKbC-BWEfSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Ne7gA9qT5KYolqd0Np_9NxGZd-95U8urdvYzOvDDJAtMLOLOa-PxGmLsehNPeVwify8z5ZAXhAxWWGGHz40Tm7H-bgxmuRtIw
date: Sat, 17 Dec 2022 08:07:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64E7
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEIB-H10VP8_UhyRbShaqHsg&google_cver=1&google_push=AavPq0PTGVjZAYg74TxS3-8QvRjuhRmT4kp_lY8vjbJg04M6t1riFEeN2CsTYJwSSe4AwLvKEJ4lxz6JA14WM3unEdnzFh...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIB-H10VP8_UhyRbShaqHsg&google_cver=1&google_push=AavPq0PTGVjZAYg74TxS3-8QvRjuhRmT4kp_lY8vjbJg04M6t1riFEeN2CsTYJwSSe4AwLvKEJ4lxz6JA14WM3un...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SHCX8DlBTcyuEe4jSBp7tw&google_push=AavPq0PTGVjZAYg74TxS3-8QvRjuhRmT4kp_lY8vjbJg04M6t1riFEeN2CsTYJwSSe4AwLvKEJ4lxz6JA14WM3u...

170 B
188 B

59ms
59ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SHCX8DlBTcyuEe4jSBp7tw&google_push=AavPq0PTGVjZAYg74TxS3-8QvRjuhRmT4kp_lY8vjbJg04M6t1riFEeN2CsTYJwSSe4AwLvKEJ4lxz6JA14WM3unEdnzFhNqLJIEqQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SHCX8DlBTcyuEe4jSBp7tw&google_push=AavPq0PTGVjZAYg74TxS3-8QvRjuhRmT4kp_lY8vjbJg04M6t1riFEeN2CsTYJwSSe4AwLvKEJ4lxz6JA14WM3unEdnzFhNqLJIEqQ
access-control-allow-origin: *
date: Sat, 17 Dec 2022 08:07:39 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64E7
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEDHfyRJguM3xLIAD-xQ7Hg&google_cver=1&google_push=AavPq0PPrJXuefX_eBVZqSrmmLOKXMVrnQeudLCd4vn3Bwe3-KNmQssOHzhQbrGjfB-lNZae_57IrIW0ZzArNf_qZejmosPT_9...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PPrJXuefX_eBVZqSrmmLOKXMVrnQeudLCd4vn3Bwe3-KNmQssOHzhQbrGjfB-lNZae_57IrIW0ZzArNf_qZejmosPT_9f...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ3MzczOTQzOTU3MTc2NTgzMTI0&google_push=AavPq0PPrJXuefX_eBVZqSrmmLOKXMVrnQeudLCd4vn3Bwe3-KNmQssOHzhQbrGj...

170 B
188 B

128ms
57ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ3MzczOTQzOTU3MTc2NTgzMTI0&google_push=AavPq0PPrJXuefX_eBVZqSrmmLOKXMVrnQeudLCd4vn3Bwe3-KNmQssOHzhQbrGjfB-lNZae_57IrIW0ZzArNf_qZejmosPT_9fQRiY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ3MzczOTQzOTU3MTc2NTgzMTI0&google_push=AavPq0PPrJXuefX_eBVZqSrmmLOKXMVrnQeudLCd4vn3Bwe3-KNmQssOHzhQbrGjfB-lNZae_57IrIW0ZzArNf_qZejmosPT_9fQRiY
date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 64E7 0
50 B 135ms
86ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KWLgwmhKmeTfNyW8WdHjrZg5GCNdS3oTbo0Z6Xu5C4Wm6H8E2QXMk_Y8ABmOfUqJRcuVX4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E28
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

67ms
66ms

Document
text/html

2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:39 GMT
expires: Sat, 17 Dec 2022 08:07:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AE8B 22 KB
8 KB 35ms
35ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 01:32:53 GMT
expires: Fri, 15 Dec 2023 01:32:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame AE8B 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 18:33:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE8B 0
20 B 73ms
72ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BS2j8ynidY96mMtbm3wP40LCYCAAAAAA4AeAEAg&bg=!AQKlAkbNAAYgquz3AKo7ACkAdvg8Wm7MjVbc93LM_Wf5r0zMqTSqaSKs6r67otV6FcCOYQNwadrcyAIAAABRUgAAAAJoAQeZAw8yvWJSTSaLv2neO-y6kn-2s1liR0A0dAfNVkGmn37bkjcRvP3L2O9O-yvjUPED_8xXeTVjcSY12GLOirQxMci1T738kgo5WPR45NplOpPIzDuruLYQ83bOFTvlx8eSMu1OtYB6FjrjZlJjlHN4h4zDX8KDVuic7hfMaF-uH63YwnQ3vNl5oxVU4TRGziAGTP0eDl7Vu95woqvh5nWDaxejulkJiRT99WoGNyCKGRpyxWoueIacLZEqeAKmLTsz7VOSpc22TmQjRs_MQ1xlRXQQCoQxetWkOqSZGNk8vzM4z8oSH2MIexDxItbqsV0csT-ko205eMOSxW6CLNBhyT5y5csFv9224WYBTfhBms-nNnPAooa_N0J1P7bPjGnxxxEeCiSXdp1AIGGd3QPOa2lXm2KZtm-VRbIXXWVV_hVcQZMZF-MnyZ3wMoL6dEHvMYFCVPl9RcYTZ4HuhE42oZqCgtJe712ye7d8nk7ULjhW9EGEco9Fp-B31rn0JVRRxqbP3_JLXtVNHEBRbCAWcc4FGvQJJL-3biscvv1m5ZuOVf9auMapMzp3ZHPqFJeuh64cthPMC0k00q-EhZljIXmxkVqDRNSCc7-dPWE1Jj_oVkIeAqZ8-M9i_LDiEOvMiPWMtR_k__g74nUcWopWMvvz01FMUOHWen7VzPRUVB6gZzDJmqLvwF29rq8XZci8NvaJDbA90ZncLjB65kfnjpPNlGCaV5u6AEo4EQ2exD1f3q752pZuW2u3dXlsjFcd07WOvh6yt3ipI-rL8zsmugpYko1meDX1KN1eAnwI8SDglHdJqnqQnGf4jDlNA18BbuwyTAA8MOaK1pUVrjMn4hDFfQf4LdrX8oBDdEJQelhi6D_zjkzqaKRP0amzGEb7WU6XT2Pbw3VNw96de4n0q1npw-L9RLoWve-HOpUGefDVwRoWeZIrIcj9-CgpkTL8G4dIMU_vqIym4xSuiQEPYaUvo9P2b7_uyrppH6wvbbdAFMSSgEWl7IWn3wdm5jX-XvX6IIgFolTqRCMvODKPZo8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 186ms
37ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fpelotainvernal.com%2F&cb=902002038&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C1365015560893382882556662929%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:39 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.004304
X-SpotX-Timing-Transform: 0.000282
Content-Encoding: gzip
X-SpotX-Timing-SpotMarket: 0.004304
X-SpotX-Timing-Page-Require: 0.000322
X-fe: 023
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.002657
X-SpotX-Timing-Page-Cookie: 0.000024
Content-Length: 79
X-SpotX-Timing-Page: 0.008080
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000259
Last-Modified: Sat, 17 Dec 2022 08:07:39 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://pelotainvernal.com
X-SpotX-Timing-Page-Exception: 0.000000
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000009
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-Mux: 0.000223
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 831 B
1 KB 51ms
50ms XHR
application/xml 2.18.79.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C1365015560893382882214325176%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dec0fa89665fa646ab3a2b5ed8fc8e4589a06b38b91b707239fd14bfc2ed2a33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:39 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 831
x-sticky-vk: 1671264459062098-582
Expires: Sat, 17 Dec 2022 08:07:39 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 734A
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1203349/67009481/xbbe/creative/adj?p=APEucNXUQEF-4rfSacNQQcmCuEwcxl_bBxyZCpKiQXmDnOzyk__G-zc&d=CokBAKAmf-DHiY-SvFL3bDhgUPNY54S-lEy6qT3EhJVBbzbj9izEMfmLUcRp4Nd...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXUQEF-4rfSacNQQcmCuEwcxl_bBxyZCpKiQXmDnOzyk__G-zc&d=CokBAKAmf-DHiY-SvFL3bDhgUPNY54S-lEy6qT3EhJVBbzbj9izEMfmLUcRp4NdE3G3B2CHpl97cIXcNkJ9EWZBWj...

65 KB
22 KB

149ms
58ms

Script
text/javascript

142.250.27.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXUQEF-4rfSacNQQcmCuEwcxl_bBxyZCpKiQXmDnOzyk__G-zc&d=CokBAKAmf-DHiY-SvFL3bDhgUPNY54S-lEy6qT3EhJVBbzbj9izEMfmLUcRp4NdE3G3B2CHpl97cIXcNkJ9EWZBWjQ9jIh4VjqQlGUp6HYyZgarZM23IosD0HlmtBtvoqj2GI6VukF97sgjTwS69oj9J7StRPQGVCvtKfF2TqXt_11L8_IyCNqAPZZ8S6RMAoCZ_4JwdD3tRMKTIPRu4xfXViOZeS1HQVgvrkSiVZiyCBun5Q7HEDYVxXO4F5ym_PDFBuIUi_bDB1PUTFhM0QuPQZp9oFYW3E1jG2-IRJbUN_wnWiQQ7OdL4Vj9Ob_SXfAnPg__hxhxqNJ7fEtKv1QjaGYfYBTbmKxF79oigDkdLsF6CRkICYToolVXsUNyKwVCwyY6PGyVyUAHHATTMXAcrS8AzTqGTi9TrhO-a3ge6adB4msB639rqsDrjNV2DmxmvZnBdTyq1cBoca7qBi7RGHuSeaujtdwGQO_Z3MpdUVsDxDbC6zbfeRi3he7CB740S-zwTvXEsS3Vg-tjfYwWVWJxUwaF4wK4ecuYwyfHCU_Z324OyIkQceRqpMAuIYJ7xklC_ZgpuFptOV1EdB4iSwMsQSGfeGZ3J7sk7WNQTDkpt-2UihKP2C2Hd4zOixxUgMZ8q91cpmxnYIoBLZ_U7opjtKaTIsq1NgNajSqd2ZeKJ-aSaq5EEwAwojb7zNCGnnq76JX4zv4v3FrDp1tqGpjoTHquH01_KMraDRUAv_tBHipZAOpLIWQY-RHKSKGe1-2JE_8-BbHEWPLrc1Ue8AjmNK1lBxD7IdFGF8lanu9Bi3m2NhU-d-iqXyxzPdnHNgceixQOET2EwRe6UtyGRnS7C4dzG8313wMbNWeXcrurWlCo9s2VUJdUv2FrmY-eM_8cG7CXZwh8PSGEclRTFhpozMcuKe08sWnkH0CVz1Ef1KPGfvGZOg4ejF7dekAl2g8UxQoQNKJEBEkQNU8PQfaAV7fVAgDAPT9SMnq23e1-enXDp0psj_PLcZhGLESa0dDb_RJGfelpsXMxNcU5mHsbuFkas8ItoSwmDLIMiAR_I8HNxkzWLDXbrMlvhDb7SDAI6RVt7qaRlOSmA2PJdQTMsZZEfA-UGOmVAU-8H4I4e9HH_-Jz96wBccBqpokzPwm7nqLesjwNQUFKWI5N6jkAkU40ti6ky9Tpv6dDtd7JnBRG5JZTIiaeh76-k-XX0l9aj4YG_fBX79z-5yfPXGXuhA1w-FToGCK17UMG609rStRMhkxgiz_AFeNWEkvtaSQkTrnCQh_hX0h5pQONtDgOpmCNjTGTQeEK3rcZZsf9Q_BKHIgheKWkvKvdiwsvo8-Bqht6mI0bijJ6FI4W7ET4-5vfNBnOFp3syrzsCafh5iEZ95nbK3d-4tXNAeKc89solpPq7RRx8hie-c0bVocdKogd3AAOrrIFw-7K3_9zpDTCeVbHuLSX1_O6S5bD2YIMtHqInfYRm_1f2owLgBgDYGV9pcvheMf_nQIbdCKTsNIeuWQy4Kv84pLrM4YTegTR4-eryp6hPRuI4LpvfK8C3UfQtMFBr8FXjNZMCLfYsYZUqBZB5_1sw06cvsy08GiSYk6Ur7g04tQvS39dZN5v2Tz2BwsvarFo8FbTRa_rMyIkStU0lT6MC9rcvBenEU44q3Owa5SKiON0KrlQ46ViKk161VOG2h_oiwGTWGwWaHOm6QghW0TXZK2nMZwCCkwcN_fJPM6bzNX9SkERuk5GVBTPIj-x4V8jOkQ9UaiM2dhHDN2cGQU4TpNS2PTtPdgvQ0GEk-NnXyx-X771w6jP-UoFE76J0NVgnTMGZ1yXETlS8Dqq9Dibe-71I4D3U4bMNJ7aIgn4IkXT_YwdOM14FiFKqRtXqIo_bWEWVnGdTV5ihZmM5IdVODizfh1LSGhV3djTeHke5xnaLMvz-vpDkwSgdVUvRuq1oYnQZZowaeoX0FiNFhYnpv1ZhC_IwdaQhH4QRwPmLqd4-tPiB8Saf_YYQltCb_r94aPEeworGd2QRaWQ6ld15mdmi0Tgi8vYwmB4JoY9vMejXtC-_Kfuk2g85N9reu-SC_s-4jG9tIQ-258gxRluP3HxRFj3i-XuTONFDJiKFpAxDw9Nf_BhPD96rZdEhSfa06uadBDRuJJRbEI-DK1MZkslXan9b0kGvWdTKT3klBhy3CF6FjUDOIFrZKJu2hy0jusMkTSZ_u45Zn2e3OIbXKHRWiqdGn3Ymc5T3U_raoeyTwusvCQWxWzQ_lNNxuT0aUgw5S_G6-kqFs4DVAuXhl-9-5FLZk5Z1kg7Kmt0ZDllpgFjPPIou_vpiP57pwiJlrqqt5KDDN4xVupxzDVmarlgQ2XwaFeIoNR7Llvka326jTQ4PJG2A300woBtwZTHsUxHBk4xRWI5GhQlW69UIDZzOGpkcajZan6CcZqS1htP6GVQ003oYx1trSrBi1mlXnqMFgHeeksAEwxutiZsFGxF78UtYqVG9CA3RQdxMC8yR80riMnFd8ClSCAdXSnT65DDTuIZ8lPBoILPAEemXRkhjPZTmUjvcG8hYS3t6OGhvuk15MSTHfIC-Vl3f3RnfQzPA8x1t4D7v4W3P-Uw_3DFoCuZ8Hzu2bATlfD9nH2QNb8u8D0ca9OfpZ7ABH1GQlfF-_31Q0xhHDpsCOSeJH_topOhqL3ZNdAyKlFIqVec1jKqzIS5Ky9elxCTFzb8DpbpCW5c2eivlUT4DCcUFPnP-QGGCmb-XZC80PB5XlWHev7tC-agzhqfKW_vpjWElqmGnfSyM0-gaIMxX9QWpWXAELrKAKETwFkA1qfJfTx0LdI-ZlixnfruSED1xjIbo3No1IGiLb28i2edBht1p7MdrZw4EEoEscnNujUk-nt2sE_Mkxve7h5DpwJC2EExhz_46RTyO7TYykWjs9Q5RusATMj7tHBo-T_cljr0pwubM-JBAI9uScfvmENz72nrgrA29gcF8u-U6Z5DJKgjCTbWGpHoaDJAdsPRYGiy0etjMUGaqs_QpK5DyI3kzSvICYH9jR-BPr2ITeDwm_6zwmVD2xg0OGXpGHhsEwWazOX_WczprhZK7gO2svu4ZsWJwL84vi4cqLDHuVsxhm5yJjc26jjWgJgAdzsrd5MA0cD-XxY44XeIQxlMMWDYpkwXh2kV-5BtU1xMfQpqghMEbFjE7ckhoE90dixZdriJLySqQEumHusdRcjLW6gsJgngORuXC19c6ip5tNl6BlbYUsK-dnMRY4yzvZPioxux7lWbsIBmQ3gGLkWcFxsduBgiEBimkiSVC0JQcY90VjKTHDR-W8m14DBvIMJYqnaYVUavrI4x7XwhcowuU0EmHgJ-Ap5_zf6yjv_68HNUWErp5kBR6J5r-X6hUSFlx4Mprj2aLZHcfAUQJaADTB5FRfE_8yWLR_dFx8DdmaH01-5YW8O5jWyPb1EJzgQRuSPpP6W82m6PABFF33an5KCHso8O_R5BGEduJPk8uID3lhCtRasusW7RC7MsPLxQmwWrRICflTOgjxrG1gCN3sQUA0Wv7Tn9GKYChoXu6tBoxCAQSKQDq26N9cAtjYefID8LU01iXG_PH40I5BrXpWrcRtk17x4EJRSTzr3obGAEgE2AB&cry=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.27.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ra-in-f156.1e100.net

Software

cafe /

Resource Hash

e0f35fc5d87135d11206b5f9f33392df2c2b873019a33460b933b72db6be49c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22459
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: nginx
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXUQEF-4rfSacNQQcmCuEwcxl_bBxyZCpKiQXmDnOzyk__G-zc&d=CokBAKAmf-DHiY-SvFL3bDhgUPNY54S-lEy6qT3EhJVBbzbj9izEMfmLUcRp4NdE3G3B2CHpl97cIXcNkJ9EWZBWjQ9jIh4VjqQlGUp6HYyZgarZM23IosD0HlmtBtvoqj2GI6VukF97sgjTwS69oj9J7StRPQGVCvtKfF2TqXt_11L8_IyCNqAPZZ8S6RMAoCZ_4JwdD3tRMKTIPRu4xfXViOZeS1HQVgvrkSiVZiyCBun5Q7HEDYVxXO4F5ym_PDFBuIUi_bDB1PUTFhM0QuPQZp9oFYW3E1jG2-IRJbUN_wnWiQQ7OdL4Vj9Ob_SXfAnPg__hxhxqNJ7fEtKv1QjaGYfYBTbmKxF79oigDkdLsF6CRkICYToolVXsUNyKwVCwyY6PGyVyUAHHATTMXAcrS8AzTqGTi9TrhO-a3ge6adB4msB639rqsDrjNV2DmxmvZnBdTyq1cBoca7qBi7RGHuSeaujtdwGQO_Z3MpdUVsDxDbC6zbfeRi3he7CB740S-zwTvXEsS3Vg-tjfYwWVWJxUwaF4wK4ecuYwyfHCU_Z324OyIkQceRqpMAuIYJ7xklC_ZgpuFptOV1EdB4iSwMsQSGfeGZ3J7sk7WNQTDkpt-2UihKP2C2Hd4zOixxUgMZ8q91cpmxnYIoBLZ_U7opjtKaTIsq1NgNajSqd2ZeKJ-aSaq5EEwAwojb7zNCGnnq76JX4zv4v3FrDp1tqGpjoTHquH01_KMraDRUAv_tBHipZAOpLIWQY-RHKSKGe1-2JE_8-BbHEWPLrc1Ue8AjmNK1lBxD7IdFGF8lanu9Bi3m2NhU-d-iqXyxzPdnHNgceixQOET2EwRe6UtyGRnS7C4dzG8313wMbNWeXcrurWlCo9s2VUJdUv2FrmY-eM_8cG7CXZwh8PSGEclRTFhpozMcuKe08sWnkH0CVz1Ef1KPGfvGZOg4ejF7dekAl2g8UxQoQNKJEBEkQNU8PQfaAV7fVAgDAPT9SMnq23e1-enXDp0psj_PLcZhGLESa0dDb_RJGfelpsXMxNcU5mHsbuFkas8ItoSwmDLIMiAR_I8HNxkzWLDXbrMlvhDb7SDAI6RVt7qaRlOSmA2PJdQTMsZZEfA-UGOmVAU-8H4I4e9HH_-Jz96wBccBqpokzPwm7nqLesjwNQUFKWI5N6jkAkU40ti6ky9Tpv6dDtd7JnBRG5JZTIiaeh76-k-XX0l9aj4YG_fBX79z-5yfPXGXuhA1w-FToGCK17UMG609rStRMhkxgiz_AFeNWEkvtaSQkTrnCQh_hX0h5pQONtDgOpmCNjTGTQeEK3rcZZsf9Q_BKHIgheKWkvKvdiwsvo8-Bqht6mI0bijJ6FI4W7ET4-5vfNBnOFp3syrzsCafh5iEZ95nbK3d-4tXNAeKc89solpPq7RRx8hie-c0bVocdKogd3AAOrrIFw-7K3_9zpDTCeVbHuLSX1_O6S5bD2YIMtHqInfYRm_1f2owLgBgDYGV9pcvheMf_nQIbdCKTsNIeuWQy4Kv84pLrM4YTegTR4-eryp6hPRuI4LpvfK8C3UfQtMFBr8FXjNZMCLfYsYZUqBZB5_1sw06cvsy08GiSYk6Ur7g04tQvS39dZN5v2Tz2BwsvarFo8FbTRa_rMyIkStU0lT6MC9rcvBenEU44q3Owa5SKiON0KrlQ46ViKk161VOG2h_oiwGTWGwWaHOm6QghW0TXZK2nMZwCCkwcN_fJPM6bzNX9SkERuk5GVBTPIj-x4V8jOkQ9UaiM2dhHDN2cGQU4TpNS2PTtPdgvQ0GEk-NnXyx-X771w6jP-UoFE76J0NVgnTMGZ1yXETlS8Dqq9Dibe-71I4D3U4bMNJ7aIgn4IkXT_YwdOM14FiFKqRtXqIo_bWEWVnGdTV5ihZmM5IdVODizfh1LSGhV3djTeHke5xnaLMvz-vpDkwSgdVUvRuq1oYnQZZowaeoX0FiNFhYnpv1ZhC_IwdaQhH4QRwPmLqd4-tPiB8Saf_YYQltCb_r94aPEeworGd2QRaWQ6ld15mdmi0Tgi8vYwmB4JoY9vMejXtC-_Kfuk2g85N9reu-SC_s-4jG9tIQ-258gxRluP3HxRFj3i-XuTONFDJiKFpAxDw9Nf_BhPD96rZdEhSfa06uadBDRuJJRbEI-DK1MZkslXan9b0kGvWdTKT3klBhy3CF6FjUDOIFrZKJu2hy0jusMkTSZ_u45Zn2e3OIbXKHRWiqdGn3Ymc5T3U_raoeyTwusvCQWxWzQ_lNNxuT0aUgw5S_G6-kqFs4DVAuXhl-9-5FLZk5Z1kg7Kmt0ZDllpgFjPPIou_vpiP57pwiJlrqqt5KDDN4xVupxzDVmarlgQ2XwaFeIoNR7Llvka326jTQ4PJG2A300woBtwZTHsUxHBk4xRWI5GhQlW69UIDZzOGpkcajZan6CcZqS1htP6GVQ003oYx1trSrBi1mlXnqMFgHeeksAEwxutiZsFGxF78UtYqVG9CA3RQdxMC8yR80riMnFd8ClSCAdXSnT65DDTuIZ8lPBoILPAEemXRkhjPZTmUjvcG8hYS3t6OGhvuk15MSTHfIC-Vl3f3RnfQzPA8x1t4D7v4W3P-Uw_3DFoCuZ8Hzu2bATlfD9nH2QNb8u8D0ca9OfpZ7ABH1GQlfF-_31Q0xhHDpsCOSeJH_topOhqL3ZNdAyKlFIqVec1jKqzIS5Ky9elxCTFzb8DpbpCW5c2eivlUT4DCcUFPnP-QGGCmb-XZC80PB5XlWHev7tC-agzhqfKW_vpjWElqmGnfSyM0-gaIMxX9QWpWXAELrKAKETwFkA1qfJfTx0LdI-ZlixnfruSED1xjIbo3No1IGiLb28i2edBht1p7MdrZw4EEoEscnNujUk-nt2sE_Mkxve7h5DpwJC2EExhz_46RTyO7TYykWjs9Q5RusATMj7tHBo-T_cljr0pwubM-JBAI9uScfvmENz72nrgrA29gcF8u-U6Z5DJKgjCTbWGpHoaDJAdsPRYGiy0etjMUGaqs_QpK5DyI3kzSvICYH9jR-BPr2ITeDwm_6zwmVD2xg0OGXpGHhsEwWazOX_WczprhZK7gO2svu4ZsWJwL84vi4cqLDHuVsxhm5yJjc26jjWgJgAdzsrd5MA0cD-XxY44XeIQxlMMWDYpkwXh2kV-5BtU1xMfQpqghMEbFjE7ckhoE90dixZdriJLySqQEumHusdRcjLW6gsJgngORuXC19c6ip5tNl6BlbYUsK-dnMRY4yzvZPioxux7lWbsIBmQ3gGLkWcFxsduBgiEBimkiSVC0JQcY90VjKTHDR-W8m14DBvIMJYqnaYVUavrI4x7XwhcowuU0EmHgJ-Ap5_zf6yjv_68HNUWErp5kBR6J5r-X6hUSFlx4Mprj2aLZHcfAUQJaADTB5FRfE_8yWLR_dFx8DdmaH01-5YW8O5jWyPb1EJzgQRuSPpP6W82m6PABFF33an5KCHso8O_R5BGEduJPk8uID3lhCtRasusW7RC7MsPLxQmwWrRICflTOgjxrG1gCN3sQUA0Wv7Tn9GKYChoXu6tBoxCAQSKQDq26N9cAtjYefID8LU01iXG_PH40I5BrXpWrcRtk17x4EJRSTzr3obGAEgE2AB&cry=1
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 7EF0 91 KB
92 KB 122ms
38ms Script
application/javascript 2600:9000:206e:f800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 05:28:02 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 1651177
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Kwyb6zFLySvNH3Hd65uQ6cv-QlWUJpgpSQL3vny59cjfXKZhxIVblQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 734A 43 B
215 B 458ms
115ms Image
image/gif 2600:1f18:1aca:4281:68f:8ebb:736f:849f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1203349&asId=9d7d88cb-1a33-1b1a-7ba4-5e44f4fa56ee&tv=%7Bc:x2uJ4r,pingTime:-3,time:54,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:54,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B48~0%5D,as:%5B48~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqg7lPH+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b*.1203349-67009481%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3,idMap:1b*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:68f:8ebb:736f:849f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 734A 43 B
216 B 452ms
113ms Image
image/gif 2600:1f18:1aca:4281:68f:8ebb:736f:849f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1203349&asId=9d7d88cb-1a33-1b1a-7ba4-5e44f4fa56ee&tv=%7Bc:x2uJ4t,pingTime:-6,time:56,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:56,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqg7lPH+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b*.1203349-67009481%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3,idMap:1b*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&tpiLookup=ao:pelotainvernal.com*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:68f:8ebb:736f:849f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E891 42 B
64 B 142ms
70ms Fetch
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVP3m5EdpFQDpeUMmMq7sKXitOUNseArHQH6dM0hmwcPTjIroU4JIk8_stWoblOcMwahbYYMdc3VhGf7WM4EBsomgPMCLoDWot8jt8JNHtuVAXp4JODFuFbMkmvWZvehDhBs3VLA&sai=AMfl-YS1Ur2-T0UU8JeRP5kSo0MstIayW4HH4xgMEQdruc6nn7CR-SMH0R2RV3fQmY-PFZZfB3MyN9R4U87FgT8&sig=Cg0ArKJSzFOL6sTkyy35EAE&cid=CAQSGwDq26N91sExL6zyWL7FxOsKt0kTuR3ZHqJE7xgBIBM&id=lidar2&mcvt=1057&p=0,0,100,1298&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=88850195&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671264457135&rpt=1036&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 734A 43 B
215 B 443ms
114ms Image
image/gif 2600:1f18:1aca:4281:68f:8ebb:736f:849f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1203349&asId=9d7d88cb-1a33-1b1a-7ba4-5e44f4fa56ee&tv=%7Bc:x2uJ4G,pingTime:-2,time:69,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:437,beZ:439,mfA:441,cmA:442,inA:443,inZ:447,prA:447,prZ:453,si:457,poA:459,poZ:486,cmZ:486,mfZ:486,loA:493,loZ:497,ltA:507,ltZ:507%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B63~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqg7lPH+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b*.1203349-67009481%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:20,sinceFw:48,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:68f:8ebb:736f:849f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 106ms
106ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:39 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 56E6 0
166 B 115ms
115ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid_f51ac984.js Show response
vpaid.springserve.com/production/ Frame F4B4 506 KB
89 KB 168ms
38ms Script
application/javascript 2600:9000:2304:9200:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:9200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 17:09:30 GMT
content-encoding: br
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Tue, 06 Dec 2022 22:05:17 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 831490
etag: W/"b030ae2df4f66a78701be0f4e1a3a52f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-id: -ywZq7eFyurdRAKJ_PkbwbjBfpQrlGALOzghKQEVmojw2iPAotbfcQ==

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 59ms
58ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 58ms
57ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 734A 106 KB
38 KB 156ms
36ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24492
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Dec 2022 01:19:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 734A 8 KB
3 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1203349/67009481/xbbe/creative/adj?p=APEucNXUQEF-4rfSacNQQcmCuEwcxl_bBxyZCpKiQXmDnOzyk__G-zc&d=CokBAKAmf-DHiY-SvFL3bDhgUPNY54S-lEy6qT3EhJVBbzbj9izEMfmLUcRp4NdE3G3B2CHpl97cIXcNkJ9EWZBWjQ9jIh4VjqQlGUp6HYyZgarZM23IosD0HlmtBtvoqj2GI6VukF97sgjTwS69oj9J7StRPQGVCvtKfF2TqXt_11L8_IyCNqAPZZ8S6RMAoCZ_4JwdD3tRMKTIPRu4xfXViOZeS1HQVgvrkSiVZiyCBun5Q7HEDYVxXO4F5ym_PDFBuIUi_bDB1PUTFhM0QuPQZp9oFYW3E1jG2-IRJbUN_wnWiQQ7OdL4Vj9Ob_SXfAnPg__hxhxqNJ7fEtKv1QjaGYfYBTbmKxF79oigDkdLsF6CRkICYToolVXsUNyKwVCwyY6PGyVyUAHHATTMXAcrS8AzTqGTi9TrhO-a3ge6adB4msB639rqsDrjNV2DmxmvZnBdTyq1cBoca7qBi7RGHuSeaujtdwGQO_Z3MpdUVsDxDbC6zbfeRi3he7CB740S-zwTvXEsS3Vg-tjfYwWVWJxUwaF4wK4ecuYwyfHCU_Z324OyIkQceRqpMAuIYJ7xklC_ZgpuFptOV1EdB4iSwMsQSGfeGZ3J7sk7WNQTDkpt-2UihKP2C2Hd4zOixxUgMZ8q91cpmxnYIoBLZ_U7opjtKaTIsq1NgNajSqd2ZeKJ-aSaq5EEwAwojb7zNCGnnq76JX4zv4v3FrDp1tqGpjoTHquH01_KMraDRUAv_tBHipZAOpLIWQY-RHKSKGe1-2JE_8-BbHEWPLrc1Ue8AjmNK1lBxD7IdFGF8lanu9Bi3m2NhU-d-iqXyxzPdnHNgceixQOET2EwRe6UtyGRnS7C4dzG8313wMbNWeXcrurWlCo9s2VUJdUv2FrmY-eM_8cG7CXZwh8PSGEclRTFhpozMcuKe08sWnkH0CVz1Ef1KPGfvGZOg4ejF7dekAl2g8UxQoQNKJEBEkQNU8PQfaAV7fVAgDAPT9SMnq23e1-enXDp0psj_PLcZhGLESa0dDb_RJGfelpsXMxNcU5mHsbuFkas8ItoSwmDLIMiAR_I8HNxkzWLDXbrMlvhDb7SDAI6RVt7qaRlOSmA2PJdQTMsZZEfA-UGOmVAU-8H4I4e9HH_-Jz96wBccBqpokzPwm7nqLesjwNQUFKWI5N6jkAkU40ti6ky9Tpv6dDtd7JnBRG5JZTIiaeh76-k-XX0l9aj4YG_fBX79z-5yfPXGXuhA1w-FToGCK17UMG609rStRMhkxgiz_AFeNWEkvtaSQkTrnCQh_hX0h5pQONtDgOpmCNjTGTQeEK3rcZZsf9Q_BKHIgheKWkvKvdiwsvo8-Bqht6mI0bijJ6FI4W7ET4-5vfNBnOFp3syrzsCafh5iEZ95nbK3d-4tXNAeKc89solpPq7RRx8hie-c0bVocdKogd3AAOrrIFw-7K3_9zpDTCeVbHuLSX1_O6S5bD2YIMtHqInfYRm_1f2owLgBgDYGV9pcvheMf_nQIbdCKTsNIeuWQy4Kv84pLrM4YTegTR4-eryp6hPRuI4LpvfK8C3UfQtMFBr8FXjNZMCLfYsYZUqBZB5_1sw06cvsy08GiSYk6Ur7g04tQvS39dZN5v2Tz2BwsvarFo8FbTRa_rMyIkStU0lT6MC9rcvBenEU44q3Owa5SKiON0KrlQ46ViKk161VOG2h_oiwGTWGwWaHOm6QghW0TXZK2nMZwCCkwcN_fJPM6bzNX9SkERuk5GVBTPIj-x4V8jOkQ9UaiM2dhHDN2cGQU4TpNS2PTtPdgvQ0GEk-NnXyx-X771w6jP-UoFE76J0NVgnTMGZ1yXETlS8Dqq9Dibe-71I4D3U4bMNJ7aIgn4IkXT_YwdOM14FiFKqRtXqIo_bWEWVnGdTV5ihZmM5IdVODizfh1LSGhV3djTeHke5xnaLMvz-vpDkwSgdVUvRuq1oYnQZZowaeoX0FiNFhYnpv1ZhC_IwdaQhH4QRwPmLqd4-tPiB8Saf_YYQltCb_r94aPEeworGd2QRaWQ6ld15mdmi0Tgi8vYwmB4JoY9vMejXtC-_Kfuk2g85N9reu-SC_s-4jG9tIQ-258gxRluP3HxRFj3i-XuTONFDJiKFpAxDw9Nf_BhPD96rZdEhSfa06uadBDRuJJRbEI-DK1MZkslXan9b0kGvWdTKT3klBhy3CF6FjUDOIFrZKJu2hy0jusMkTSZ_u45Zn2e3OIbXKHRWiqdGn3Ymc5T3U_raoeyTwusvCQWxWzQ_lNNxuT0aUgw5S_G6-kqFs4DVAuXhl-9-5FLZk5Z1kg7Kmt0ZDllpgFjPPIou_vpiP57pwiJlrqqt5KDDN4xVupxzDVmarlgQ2XwaFeIoNR7Llvka326jTQ4PJG2A300woBtwZTHsUxHBk4xRWI5GhQlW69UIDZzOGpkcajZan6CcZqS1htP6GVQ003oYx1trSrBi1mlXnqMFgHeeksAEwxutiZsFGxF78UtYqVG9CA3RQdxMC8yR80riMnFd8ClSCAdXSnT65DDTuIZ8lPBoILPAEemXRkhjPZTmUjvcG8hYS3t6OGhvuk15MSTHfIC-Vl3f3RnfQzPA8x1t4D7v4W3P-Uw_3DFoCuZ8Hzu2bATlfD9nH2QNb8u8D0ca9OfpZ7ABH1GQlfF-_31Q0xhHDpsCOSeJH_topOhqL3ZNdAyKlFIqVec1jKqzIS5Ky9elxCTFzb8DpbpCW5c2eivlUT4DCcUFPnP-QGGCmb-XZC80PB5XlWHev7tC-agzhqfKW_vpjWElqmGnfSyM0-gaIMxX9QWpWXAELrKAKETwFkA1qfJfTx0LdI-ZlixnfruSED1xjIbo3No1IGiLb28i2edBht1p7MdrZw4EEoEscnNujUk-nt2sE_Mkxve7h5DpwJC2EExhz_46RTyO7TYykWjs9Q5RusATMj7tHBo-T_cljr0pwubM-JBAI9uScfvmENz72nrgrA29gcF8u-U6Z5DJKgjCTbWGpHoaDJAdsPRYGiy0etjMUGaqs_QpK5DyI3kzSvICYH9jR-BPr2ITeDwm_6zwmVD2xg0OGXpGHhsEwWazOX_WczprhZK7gO2svu4ZsWJwL84vi4cqLDHuVsxhm5yJjc26jjWgJgAdzsrd5MA0cD-XxY44XeIQxlMMWDYpkwXh2kV-5BtU1xMfQpqghMEbFjE7ckhoE90dixZdriJLySqQEumHusdRcjLW6gsJgngORuXC19c6ip5tNl6BlbYUsK-dnMRY4yzvZPioxux7lWbsIBmQ3gGLkWcFxsduBgiEBimkiSVC0JQcY90VjKTHDR-W8m14DBvIMJYqnaYVUavrI4x7XwhcowuU0EmHgJ-Ap5_zf6yjv_68HNUWErp5kBR6J5r-X6hUSFlx4Mprj2aLZHcfAUQJaADTB5FRfE_8yWLR_dFx8DdmaH01-5YW8O5jWyPb1EJzgQRuSPpP6W82m6PABFF33an5KCHso8O_R5BGEduJPk8uID3lhCtRasusW7RC7MsPLxQmwWrRICflTOgjxrG1gCN3sQUA0Wv7Tn9GKYChoXu6tBoxCAQSKQDq26N9cAtjYefID8LU01iXG_PH40I5BrXpWrcRtk17x4EJRSTzr3obGAEgE2AB&cry=1&bidurl=https://pelotainvernal.com/&bundleId=&adsafe_url=https%3A%2F%2Fpelotainvernal.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpelotainvernal.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20221207%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-3139134883708761%26fa%3D3%26ifi%3D5%26uci%3Da!5%26btvi%3D1%26xpc%3DSlzeJvG4ng%26p%3Dhttps%253A%2F%2Fpelotainvernal.com&adsafe_type=d&adsafe_jsinfo=,id:9d7d88cb-1a33-1b1a-7ba4-5e44f4fa56ee,c:x2uJ3S,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-mx69m,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:dfhui1,mtim:3,mot:0,app:0,maw:0,fm:tqg7lPH+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b*.1203349-67009481%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3,idMap:1b*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:df92d92e-7de1-11ed-a906-7e8647aa2870,v:19.8.377,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:51:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 20:51:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 734A 30 KB
11 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 16:53:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 16:53:10 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
17 KB 841ms
841ms XHR
text/plain 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3050005988402424&correlator=763792196486586&eid=44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22304838115%2Cpelotainvernal%2Cdesktop_sidebar_01%2Cdesktop_inread_1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x600%2C728x90&ifi=7&adks=2344183488%2C1811199381&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.11%26hb_adid_rubicon%3D21522fed17726f4%26hb_bidder_rubicon%3DITBHB%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.11%26hb_adid%3D21522fed17726f4%26hb_bidder%3DITBHB%7C&eri=1&sc=1&cookie=ID%3D4bdb7ed821fe63f1%3AT%3D1671264457%3AS%3DALNI_MZtHwsWcpycohopM3y1kKfZ58IHFg&gpic=UID%3D00000b939dc21876%3AT%3D1671264457%3ART%3D1671264457%3AS%3DALNI_MZDXafVZaUAeVRTcua26QY-Blf7_g&abxe=1&dt=1671264459424&lmt=1671264459&dlt=1671264456476&idt=1138&adxs=1149%2C275&adys=575%2C512&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=300x600%7C975x90&msz=300x600%7C975x90&fws=0%2C0&ohw=0%2C0&ga_vid=624986645.1671264457&ga_sid=1671264457&ga_hid=1874097792&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4f0dfe4f2130f154223e847e05537a8209be1a75512e846ac69d93dff1efb6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17425
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 317 B
168 B 85ms
84ms XHR
text/plain 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3050005988402424&correlator=763792196486586&eid=44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=40135427%2Cpelotainvernal_Video_Intext&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=9&adks=1276542802&sfv=1-0-40&ris=2&rcs=1&eri=1&sc=1&cookie=ID%3D4bdb7ed821fe63f1%3AT%3D1671264457%3AS%3DALNI_MZtHwsWcpycohopM3y1kKfZ58IHFg&gpic=UID%3D00000b939dc21876%3AT%3D1671264457%3ART%3D1671264457%3AS%3DALNI_MZDXafVZaUAeVRTcua26QY-Blf7_g&abxe=1&dt=1671264459427&lmt=1671264459&dlt=1671264456476&idt=1138&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=1600x1200&msz=1x-1&fws=0&ohw=0&ga_vid=624986645.1671264457&ga_sid=1671264457&ga_hid=1874097792&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6863cc2c6ce578743cadabac5bd04e90942f1dad98395b53232e03a7d75e224a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 92DC 18 KB
18 KB 37ms
37ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:21:28 GMT
x-content-type-options: nosniff
age: 81971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18688
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 09:21:28 GMT

GET
H3 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 92DC 18 KB
18 KB 46ms
46ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:16:44 GMT
x-content-type-options: nosniff
age: 319855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 15:16:44 GMT

GET
H3 200 Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 92DC 20 KB
20 KB 61ms
61ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 18:06:42 GMT
x-content-type-options: nosniff
age: 136857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20496
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 18:06:42 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 56E6 0
166 B 114ms
111ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:39 GMT
server: nginx

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7427 1 KB
643 B 36ms
35ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 18 Dec 2022 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7427 35 B
363 B 27ms
23ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMPjgS573vywvEPuoiLBgjI&google_cver=1&google_push=AavPq0NMaBEeloBrGo7Nz2Db7stEB0RPWbrgoukvH3v05urlK4SmaIicsdypCOVzn-XHBQsPexiIuBASvFnMZ5WGtafhrt60kBEMkA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7427
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFj0uTQ71HinEQJBYQj5i5U&google_push=AavPq0N4vxWGsNVDAiCkdAqVUygYf-M28C9DlAYmVDlSeXwiDS5rYYEHnw...

170 B
188 B

58ms
58ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFj0uTQ71HinEQJBYQj5i5U&google_push=AavPq0N4vxWGsNVDAiCkdAqVUygYf-M28C9DlAYmVDlSeXwiDS5rYYEHnwCFQnLlzccYv02MvwyvMffH7AJmbwk8SVI-hCwJPt5_VQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220032-HHN
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1671264460.617171,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFj0uTQ71HinEQJBYQj5i5U&google_push=AavPq0N4vxWGsNVDAiCkdAqVUygYf-M28C9DlAYmVDlSeXwiDS5rYYEHnwCFQnLlzccYv02MvwyvMffH7AJmbwk8SVI-hCwJPt5_VQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7427
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOSNE3d-qFQWJ4gkXd8YiwY&google_cver=1&google_push=AavPq0OxlGDIlG6L1_jQaOA-ay-Zsc3B6WcDDJ2thpSOD1oC1HbieqvHarKhjNZfZSe00rNO0Jy7HlzLQ8JXA5AuAfCsf7m...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OxlGDIlG6L1_jQaOA-ay-Zsc3B6WcDDJ2thpSOD1oC1HbieqvHarKhjNZfZSe00rNO0Jy7HlzLQ8JXA5AuAfCsf7mCz_RhJQ&google_hm=eS14R0FXTTFaRTJwRTNy...

170 B
188 B

58ms
58ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OxlGDIlG6L1_jQaOA-ay-Zsc3B6WcDDJ2thpSOD1oC1HbieqvHarKhjNZfZSe00rNO0Jy7HlzLQ8JXA5AuAfCsf7mCz_RhJQ&google_hm=eS14R0FXTTFaRTJwRTNyZEtjZ29qakIuRzQzMUhXVmFZY35B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Dec 2022 08:07:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OxlGDIlG6L1_jQaOA-ay-Zsc3B6WcDDJ2thpSOD1oC1HbieqvHarKhjNZfZSe00rNO0Jy7HlzLQ8JXA5AuAfCsf7mCz_RhJQ&google_hm=eS14R0FXTTFaRTJwRTNyZEtjZ29qakIuRzQzMUhXVmFZY35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7427
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEDHfyRJguM3xLIAD-xQ7Hg&google_cver=1&google_push=AavPq0Ng59pW36VZYeN2OpEL7ZLA7pBlwHw12Bf4az3ov1DOo6dIjt88g24Kv7nHVSHJmM-U79uYtqMcadA-oMKGzESDpH2dTcTv
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ3MzczOTQzOTU3MTc2NTgzMTI0&google_push=AavPq0Ng59pW36VZYeN2OpEL7ZLA7pBlwHw12Bf4az3ov1DOo6dIjt88g24Kv7nH...

170 B
188 B

89ms
89ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ3MzczOTQzOTU3MTc2NTgzMTI0&google_push=AavPq0Ng59pW36VZYeN2OpEL7ZLA7pBlwHw12Bf4az3ov1DOo6dIjt88g24Kv7nHVSHJmM-U79uYtqMcadA-oMKGzESDpH2dTcTv

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQ3MzczOTQzOTU3MTc2NTgzMTI0&google_push=AavPq0Ng59pW36VZYeN2OpEL7ZLA7pBlwHw12Bf4az3ov1DOo6dIjt88g24Kv7nHVSHJmM-U79uYtqMcadA-oMKGzESDpH2dTcTv
date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame 7427
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEG-jGeejozf-D7pfhl3Z0zA&google_cver=1&google_push=AavPq0OFvwbrC_S1x-BbI5QJbIzBoK60EZ9UMnWyH1eRjMEmGpvZhPdhceCzLfuNxLC1PaVF0OyCopUL4OX...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OFvwbrC_S1x-BbI5QJbIzBoK60EZ9UMnWyH1eRjMEmGpvZhPdhceCzLfuNxLC1PaVF0OyCopUL4OXkWnKsWIO1NFpYJyHIi14
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

21ms
21ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7427
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEC57awIScBWvk2SBzgmj7nM&google_cver=1&google_push=AavPq0OPmHoWc6dWz...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjgwMTYxNTM3NTEwMDcxMTIw&google_gid=CAESEC57awIScBWvk2SBzgmj7nM&google_cver=1&google_push=AavPq0OPmHoWc6dWzBNFtumwOm1Cc-d0nillMTGC8k...

170 B
188 B

57ms
57ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjgwMTYxNTM3NTEwMDcxMTIw&google_gid=CAESEC57awIScBWvk2SBzgmj7nM&google_cver=1&google_push=AavPq0OPmHoWc6dWzBNFtumwOm1Cc-d0nillMTGC8kHnWARi252faIA7W3cRA63yNKYUYImluIqthiavTr4Ep8eNLGDxeIBqSOG0Nw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Dec 2022 08:07:39 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2670daf4-7ca3-4d07-86be-c15a2bec19ea
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjgwMTYxNTM3NTEwMDcxMTIw&google_gid=CAESEC57awIScBWvk2SBzgmj7nM&google_cver=1&google_push=AavPq0OPmHoWc6dWzBNFtumwOm1Cc-d0nillMTGC8kHnWARi252faIA7W3cRA63yNKYUYImluIqthiavTr4Ep8eNLGDxeIBqSOG0Nw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7427
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBxKhE9Qi...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e49456df-4916-4db4-97d2-a925ebc1c45f&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

89ms
88ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e49456df-4916-4db4-97d2-a925ebc1c45f&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e49456df-4916-4db4-97d2-a925ebc1c45f&%%GOOGLE_PUSH_PAIR%%
date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7427 0
12 B 57ms
55ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUSsDzBuRKs5ycMkCbltdFVqbtZGhxBkcXAXUT1un1e8Z7KNyLVEjIok9Fh-X0wEl6bxrRddq9

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 92DC 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 18:33:48 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame F4B4 978 B
850 B 186ms
35ms XHR
application/xml 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459067,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 48e44620a6d6524dfb4f59d2acd16070c789a70908433b6f0883ad42ed15b293

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 603
expires: Sat, 17 Dec 2022 08:07:39 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/ Frame 6907 4 KB
1 KB 112ms
38ms Document
text/html 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89576551d8623a5884d6e9b741ba4f15762891c8e09473317a68663245d85a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 168364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1439
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 09:21:35 GMT
expires: Fri, 15 Dec 2023 09:21:35 GMT
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 734A 0
0 191ms
71ms Fetch
image/gif 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFMBu3-AEk66O2jTl3cgJftENkTFcfgts5H-QKw7DXypn-x962X5OpRLomu6ryE8nJs6Y01v3JRp45oF5ueRevXeRJrPpOSo4u4W0QFMjVLTSWAuWI4zjt3w8nMGNrRUc-n8hqfQLdaREm10NgGpfFZZAZ_AdZJf0WH5JD8xmvmRg76A&sai=AMfl-YTobMY2QjCfR8miQaASvN_f8CP22nB9xRPLYzMGZJ40lNhRvWjgzoTFRhq8JjvkdgZ3oQrpwtwLaRloRV2qdY1PtMMxb4fEu0Mqil6T&sig=Cg0ArKJSzO--jMPddlILEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=223&cbvp=1&cstd=221&cisv=r20221207.24282&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Dec 2022 08:07:39 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 734A 43 B
215 B 114ms
113ms Image
image/gif 2600:1f18:1aca:4281:68f:8ebb:736f:849f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1203349&asId=9d7d88cb-1a33-1b1a-7ba4-5e44f4fa56ee&tv=%7Bc:x2uJbJ,pingTime:-10,time:506,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671264459675%7C%7Ca2b9af3d137002f7501901393a208f5d%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7C077a3203fb2e48c31c7ec4b60c962730%7C%7C53e5874f0bd508e000c291b5a3c6f729%7C%7Ca9831ec00b5d0768ec00c4ba7cdf7aef%7C%7C3c38f70da25b4ba2ef5b85ebf597be73%7C%7C41a40e642cdd54e99e2f0f4c0bd0778a%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:68f:8ebb:736f:849f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 ad.css
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/css/ Frame 6907 551 B
328 B 37ms
37ms Stylesheet
text/css 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/css/ad.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fce8f89f33c6f0257417fbf3476c9847131ca25f2d184a5fc7a11e61f8d65ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168364
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 299
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 09:21:35 GMT

GET
H3 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6907 112 KB
38 KB 68ms
68ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Dec 2022 08:07:39 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 45 KB
45 KB 37ms
37ms Image
image/jpeg 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e623892396d4c27ed16b05b2647e5dd2721e66233718809dce32a4ebb129a252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:21:35 GMT
x-content-type-options: nosniff
age: 168364
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46423
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 09:21:35 GMT

GET
H3 200 glow1.png
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 906 B
933 B 48ms
47ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/glow1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0878b0132b9593004bc867e5a9caca3e4b8ccbf77fd16b6cac044e05aab10d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 07:36:24 GMT
x-content-type-options: nosniff
age: 261075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 906
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Dec 2023 07:36:24 GMT

GET
H3 200 glow2.png
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 920 B
947 B 48ms
45ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/glow2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1e6977c97d06a3abcc8d1fd1066c075f628c1d5606aa59e97f7d83b76cd6520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:21:35 GMT
x-content-type-options: nosniff
age: 168364
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 920
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 09:21:35 GMT

GET
H3 200 glow3.png
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 1 KB
1 KB 51ms
48ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/glow3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c6e44da7758d9332bea2c252fca3747aca424873369dcf1fe0d7246a5eab17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:11:26 GMT
x-content-type-options: nosniff
age: 154573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1201
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:11:26 GMT

GET
H3 200 glow4.png
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 2 KB
2 KB 50ms
47ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/glow4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

222b9757cedea663b1a7cad06ccf4ec8e97d29ebdd5e694f72338cf00e261194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:11:26 GMT
x-content-type-options: nosniff
age: 154573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1841
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:11:26 GMT

GET
H3 200 glow5.png
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 892 B
919 B 51ms
49ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/glow5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cae78c07458a9dad63b93c30ca8c0e545ccc4a36faee919174b947cd9fa3f43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:11:26 GMT
x-content-type-options: nosniff
age: 154573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 892
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:11:26 GMT

GET
H3 200 glow6.png
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 1013 B
1 KB 49ms
47ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/glow6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09dc9ca0e44e877bd2cb35abcf57287c22a89f4301c7163bd04a7c9c2eb28a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:21:35 GMT
x-content-type-options: nosniff
age: 168364
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1013
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 09:21:35 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 2 KB
2 KB 48ms
45ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11f8f43550598a3533e2a0fa1825a3548f4fd0dd5953e48a6ac2e8c4d358fd06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:21:35 GMT
x-content-type-options: nosniff
age: 168364
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1966
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 09:21:35 GMT

GET
H3 200 cta_glow.png
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 2 KB
2 KB 53ms
51ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/cta_glow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983ca12c60ed1dbeefa81589ffa6f725a5bc804776bb21845213ee4672fcbd64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:11:26 GMT
x-content-type-options: nosniff
age: 154573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1830
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:11:26 GMT

GET
H3 200 txt1a.png
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 2 KB
2 KB 51ms
49ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/txt1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fb4f7390884fbc0fcccc0785dba622381ec58fa3abe84803df6b7b511b92be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:11:26 GMT
x-content-type-options: nosniff
age: 154573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2190
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:11:26 GMT

GET
H3 200 txt1b.png
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 2 KB
2 KB 53ms
51ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/txt1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

116c2fde67870997da57d3408b110df8666173f3adb06bca4edc7de1489d8911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:11:26 GMT
x-content-type-options: nosniff
age: 154573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1767
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:11:26 GMT

GET
H3 200 txt1c.png
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 3 KB
3 KB 87ms
85ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/txt1c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36dce21067b3249b82280e41f4673966c45dd21b5765db9f23933fb34641e672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3451
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Dec 2023 08:07:39 GMT

GET
H3 200 txt2.png
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 6 KB
6 KB 54ms
52ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/txt2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1422bd301c768c0c81ab05b7fa1fc5441a36c1d7c488bbd3868b3a2c69f5787a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:11:26 GMT
x-content-type-options: nosniff
age: 154573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6520
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:11:26 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/ Frame 6907 2 KB
2 KB 50ms
49ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/img/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f2814a3b5d2bb1b8ae643850494afd11d4d32545ff675102eb11870f9ee70d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:23:15 GMT
x-content-type-options: nosniff
age: 434664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2117
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 07:23:15 GMT

GET
H3 200 ad.js Show response
s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/js/ Frame 6907 2 KB
704 B 55ms
54ms Script
application/x-javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/js/ad.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978ff60a5cb1f41344c68dd89d87e2b4afd276edc752fa71779565804b9ebdf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16574928222668056808/Nespresso-JoyOfGifting-120x600-DCM/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168364
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 675
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 07:53:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 09:21:35 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 781E 158 KB
37 KB 33ms
33ms Script
application/javascript 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459067,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 06:03:39 GMT
server: Apache
etag: "277a2-5e7fbf52bc8c8-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38047

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 261A 38 KB
14 KB 103ms
35ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459067,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=81166
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Sat, 17 Dec 2022 08:07:39 GMT
expires: Sun, 18 Dec 2022 06:40:25 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 781E 38 KB
14 KB 110ms
41ms Script
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459067,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=81166
accept-ranges: bytes
content-length: 13968
expires: Sun, 18 Dec 2022 06:40:25 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 734A 0
0 147ms
72ms Fetch
image/gif 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFMBu3-AEk66O2jTl3cgJftENkTFcfgts5H-QKw7DXypn-x962X5OpRLomu6ryE8nJs6Y01v3JRp45oF5ueRevXeRJrPpOSo4u4W0QFMjVLTSWAuWI4zjt3w8nMGNrRUc-n8hqfQLdaREm10NgGpfFZZAZ_AdZJf0WH5JD8xmvmRg76A&sai=AMfl-YTobMY2QjCfR8miQaASvN_f8CP22nB9xRPLYzMGZJ40lNhRvWjgzoTFRhq8JjvkdgZ3oQrpwtwLaRloRV2qdY1PtMMxb4fEu0Mqil6T&sig=Cg0ArKJSzO--jMPddlILEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=541&vt=11&dtpt=318&dett=3&cstd=221&cisv=r20221207.24282&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Dec 2022 08:07:40 GMT

POST
H3 204 ev Show response
s.seedtag.com/e/ 0
15 B 75ms
31ms XHR
text/plain 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/ev
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.9100ea3f41d5301dbd48.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Dec 2022 08:07:40 GMT
via: 1.1 google
server: nginx
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: https://pelotainvernal.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 261A 2 KB
3 KB 29ms
29ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71257662&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: efc401ddc077eb5872de502e7f449041b6ae9aefe1754c3b99525cfd09301fb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

502

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8516
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:132d639d-78cd-4100-bd71-bacb350a17e7&gdpr=0&gdpr_consent=

568 B
642 B

34ms
34ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:132d639d-78cd-4100-bd71-bacb350a17e7&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 568
content-type: text/html; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:40 GMT
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sat, 17 Dec 2022 08:07:40 GMT
Expires: Sat, 17 Dec 2022 08:07:39 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 254 34fcae8 master zrh-pixel-x30 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:132d639d-78cd-4100-bd71-bacb350a17e7&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 913A 43 B
363 B 144ms
37ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:39 GMT
expires: Sat, 17 Dec 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 257735
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 9236
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7395731750294412503

42 B
216 B

29ms
29ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7395731750294412503
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 17 Dec 2022 08:07:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7395731750294412503
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 392A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=280CD529-6208-45F6-8529-B0BE05611F49&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=280CD529-6208-45F6-8529-B0BE05611F49&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

205ms
205ms

Document
image/gif

67.220.228.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=280CD529-6208-45F6-8529-B0BE05611F49&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 17 Dec 2022 08:07:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: E5WAYDVS3HCT7FM99ZFQ

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 17 Dec 2022 08:07:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=280CD529-6208-45F6-8529-B0BE05611F49&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: AG8ZZ7SX3WJZDGY6JQZF

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8E35
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=680161537510071120&gdpr=0&gdpr_consent=

42 B
445 B

131ms
35ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=680161537510071120&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 17 Dec 2022 08:07:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: b609c942-650d-4b6e-ac2d-1fcfe4f11e8c
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sat, 17 Dec 2022 08:07:40 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=680161537510071120&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 261A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KAzVKWIIRfaFKbC-BWEfSQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

35ms
35ms

Image
text/html

2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:40 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=81204
accept-ranges: bytes
content-length: 5554
expires: Sun, 18 Dec 2022 06:41:04 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 261A 95 B
382 B 94ms
44ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=280CD529-6208-45F6-8529-B0BE05611F49
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 77ae2a9bbf1e9b3d-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 261A 49 B
266 B 162ms
48ms Image
image/gif 34.252.235.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=280CD529-6208-45F6-8529-B0BE05611F49&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.21.211
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 261A
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3200421385
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=280CD529-6208-45F6-8529-B0BE05611F49

0
277 B

96ms
32ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=280CD529-6208-45F6-8529-B0BE05611F49
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
via: 1.1 google
last-modified: Sat, 17 Dec 2022 08:07:40 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=280CD529-6208-45F6-8529-B0BE05611F49
date: Sat, 17 Dec 2022 08:07:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 261A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjgwQ0Q1MjktNjIwOC00NUY2LTg1MjktQjBCRTA1NjExRjQ5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

84ms
28ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 261A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFrHGGVQ2SH4_bkO3wHPTQ4&google_cver=1

42 B
380 B

54ms
29ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFrHGGVQ2SH4_bkO3wHPTQ4&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFrHGGVQ2SH4_bkO3wHPTQ4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 261A 43 B
612 B 128ms
35ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 16 Dec 2022 08:07:40 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 261A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5933519048619694325

42 B
219 B

35ms
35ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5933519048619694325
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 17 Dec 2022 08:07:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5933519048619694325
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 261A 70 B
264 B 47ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8670 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstR708rJFGfgwkMHT3UByWTxHcvqoqq7dR5hjaF8z4asm0QmJLDq6SKH59eYs6Vwger5_qdoLKT-9lcnphgx9K5d9Fwuyfa-NZ1UKpuvVEU1lQODt7R1yD18ngXGBCI8Jzdm2jLRg&sai=AMfl-YRMUgLeRmR9efuGn9CJAs4f1cOH965tlbodulEu7gIX4aUUV33pRWMH9d-Y00S3zdMivl351asVPqjHXGR5sBPJwJvDzCFEfdv9Wg&sig=Cg0ArKJSzGsFFnHSXZtkEAE&cid=CAQSKQDq26N9cAtjYefID8LU01iXG_PH40I5BrXpWrcRtk17x4EJRSTzr3obGAEgEw&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,767,1000,1103,1103&tos=0,767,233,103,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671264458735&rpt=286&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 89ms
29ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: YMFZEZYBJKEKRNPV
age: 2566
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 77ae2a9d2e25695b-FRA
x-amz-id-2: rR7sHzWBBNucr3XhEuqI/nIptBfNR4Bk4gz/tZK0aI7ojtEYwwSH/6l9FgWTrmHoO3CAY8xfMq0=

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
818 B 24ms
22ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Dec 2022 08:07:40 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 13165
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
x-served-by: cache-fra-eddf8230064-FRA, cache-hhn-etou8220020-HHN
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 522ms
43ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Dec 2022 08:07:40 GMT

GET
H3 200 container.html Show response
c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0DE7 6 KB
3 KB 110ms
36ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:37 GMT
expires: Sun, 17 Dec 2023 08:07:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B6D7 6 KB
3 KB 109ms
39ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:37 GMT
expires: Sun, 17 Dec 2023 08:07:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 91ms
25ms XHR
text/plain 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8857 640 B
262 B 72ms
71ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGPuul9sBMAE&v=APEucNUKAANZUygKHObpwYS_Hn7-sQKpWWmunKTDXeZ9SownQR3CwCVKfysiedwFTYvDVHSxu_VHMDNP5NcB7am8jIrEGwYd3jMre6uOwXomGGMImrjRMZ4jyo6QcAsCYAbji3D3pC8WBSBFVGTfTTgqUYv0kJgEtAKMA2tprv2eC0wxhMgcZGw

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0DE7 15 KB
11 KB 94ms
94ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAVWFqaRVHiqyboh2xRrslIQvhOZdzVFuHWapyE4-TA4C-MT2D9vTmT_61ABhzEJwA5rzXt7BqfUgTsZjY8eIqA_BsM6UshviLhjbmsUlV9rMBeJncw0RrwyQf1vxoHd5u0kU1agBD02XLu6J639VdPT1FT3j6cRcLfRAR2HMJ-vCFZQ8&cry=1&dbm_d=AKAmf-AiwNUUc7ZlH11Ee5djeXGgQZdeeEWihQM-zB8ihR8nL-1sZwiRmdaEFlWsxVz7xNqNjaNGjMRVc-RrCVDbMK14R8tvS_bM_UzN0wEI1Zq8PxoaEwHX-td7FW7Liy856JWwG3TpZsMeg9N_wzAQWHomPr9_Q0Evm5d4oh7IZxDYrc9BxeUX3INsru9h7Dgyza0MqMP1WjUN1OffcCLz07gSjF2tyscoJ9z4fLBUdYtF1fmAEZEOR2ZABIHIhlBcUY16TdPzciP_mSjqI0l1s2GOsWiy0ITJf3EZ7d7EG8nfPebdWyCFazzqLrwxqJ6U1sT4Kl2aHg2gax9dO40ktW-Fri1Fa2G_BM32PAqS2LViGPEtUp0jtvGTC5XF3SqHuTKAHTSViE2SHX0gYN0-BGD62LhAije5zu0VN0nNHsNcqz6tQCaEMiEclyfSzSRm1SD0bv_n56iByASttWg6PZiQWV2lx0HZPCYJ3FDTChLThVpWlisZ_T6PpcA2A0Vdk-lhzdsPSrRmMgihQUZBoDUsdBEew6zLzO-Q4wQoUE0SzArcpa2NMT6yqN9N_4Ketafpr_XTFA7btw_m3-kr_3WUnZImDlAF-CQBo4EYn7NWSv8ZCzPYtONSzamVFr4Y1QNYsPFzuexQe_jAgga7mWmqxgP62xNTd9XaTdwdShWVgmkhFfQk4L_1ZgQblatQyLR4upUGloESFiT8Lz9n_ZVWdrUKwMR5CoaUQ13Z3594DnrJnD9CWP8mAhTtBvDtsDed5taIybcFEZgHifOjK3N_j1Ar_HsLVe2IhDbVSDCzT0yAgub4yuY_-O8gY4SE3dkRjDSZHF1_1mnlcK-sxVTZKg6SsBzUiPOOTfZ_EkRYlVs5uVEaUCVjrsfwGkvEHU3NwJqXoECo0P1Ia6uT_maNK7Xd6Ntai0RE0XOPQvzS3MCPLy92D4YpIqbux5IAv1i96VSPXpibQzmW8jE9Jz1TlckpfrH5RMfW2PHOumt6oc4jxYDY06T-Wa6hbc93BB-ybhjki-31513gRQ4FHcP3l_5e7bY1iQ82n-q_8UWZ3kAGiDLDvGp4mvpPh_IFp09XCofqVby7ZLdGQRXOXYskNaTCS7n3Ocmp5KRsx4WjttvozvlIbJRisUmaNpS6IVAffGufo0zuxblvuOv3lbHEOTMXqweOAbzkrl2Kx04ao_tQp4fhrY_uoDs0jUTp1yQ9l985T3Mb0dkIBzPQwXNvDRA-qxBy59r46c-GPovcyTLmuMmCPYUGCb5zuh_y6j5NiL4_2KmrP3qHTXe9zRImLbf_vWrBpePiRh2PZPK6CnrmyF_IcVr42chgUu0ruaJuKJ59T0wR9dNiDlh3EOPaZqm-3M2wR5ftbNQReulS8baHgrHXN6dGlBctv6Xckeh93h0e8oZ1UZ2F4NhSWj6nIGfNEkUoYt52Kv0_59YEwas9fESgUJQs0gydNXNvOb3W7IfABnKxp8464PUk7g1NM_pR5N_LHHcFF9_lzmBiF6P4-b8vNkzWqMaSQk0pqpuQOz_bJF6eAgP0qAKMIR-roLBKKVLVxIqCR8UK1IEWn61HJiDYdf_0YP0-QoPHyYzyIY9btkGHbKBAxe-DpxQXlAMqmH6rLppWco04APHXzvCfsVFwFSJcTGVDRAPM5W_3-ObVUhkN6tl3xbo92b37JST6celFwT-TUj3_cRzrG7H54_vrIlEps24DBTgVnI_gZTV0vf_dvt1Ru6mlL-hf4EQtggOKjpS4E3GVSl5twXYTdGMDEYUrTvIzvMdNk78tGIYCU3BwlbZACD4ZrEqf7Fb2xdKyEJvzvaSimih5lv7eHpTSJ2yW3yeGZxp3lvZ9FZ4g_p8v3bWQmwEIBCe2hVfwEi_dnceb_5OgoMEZSkp8E8GMmL_aIP0tQqc-_bZrD15Ewik_OzyBJAS66aMl3JQs6gUVKRNmCfnR5OWd8VJsmpzSCccndKdadhVmUF4zrpdzzGc-hsFZ5rMTYAOT6xQ9Uv5a2s-O-ByBOe4gTwoK7vRiVZXiR7fFXvUCORD7VbFFipRmvu9EwjB9GQxqamPnTlmHfcPkgP4SjDkc5DPw21FD-Qm2t2jpQhZE6Hj4vtN9Uti7YU9r1p1ypC8ttcmKVQV9LtxIY_8qR4iTwP7TUD8QEYy7pa7Lt3EFWyW4rxaonedzrnAP2BF9rw1IPcukgbMwq9VRCdYdldsnPpgHqEA6ebJ9TWJ3aIIDcpoolmMnOQ1lpgE3O8ktdEnZHJ9Th66zYDB6qiarsnygRpQcix-17K5ZFI1d8K9N14hsTHYK3b7VUwFh8a_UUXPSURJEnqguf7kA6g9HZ87pscQ_9TyAACuIXfEQrJyiLJdr9Anr0Ij5sGv2I8aJI1sXNnqksx1VgF5A2HYhvhg9td1hDbcI9_4dfvLAHhcCY-EOrI-tVMhxhTuZnSwK-7ZqiBy02sEcZNbrianu05qaRpP8aIMq0Pu1BAdx_4582elkJBZuQWHgroI8DBiqF6ybCD_LYR8DM8LQsBayUmPvPuiTub43HYiwfhGYwVIJCLT6SjDVnB9b9J-A6Zr5i0f1Y2Xei8T7MwSbByvtUHIc03HqIL7rtNjrv_o6NsNCnk0sBpW2qgaAc4V3lNJaKrPKFf0iFEx1X7msfRbXSwZv5PY0FO8morD0IL8LI7lp1Y2KvE5JTZT2jvc7zfK4aQXvMf6ZS-TWVur1cKND338ANFhG1wlsLchKxHzq1M8VODlBBWu5UIC2MuHCiCLObulZminscQhuu-r4NUrCzKffwIblD7jp7LqJFsyjmzG-3N8d-H9gzq4meRG575CUU0Kjy4iiyaJYuigXX8761474aaWLHa-tlU64AH8r811VyvOlfE6-g4GHymCLgmqs1wFNuOMuW0t2WmYyETfI2klP19eJA-ATXe1r5aGrOMZV1bWac5lv97g0GpgAh3-CzlcwWxEb01N752QVWueErk70-9_haNh6yVpwabWUJQBjuFtwLV3BkjwTSmzVXIkkI6tAo-x7sIH0V6L8F1lGZO0xXQ0PJbCIlP9O7TiYsSHiyyluB6d_9cnIK82A01rSlcBoODs1fEzYhjWWWO_YnAoKLWGr3WHM87aLzn9job9XZPOzkuSPhUFTBbzsmHggtebEQ6oZnl78OYK6VR-MNFb60t6vNDapx--hTmSsAmzm4mvLtvc9sRgpMKRHQLJWxr7xTwrBum_7T3ISnV6M71wATbN_fyl759xqAYJ_3RgdlmSU9uaHVdTH0xjkCxpCUAEJtl-S4C77jEkP5aiXbBGKzpmngDhUaGYPxgCaQxsMKcEccslDOMIxsSwuf3_QPdmgTdV2KA&cid=CAQSOwDq26N9A3P5KuK6rSF9vJ3eQfdtg761NxuMe6lZFpSWSek0Gbat98Dv01_8dBqdI4GB9DRgWuwQvtlOGAEgEw&rfl=1%2Chttps%253A%252F%252Fpelotainvernal.com%252F%240

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32783ca8dfe504a3421d80bc94528cff98c76529b6c6f6ac9cc7aa2a741e13df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11409
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DE7 42 B
63 B 69ms
68ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DVpyn4KYO-YT-5FA_q4KI87kC97nhcgAk6XW32C42LCxdmY5S1ak3-A7abEkn2zu9xh4FZHPXhhdqGXwo2evKXB0NF8j5w0dzlhCrqbhIMn0mLj-4

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 0DE7 2 KB
1 KB 154ms
34ms Script
application/javascript 2a02:26f0:11a::217:9a8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=198000&plc=6985919&sid=18330&dvregion=0&unit=300x600
Requested by: Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a8a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Dec 2022 17:24:35 GMT
Server: Microsoft-IIS/10.0
ETag: "a15e57c517fd91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0DE7 3 KB
1 KB 36ms
34ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0DE7 18 KB
7 KB 37ms
35ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:19:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0DE7 0
0 31ms
30ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1SB3Qdphhmi2PhbmsXKfFsKt_1F2RkL_RzyzXwEh5IihSfN2vOidEI58DZfJR-yfifnRyUkiNVuTMkQaY7KSdQucmyg
Requested by: Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DE7 153 KB
47 KB 142ms
141ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 08:07:40 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 781E 27 B
553 B 215ms
35ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459067,,&us_privacy=&cb=1671264459902&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fpelotainvernal.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fpelotainvernal.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-12-17%208:7:40&ranreq=0.6398832511200316&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459067,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:40 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://pelotainvernal.com
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0AB6 466 B
235 B 72ms
71ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNWPGZDzP8rd-b-Yk1qyGkvHdWbGQ6SmEpBkPyy-_4-Z0DnKs0g57vX237YtxeK3hAqMe1f1qhG9qznanpwmofxKYfQ2vg-GLaRrvUu-_ezALbKASkD5YF5pO7VPcEQOlmpmczzIElIVSI7-AxQP5QI5HqzpamgzCNNJ0T1wOpkACEQLUis

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B6D7 85 KB
35 KB 107ms
105ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSBbkJk8Kt4HXJzzW_a6A09LJKQ5PVV-jqKIksXd8hK2NKYIu0thGcIRDdNAK9azz8O4gi4wqqR9OdfgUEgxQRpdA5Ikxlkjiz2e_P563zPXXgDvZM1r-u4o9zeOp7izVo8P1B7V-XzmUOU6mTiM0WqYh6IEI75Kg3eqkO-fXXpvfutKM&dbm_d=AKAmf-A38m6MTAOiT4Q8aKyBvhF8ZQvKAvqwgvPUwycYethANAxKYJEaQMTcKeYQ_mj8vQBLE2iRE2LCBHkHymmArfLqm3QnSVIoc5i1Kcv2yX3mOemWbm5hBUO7y_WPODwrFk773fok0uO12M44uj3APHjxe5OoZPlMrz7ZesIbjUAugJ0AR21I3Bb8QxUliiQ5GxPkJvD9zbxUHlso7_7QMJA0t6-F1re84ROY3Lr2BBdjwjfokXoPwPAN9M0rit80FKCw2hX5ZR3KBhvnNpE-7zfho9MWsxGxESrDbqbjmFrSqpWP3doN49S4DBoGw4kcGuODq0YbkrkS2jAx_vzuicgYG5sE7_P9_h-AL2iG1EVtzyeVGkxz3Po2JcWg6mLMCMSdJn9tZGuawODFAuFAoPQS0EdrW2KlNEXQfQOTWtBc9EK0C86sln4rUXAvY_1tU922WYXzYfbdQq3iuqmm_aEBFM5EK4pJpuADnmuAJVOkwOB4n7TeYkrnT6uxUBV8tanjBfsLlilBAEeH66GZvVHQ9hHFyMfKdy7tjSD0EEpBPxSu_HWZNRxBAnVi2OaM8Gw-tTZYuuOAkMS-T0DxzYX_Z9NpdPDo1hRhP5y2EsBRziygnyuhKGftJknOE6afniPr7zNepWTkyDM6BSb0DNpEmNbw5_Q_Kt_n0LwM4w-Em9VC94eu2JONrb8s81CuEAXIo9Ac_L-gMQ7lbDGrKwRar3LuWlOZrCjLFwdH6bY3Q3von0uD_4C5lQWd9QdXDH_wF15wkI_v4rESjTnBBpyLxbG65qQjMTf5ujCV2D2JeCSGIDviz0ixOUQe5dRf1fIQ_3lZ2vJKAbLzqxkXm2wIVzMZygsTmLr9NinC1i81tUoF_0Tsl0FORMWlpbdR6o_iTDmfJ4FnQBGhXo1sj74ug7g9ZjDdtJHdgQzKjk7IOY71Hc5mIUge32P-86REaIk10B86p1T792lc1n3Peh16IKywHFflnvuFusJN_kCxYJUc0o7xuMEzNCUnG7NWoj--GJRwKMg1hW1J9SxBs40uBs2hOZXPPCDHrr0aMegCOD8UQM8vaRS73tlM_3yRoo2dHztk0Vu4JVXPlXCq7tvdMPDrAcZWRbs1Ivlg6ftPy0Bi86WyWqFFjrsXqGiaLw8R043CowZdMW3aP1yG2tkV8LtmozO7H9ZOPT9d1imlz9VAeWBGJibw1t9xr8Sql9k0GNYRQcUtr3nzjV06hbyFanWTLIsC5BVRnMcIxMt9HdgrL8ZH2hLwdSbmHXBMedRiJM7suvsd2yjPHfjCOzF5CwZ8A5aMtLQ-DGmfBM05ML_5m6E9z8npct9eo1ssii6ddxx0LYEnWkyJ4n8HfC5dpFL9fjtVbRY89g9UgXskFAFAv15nM5011swu-zDfTlDoPPvX0fwVKVzjhZfsLSBVrM7tpPEXn53Xq0SdyV9gCQ8hdmUwPBEoURbo_r8PEt3aZEeXsmKaYqe2NTXHtGNcmDMsZIInzGD_skyeA2CO__bgjaKccuHkEMhKi3lgVzVrOEtZSKSHz-Nw4rgtf10kz3EgfpklhbMr0hU-UeozY3CueUKdeYeG3J85mgK52cxeeMCApxBPOoCrdA6by4kNuvZsih6MMPECHvN7CNqceqh4sqUx_nb6c7x78axj_WW4zbjcOc59Oqp655d8N0sxXNDBn6Pt_Ronu3Yp7RViHY9KqUyPrR8tcoZHhKpAyqq1qNu8biQjR9wH_W7WpSmtYAe3aN-rFy47jFT_Pn95cTzz7is0hVmhMnODvN-dHGUC_wOiwRqHJx0OXTh8LR4voefX_RVW_PBNHi207MkvNn4khDSKkA230lYmOzsNpTKiFfDxEu6dkSCKj6PtBbjvM8fMNStu79hOVmwSDqEPLZgCbFZwVy8TZQpGcsvi84tSzqzQT5m4vwOOKXMUVv9BhGXTimTJer-wCkIdWwcG_QNHj-UJPOnGt1I2GDJP7oK13f1-KVv47vjXM7CuelTCa7t66tr78FGSGj9bFcafoiloKI_8NwVaBi5WLU0_yaxWgATUIjmrGcUIsADxTijis3uX6SuvABu2zoh0ifaxiB55irjBYlMGhAt3suZN51rtfkRMTD10PqKVCCOmFJc4vOwMmA2ooUhHt0gI8bPNK48clePltvc74k2GYKGyacyoj8wuIrUeC8NuYJaDs-w3Gk9NpbTsWEYSUcY9lXYhFtOydUIzJD8OiPd4rZ9RuQsgYtS6kOgC1ZfpgBmXQe5JoroUzINVLWZgofICXDAF1n5PTHuI0zQiu-TO9ED8y-S4lkuCJSld2EQ56MupXSYcSV2CcNHRpR66sw-x-wKsYlMfKSPLdrmZDt2E9WF0XxQltV0WH2V2zF1Uo0BuSwQG7yqAUbigXGwQT_cezntabpVZ-U8gj87gs3XSagDqPf3SfO-GUV_fY38qdh0AXegVIwdfKBhl6ViNwG7GJt4Em7zI77PBaaKSDJ__ssdBC5iuenFJs57lNeVVxUw4j_dfc4gnouWngrpzTUz1roudMPG6owooNrr5I0hkDWhawzYBEvr_qXSbMJzIixxNl71qRBJM2A-5O5lbj4VlrUU7d5gBOfXsmhU_u7cNth0PG4rC4lWRYhwmiqUWjU2D-9Bw6TGLWcohb4t4AfpR33qxgxRuImoI0Msz4HvFHsIDe0h5nqxbgL7MNY8g4hcnM_7VJuYGZ-vvBIRPJxC8xixymQkPLHFsWHFG3rwgQ2Yffl1MvXsJII5yAfIxwwSBS-GygffyaAyrNFC5HQ36wGEPvlEZ8piSl1_QgmfFxwpMJXPPH9tp6waycqFtEJZfuBqc-ff1CN7H-_JykSgLkfwmta9IiC7nQuMvNU8_EMLaR-MVokvT0bmKcDfPqP2rDE5OLzLYvtVKdVWvnxKs7kE16xHga4X3_26DbluGbr_jbrSNXmzDzcXjSRteherHGY7TogJWPj5aw9HrGaDaS1BbSYvi0_LyORIArd-RCvb25M7a1qdHTVWp4ZKPpNZWlwUw7xi1ZnlQ4ZaeoRxoTERmEjtw0k1jInngTWiY7gmKytdgcX74UITcc5vTENu0OMxzseb7qSxbQw1MNLsJSioxX7bMz563dHrdYWWh-egadymg9ufbHcQ2WmbqbVt_t8eFd3BmglYnbxV8HGUzjqWXitX6eA0Cu7gDWWPwb8xHKzvFoumXM8ejvUBeAiiXJ46rMmEBf5B7Pm0efgtHV2CUeTSkeKWaGsLMWmdlIOARUPaOZJ5iuXuiB_jTW38gdj6OAl4gOg&cid=CAQSOwDq26N9A3P5KuK6rSF9vJ3eQfdtg761NxuMe6lZFpSWSek0Gbat98Dv01_8dBqdI4GB9DRgWuwQvtlOGAEgEw&rfl=1%2Chttps%253A%252F%252Fpelotainvernal.com%252F%240

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19a4a578621340bbaafeb46490e966c97367374a75fc6cfb260e8f463cb59c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35483
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B6D7 42 B
63 B 69ms
68ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B0N3nIitK_upBiO2s8eR4ZgKaAbN2_Z620xAu_c09qO8umA3nLxiJNTcn2xAF_EMdWTAEWLox8NKRm6tcSwZL11xQnkoKfoc2YjX3-aFzuByTX19g

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame B6D7 47 KB
13 KB 138ms
50ms Script
application/javascript 54.73.29.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=19081025402&pubId=1&placementId=396819421&adsafe_par&bundleId=&dealId=&bidurl=https://pelotainvernal.com/
Requested by: Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.29.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-29-246.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0f69e5935b0388c56dd59ef9c83713119d9c2d2d321121a129a2e4eefdb9b5ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B6D7 3 KB
1 KB 36ms
34ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 07:04:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B6D7 18 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 08:19:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B6D7 0
0 32ms
31ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuxCKT0H2tks6rGn7FESiMepcBoWENnfdNINcf2JteHxwNlnYK81se-emxDILl1e3JeEib1X8Wni8tVO9mklhLyMgkag
Requested by: Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6D7 153 KB
47 KB 205ms
204ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 08:07:40 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8857
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELZUW869VHsPa4vxdnimZgs&google_cver=1

43 B
114 B

31ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELZUW869VHsPa4vxdnimZgs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGPuul9sBMAE&v=APEucNUKAANZUygKHObpwYS_Hn7-sQKpWWmunKTDXeZ9SownQR3CwCVKfysiedwFTYvDVHSxu_VHMDNP5NcB7am8jIrEGwYd3jMre6uOwXomGGMImrjRMZ4jyo6QcAsCYAbji3D3pC8WBSBFVGTfTTgqUYv0kJgEtAKMA2tprv2eC0wxhMgcZGw
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELZUW869VHsPa4vxdnimZgs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 8857 43 B
304 B 114ms
32ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGPuul9sBMAE&v=APEucNUKAANZUygKHObpwYS_Hn7-sQKpWWmunKTDXeZ9SownQR3CwCVKfysiedwFTYvDVHSxu_VHMDNP5NcB7am8jIrEGwYd3jMre6uOwXomGGMImrjRMZ4jyo6QcAsCYAbji3D3pC8WBSBFVGTfTTgqUYv0kJgEtAKMA2tprv2eC0wxhMgcZGw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 8857
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEIvjMW5MjX2kewgpO5I7C90&google_cver=1

23 B
172 B

156ms
71ms

Image
image/gif

104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEIvjMW5MjX2kewgpO5I7C90&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGPuul9sBMAE&v=APEucNUKAANZUygKHObpwYS_Hn7-sQKpWWmunKTDXeZ9SownQR3CwCVKfysiedwFTYvDVHSxu_VHMDNP5NcB7am8jIrEGwYd3jMre6uOwXomGGMImrjRMZ4jyo6QcAsCYAbji3D3pC8WBSBFVGTfTTgqUYv0kJgEtAKMA2tprv2eC0wxhMgcZGw
Protocol: H2
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 17 Dec 2022 08:07:40 GMT
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEIvjMW5MjX2kewgpO5I7C90&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 8857 23 B
172 B 249ms
71ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGPuul9sBMAE&v=APEucNUKAANZUygKHObpwYS_Hn7-sQKpWWmunKTDXeZ9SownQR3CwCVKfysiedwFTYvDVHSxu_VHMDNP5NcB7am8jIrEGwYd3jMre6uOwXomGGMImrjRMZ4jyo6QcAsCYAbji3D3pC8WBSBFVGTfTTgqUYv0kJgEtAKMA2tprv2eC0wxhMgcZGw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 17 Dec 2022 08:07:40 GMT
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 0AB6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEK8jK1TtRlRN7rhvW8UxVWE&google_cver=1

43 B
548 B

122ms
30ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEK8jK1TtRlRN7rhvW8UxVWE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNWPGZDzP8rd-b-Yk1qyGkvHdWbGQ6SmEpBkPyy-_4-Z0DnKs0g57vX237YtxeK3hAqMe1f1qhG9qznanpwmofxKYfQ2vg-GLaRrvUu-_ezALbKASkD5YF5pO7VPcEQOlmpmczzIElIVSI7-AxQP5QI5HqzpamgzCNNJ0T1wOpkACEQLUis
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:40 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 10
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEK8jK1TtRlRN7rhvW8UxVWE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0AB6
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGZiYmE5MTQtN2RlMS0xMWVkLTg2NGItMWZlM2NkOGYwMDA2

170 B
188 B

59ms
59ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGZiYmE5MTQtN2RlMS0xMWVkLTg2NGItMWZlM2NkOGYwMDA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNWPGZDzP8rd-b-Yk1qyGkvHdWbGQ6SmEpBkPyy-_4-Z0DnKs0g57vX237YtxeK3hAqMe1f1qhG9qznanpwmofxKYfQ2vg-GLaRrvUu-_ezALbKASkD5YF5pO7VPcEQOlmpmczzIElIVSI7-AxQP5QI5HqzpamgzCNNJ0T1wOpkACEQLUis

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Dec 2022 08:07:40 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGZiYmE5MTQtN2RlMS0xMWVkLTg2NGItMWZlM2NkOGYwMDA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 118
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0AB6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS01Um80Xy5WRTJ1RVo5WTNMcmJ3ZFdpVkVfcG1XV2dtc35B

170 B
188 B

88ms
88ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS01Um80Xy5WRTJ1RVo5WTNMcmJ3ZFdpVkVfcG1XV2dtc35B

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS01Um80Xy5WRTJ1RVo5WTNMcmJ3ZFdpVkVfcG1XV2dtc35B
date: Sat, 17 Dec 2022 08:07:40 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0DE7 41 KB
15 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAVWFqaRVHiqyboh2xRrslIQvhOZdzVFuHWapyE4-TA4C-MT2D9vTmT_61ABhzEJwA5rzXt7BqfUgTsZjY8eIqA_BsM6UshviLhjbmsUlV9rMBeJncw0RrwyQf1vxoHd5u0kU1agBD02XLu6J639VdPT1FT3j6cRcLfRAR2HMJ-vCFZQ8&cry=1&dbm_d=AKAmf-AiwNUUc7ZlH11Ee5djeXGgQZdeeEWihQM-zB8ihR8nL-1sZwiRmdaEFlWsxVz7xNqNjaNGjMRVc-RrCVDbMK14R8tvS_bM_UzN0wEI1Zq8PxoaEwHX-td7FW7Liy856JWwG3TpZsMeg9N_wzAQWHomPr9_Q0Evm5d4oh7IZxDYrc9BxeUX3INsru9h7Dgyza0MqMP1WjUN1OffcCLz07gSjF2tyscoJ9z4fLBUdYtF1fmAEZEOR2ZABIHIhlBcUY16TdPzciP_mSjqI0l1s2GOsWiy0ITJf3EZ7d7EG8nfPebdWyCFazzqLrwxqJ6U1sT4Kl2aHg2gax9dO40ktW-Fri1Fa2G_BM32PAqS2LViGPEtUp0jtvGTC5XF3SqHuTKAHTSViE2SHX0gYN0-BGD62LhAije5zu0VN0nNHsNcqz6tQCaEMiEclyfSzSRm1SD0bv_n56iByASttWg6PZiQWV2lx0HZPCYJ3FDTChLThVpWlisZ_T6PpcA2A0Vdk-lhzdsPSrRmMgihQUZBoDUsdBEew6zLzO-Q4wQoUE0SzArcpa2NMT6yqN9N_4Ketafpr_XTFA7btw_m3-kr_3WUnZImDlAF-CQBo4EYn7NWSv8ZCzPYtONSzamVFr4Y1QNYsPFzuexQe_jAgga7mWmqxgP62xNTd9XaTdwdShWVgmkhFfQk4L_1ZgQblatQyLR4upUGloESFiT8Lz9n_ZVWdrUKwMR5CoaUQ13Z3594DnrJnD9CWP8mAhTtBvDtsDed5taIybcFEZgHifOjK3N_j1Ar_HsLVe2IhDbVSDCzT0yAgub4yuY_-O8gY4SE3dkRjDSZHF1_1mnlcK-sxVTZKg6SsBzUiPOOTfZ_EkRYlVs5uVEaUCVjrsfwGkvEHU3NwJqXoECo0P1Ia6uT_maNK7Xd6Ntai0RE0XOPQvzS3MCPLy92D4YpIqbux5IAv1i96VSPXpibQzmW8jE9Jz1TlckpfrH5RMfW2PHOumt6oc4jxYDY06T-Wa6hbc93BB-ybhjki-31513gRQ4FHcP3l_5e7bY1iQ82n-q_8UWZ3kAGiDLDvGp4mvpPh_IFp09XCofqVby7ZLdGQRXOXYskNaTCS7n3Ocmp5KRsx4WjttvozvlIbJRisUmaNpS6IVAffGufo0zuxblvuOv3lbHEOTMXqweOAbzkrl2Kx04ao_tQp4fhrY_uoDs0jUTp1yQ9l985T3Mb0dkIBzPQwXNvDRA-qxBy59r46c-GPovcyTLmuMmCPYUGCb5zuh_y6j5NiL4_2KmrP3qHTXe9zRImLbf_vWrBpePiRh2PZPK6CnrmyF_IcVr42chgUu0ruaJuKJ59T0wR9dNiDlh3EOPaZqm-3M2wR5ftbNQReulS8baHgrHXN6dGlBctv6Xckeh93h0e8oZ1UZ2F4NhSWj6nIGfNEkUoYt52Kv0_59YEwas9fESgUJQs0gydNXNvOb3W7IfABnKxp8464PUk7g1NM_pR5N_LHHcFF9_lzmBiF6P4-b8vNkzWqMaSQk0pqpuQOz_bJF6eAgP0qAKMIR-roLBKKVLVxIqCR8UK1IEWn61HJiDYdf_0YP0-QoPHyYzyIY9btkGHbKBAxe-DpxQXlAMqmH6rLppWco04APHXzvCfsVFwFSJcTGVDRAPM5W_3-ObVUhkN6tl3xbo92b37JST6celFwT-TUj3_cRzrG7H54_vrIlEps24DBTgVnI_gZTV0vf_dvt1Ru6mlL-hf4EQtggOKjpS4E3GVSl5twXYTdGMDEYUrTvIzvMdNk78tGIYCU3BwlbZACD4ZrEqf7Fb2xdKyEJvzvaSimih5lv7eHpTSJ2yW3yeGZxp3lvZ9FZ4g_p8v3bWQmwEIBCe2hVfwEi_dnceb_5OgoMEZSkp8E8GMmL_aIP0tQqc-_bZrD15Ewik_OzyBJAS66aMl3JQs6gUVKRNmCfnR5OWd8VJsmpzSCccndKdadhVmUF4zrpdzzGc-hsFZ5rMTYAOT6xQ9Uv5a2s-O-ByBOe4gTwoK7vRiVZXiR7fFXvUCORD7VbFFipRmvu9EwjB9GQxqamPnTlmHfcPkgP4SjDkc5DPw21FD-Qm2t2jpQhZE6Hj4vtN9Uti7YU9r1p1ypC8ttcmKVQV9LtxIY_8qR4iTwP7TUD8QEYy7pa7Lt3EFWyW4rxaonedzrnAP2BF9rw1IPcukgbMwq9VRCdYdldsnPpgHqEA6ebJ9TWJ3aIIDcpoolmMnOQ1lpgE3O8ktdEnZHJ9Th66zYDB6qiarsnygRpQcix-17K5ZFI1d8K9N14hsTHYK3b7VUwFh8a_UUXPSURJEnqguf7kA6g9HZ87pscQ_9TyAACuIXfEQrJyiLJdr9Anr0Ij5sGv2I8aJI1sXNnqksx1VgF5A2HYhvhg9td1hDbcI9_4dfvLAHhcCY-EOrI-tVMhxhTuZnSwK-7ZqiBy02sEcZNbrianu05qaRpP8aIMq0Pu1BAdx_4582elkJBZuQWHgroI8DBiqF6ybCD_LYR8DM8LQsBayUmPvPuiTub43HYiwfhGYwVIJCLT6SjDVnB9b9J-A6Zr5i0f1Y2Xei8T7MwSbByvtUHIc03HqIL7rtNjrv_o6NsNCnk0sBpW2qgaAc4V3lNJaKrPKFf0iFEx1X7msfRbXSwZv5PY0FO8morD0IL8LI7lp1Y2KvE5JTZT2jvc7zfK4aQXvMf6ZS-TWVur1cKND338ANFhG1wlsLchKxHzq1M8VODlBBWu5UIC2MuHCiCLObulZminscQhuu-r4NUrCzKffwIblD7jp7LqJFsyjmzG-3N8d-H9gzq4meRG575CUU0Kjy4iiyaJYuigXX8761474aaWLHa-tlU64AH8r811VyvOlfE6-g4GHymCLgmqs1wFNuOMuW0t2WmYyETfI2klP19eJA-ATXe1r5aGrOMZV1bWac5lv97g0GpgAh3-CzlcwWxEb01N752QVWueErk70-9_haNh6yVpwabWUJQBjuFtwLV3BkjwTSmzVXIkkI6tAo-x7sIH0V6L8F1lGZO0xXQ0PJbCIlP9O7TiYsSHiyyluB6d_9cnIK82A01rSlcBoODs1fEzYhjWWWO_YnAoKLWGr3WHM87aLzn9job9XZPOzkuSPhUFTBbzsmHggtebEQ6oZnl78OYK6VR-MNFb60t6vNDapx--hTmSsAmzm4mvLtvc9sRgpMKRHQLJWxr7xTwrBum_7T3ISnV6M71wATbN_fyl759xqAYJ_3RgdlmSU9uaHVdTH0xjkCxpCUAEJtl-S4C77jEkP5aiXbBGKzpmngDhUaGYPxgCaQxsMKcEccslDOMIxsSwuf3_QPdmgTdV2KA&cid=CAQSOwDq26N9A3P5KuK6rSF9vJ3eQfdtg761NxuMe6lZFpSWSek0Gbat98Dv01_8dBqdI4GB9DRgWuwQvtlOGAEgEw&rfl=1%2Chttps%253A%252F%252Fpelotainvernal.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 15:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 15:58:55 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B6D7 170 KB
59 KB 106ms
35ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
Origin: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Dec 2022 07:35:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame B6D7 8 KB
3 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSBbkJk8Kt4HXJzzW_a6A09LJKQ5PVV-jqKIksXd8hK2NKYIu0thGcIRDdNAK9azz8O4gi4wqqR9OdfgUEgxQRpdA5Ikxlkjiz2e_P563zPXXgDvZM1r-u4o9zeOp7izVo8P1B7V-XzmUOU6mTiM0WqYh6IEI75Kg3eqkO-fXXpvfutKM&dbm_d=AKAmf-A38m6MTAOiT4Q8aKyBvhF8ZQvKAvqwgvPUwycYethANAxKYJEaQMTcKeYQ_mj8vQBLE2iRE2LCBHkHymmArfLqm3QnSVIoc5i1Kcv2yX3mOemWbm5hBUO7y_WPODwrFk773fok0uO12M44uj3APHjxe5OoZPlMrz7ZesIbjUAugJ0AR21I3Bb8QxUliiQ5GxPkJvD9zbxUHlso7_7QMJA0t6-F1re84ROY3Lr2BBdjwjfokXoPwPAN9M0rit80FKCw2hX5ZR3KBhvnNpE-7zfho9MWsxGxESrDbqbjmFrSqpWP3doN49S4DBoGw4kcGuODq0YbkrkS2jAx_vzuicgYG5sE7_P9_h-AL2iG1EVtzyeVGkxz3Po2JcWg6mLMCMSdJn9tZGuawODFAuFAoPQS0EdrW2KlNEXQfQOTWtBc9EK0C86sln4rUXAvY_1tU922WYXzYfbdQq3iuqmm_aEBFM5EK4pJpuADnmuAJVOkwOB4n7TeYkrnT6uxUBV8tanjBfsLlilBAEeH66GZvVHQ9hHFyMfKdy7tjSD0EEpBPxSu_HWZNRxBAnVi2OaM8Gw-tTZYuuOAkMS-T0DxzYX_Z9NpdPDo1hRhP5y2EsBRziygnyuhKGftJknOE6afniPr7zNepWTkyDM6BSb0DNpEmNbw5_Q_Kt_n0LwM4w-Em9VC94eu2JONrb8s81CuEAXIo9Ac_L-gMQ7lbDGrKwRar3LuWlOZrCjLFwdH6bY3Q3von0uD_4C5lQWd9QdXDH_wF15wkI_v4rESjTnBBpyLxbG65qQjMTf5ujCV2D2JeCSGIDviz0ixOUQe5dRf1fIQ_3lZ2vJKAbLzqxkXm2wIVzMZygsTmLr9NinC1i81tUoF_0Tsl0FORMWlpbdR6o_iTDmfJ4FnQBGhXo1sj74ug7g9ZjDdtJHdgQzKjk7IOY71Hc5mIUge32P-86REaIk10B86p1T792lc1n3Peh16IKywHFflnvuFusJN_kCxYJUc0o7xuMEzNCUnG7NWoj--GJRwKMg1hW1J9SxBs40uBs2hOZXPPCDHrr0aMegCOD8UQM8vaRS73tlM_3yRoo2dHztk0Vu4JVXPlXCq7tvdMPDrAcZWRbs1Ivlg6ftPy0Bi86WyWqFFjrsXqGiaLw8R043CowZdMW3aP1yG2tkV8LtmozO7H9ZOPT9d1imlz9VAeWBGJibw1t9xr8Sql9k0GNYRQcUtr3nzjV06hbyFanWTLIsC5BVRnMcIxMt9HdgrL8ZH2hLwdSbmHXBMedRiJM7suvsd2yjPHfjCOzF5CwZ8A5aMtLQ-DGmfBM05ML_5m6E9z8npct9eo1ssii6ddxx0LYEnWkyJ4n8HfC5dpFL9fjtVbRY89g9UgXskFAFAv15nM5011swu-zDfTlDoPPvX0fwVKVzjhZfsLSBVrM7tpPEXn53Xq0SdyV9gCQ8hdmUwPBEoURbo_r8PEt3aZEeXsmKaYqe2NTXHtGNcmDMsZIInzGD_skyeA2CO__bgjaKccuHkEMhKi3lgVzVrOEtZSKSHz-Nw4rgtf10kz3EgfpklhbMr0hU-UeozY3CueUKdeYeG3J85mgK52cxeeMCApxBPOoCrdA6by4kNuvZsih6MMPECHvN7CNqceqh4sqUx_nb6c7x78axj_WW4zbjcOc59Oqp655d8N0sxXNDBn6Pt_Ronu3Yp7RViHY9KqUyPrR8tcoZHhKpAyqq1qNu8biQjR9wH_W7WpSmtYAe3aN-rFy47jFT_Pn95cTzz7is0hVmhMnODvN-dHGUC_wOiwRqHJx0OXTh8LR4voefX_RVW_PBNHi207MkvNn4khDSKkA230lYmOzsNpTKiFfDxEu6dkSCKj6PtBbjvM8fMNStu79hOVmwSDqEPLZgCbFZwVy8TZQpGcsvi84tSzqzQT5m4vwOOKXMUVv9BhGXTimTJer-wCkIdWwcG_QNHj-UJPOnGt1I2GDJP7oK13f1-KVv47vjXM7CuelTCa7t66tr78FGSGj9bFcafoiloKI_8NwVaBi5WLU0_yaxWgATUIjmrGcUIsADxTijis3uX6SuvABu2zoh0ifaxiB55irjBYlMGhAt3suZN51rtfkRMTD10PqKVCCOmFJc4vOwMmA2ooUhHt0gI8bPNK48clePltvc74k2GYKGyacyoj8wuIrUeC8NuYJaDs-w3Gk9NpbTsWEYSUcY9lXYhFtOydUIzJD8OiPd4rZ9RuQsgYtS6kOgC1ZfpgBmXQe5JoroUzINVLWZgofICXDAF1n5PTHuI0zQiu-TO9ED8y-S4lkuCJSld2EQ56MupXSYcSV2CcNHRpR66sw-x-wKsYlMfKSPLdrmZDt2E9WF0XxQltV0WH2V2zF1Uo0BuSwQG7yqAUbigXGwQT_cezntabpVZ-U8gj87gs3XSagDqPf3SfO-GUV_fY38qdh0AXegVIwdfKBhl6ViNwG7GJt4Em7zI77PBaaKSDJ__ssdBC5iuenFJs57lNeVVxUw4j_dfc4gnouWngrpzTUz1roudMPG6owooNrr5I0hkDWhawzYBEvr_qXSbMJzIixxNl71qRBJM2A-5O5lbj4VlrUU7d5gBOfXsmhU_u7cNth0PG4rC4lWRYhwmiqUWjU2D-9Bw6TGLWcohb4t4AfpR33qxgxRuImoI0Msz4HvFHsIDe0h5nqxbgL7MNY8g4hcnM_7VJuYGZ-vvBIRPJxC8xixymQkPLHFsWHFG3rwgQ2Yffl1MvXsJII5yAfIxwwSBS-GygffyaAyrNFC5HQ36wGEPvlEZ8piSl1_QgmfFxwpMJXPPH9tp6waycqFtEJZfuBqc-ff1CN7H-_JykSgLkfwmta9IiC7nQuMvNU8_EMLaR-MVokvT0bmKcDfPqP2rDE5OLzLYvtVKdVWvnxKs7kE16xHga4X3_26DbluGbr_jbrSNXmzDzcXjSRteherHGY7TogJWPj5aw9HrGaDaS1BbSYvi0_LyORIArd-RCvb25M7a1qdHTVWp4ZKPpNZWlwUw7xi1ZnlQ4ZaeoRxoTERmEjtw0k1jInngTWiY7gmKytdgcX74UITcc5vTENu0OMxzseb7qSxbQw1MNLsJSioxX7bMz563dHrdYWWh-egadymg9ufbHcQ2WmbqbVt_t8eFd3BmglYnbxV8HGUzjqWXitX6eA0Cu7gDWWPwb8xHKzvFoumXM8ejvUBeAiiXJ46rMmEBf5B7Pm0efgtHV2CUeTSkeKWaGsLMWmdlIOARUPaOZJ5iuXuiB_jTW38gdj6OAl4gOg&cid=CAQSOwDq26N9A3P5KuK6rSF9vJ3eQfdtg761NxuMe6lZFpSWSek0Gbat98Dv01_8dBqdI4GB9DRgWuwQvtlOGAEgEw&rfl=1%2Chttps%253A%252F%252Fpelotainvernal.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:51:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 20:51:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame B6D7 30 KB
11 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 16:53:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 16:53:10 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D6A6 22 KB
8 KB 35ms
34ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 01:32:53 GMT
expires: Fri, 15 Dec 2023 01:32:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dvbs_src_internal113.js Show response
cdn.doubleverify.com/ Frame 0DE7 59 KB
19 KB 36ms
36ms Script
application/javascript 2a02:26f0:11a::217:9a8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=198000&plc=6985919&sid=18330&dvregion=0&unit=300x600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a8a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:40 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:56:00 GMT
Server: Microsoft-IIS/10.0
ETag: "0b85bd045ecd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19448

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B6D7 41 KB
15 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 15:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 15:58:55 GMT

GET
H2 200 main.19.8.377.js Show response
static.adsafeprotected.com/ Frame B6D7 199 KB
62 KB 37ms
36ms Script
application/javascript 2600:9000:206e:f800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.377.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=19081025402&pubId=1&placementId=396819421&adsafe_par&bundleId=&dealId=&bidurl=https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id: dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding: gzip
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 375062
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 16:54:47 GMT
server: AmazonS3
etag: W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: d5742Z3F5ek2pnrgAZqH8yfyhSzsakQsoKPYZhNlwp6zWc9kRLWLdQ==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2F7A 1 KB
643 B 36ms
36ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2377
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 18 Dec 2022 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B6D7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43cde0c46e5bcf3af0d7e3f47c5dff43a22f0842b511b6db26ea46650f46b861

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame D6A6 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 18:33:48 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 0DE7 1 KB
902 B 411ms
28ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_560687810262&jsTagObjCallback=__tagObject_callback_560687810262&num=6&ctx=15911784&cmp=198000&plc=6985919&sid=18330&advid=&adsrv=&unit=300x600&isdvvid=&uid=560687810262&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=108&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=15&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauA6%3D%40E2%3A%3FG6C%3F2%3D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauA6%3D%40E2%3A%3FG6C%3F2%3D%5D4%40%3ETar9EEADTbpTauTau4fh4ad__%60_%602fc%60_e_44e3g_e_hg3h2f%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.40&callbackName=__verify_callback_560687810262
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 7704eb6f85a784d8c15f978dd89eabd5de573d4e9ad6303634910cdc25d1da7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:41 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 12/16/2022 08:07:41

GET
H2 200 track
st.pubmatic.com/ Frame 781E 0
91 B 167ms
27ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671264461&wa=0&vadsId=-1&e=95&vc=2
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EFF3 22 KB
8 KB 36ms
35ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 01:32:53 GMT
expires: Fri, 15 Dec 2023 01:32:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F7A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dlRvSkNZcFcxUDZzZW81&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&google_cver=1&google_push=AavPq0PVvp0IRFVLs7ikPkbLDQ4FzdzTWtDdJpGHOOor_1p...

170 B
188 B

59ms
59ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dlRvSkNZcFcxUDZzZW81&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&google_cver=1&google_push=AavPq0PVvp0IRFVLs7ikPkbLDQ4FzdzTWtDdJpGHOOor_1pZ4ebeIoI_-ePn0EZtkH_HtZn6yORhNon5jHQnAJA5onkF_qiRD7t-

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:40 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0902e59d1fecaf133@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dlRvSkNZcFcxUDZzZW81&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&google_cver=1&google_push=AavPq0PVvp0IRFVLs7ikPkbLDQ4FzdzTWtDdJpGHOOor_1pZ4ebeIoI_-ePn0EZtkH_HtZn6yORhNon5jHQnAJA5onkF_qiRD7t-
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F7A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJfQnQ8M4lw7zSSHb5qGGlo&google_cver=1&google_push=AavPq0O6WvWppvgPvPqLYzq_ND3GomisSXXM4y2iWSrLUpM3My3xf8nx8IdcaZWj5MYd_pezWWb2o97n3PMi1LXf...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Ey1jnXjNQQC9cbrLNQoX5w&google_push=AavPq0O6WvWppvgPvPqLYzq_ND3GomisSXXM4y2iWSrLUpM3My3xf8nx8IdcaZWj5MYd_pezWWb2o97n3PMi1LXfvfOWs0t-...

170 B
188 B

58ms
58ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Ey1jnXjNQQC9cbrLNQoX5w&google_push=AavPq0O6WvWppvgPvPqLYzq_ND3GomisSXXM4y2iWSrLUpM3My3xf8nx8IdcaZWj5MYd_pezWWb2o97n3PMi1LXfvfOWs0t-tuX9

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Dec 2022 08:07:40 GMT
Server: MT3 254 34fcae8 master zrh-pixel-x26 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Ey1jnXjNQQC9cbrLNQoX5w&google_push=AavPq0O6WvWppvgPvPqLYzq_ND3GomisSXXM4y2iWSrLUpM3My3xf8nx8IdcaZWj5MYd_pezWWb2o97n3PMi1LXfvfOWs0t-tuX9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 17 Dec 2022 08:07:39 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F7A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEK0p_Qxw7HLalcNHahgXp8g&google_cver=1&google_push=AavPq0O42o_NQoVPKiVlCU3EvMy9LKet3GvIcl5zZXgJat4f_0rMwdZTiKStuUE7N6IOSFPby5AjGaTiArva58wXg1Evr-TXIMTS
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0DBD4F893D4F4D98A323225492AEFE7C&google_push=AavPq0O42o_NQoVPKiVlCU3EvMy9LKet3GvIcl5zZXgJat4f_0rMwdZTiKStuUE7N6IOSFPby5AjGaTiArva58w...

170 B
188 B

60ms
60ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0DBD4F893D4F4D98A323225492AEFE7C&google_push=AavPq0O42o_NQoVPKiVlCU3EvMy9LKet3GvIcl5zZXgJat4f_0rMwdZTiKStuUE7N6IOSFPby5AjGaTiArva58wXg1Evr-TXIMTS

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Dec 2022 08:07:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0DBD4F893D4F4D98A323225492AEFE7C&google_push=AavPq0O42o_NQoVPKiVlCU3EvMy9LKet3GvIcl5zZXgJat4f_0rMwdZTiKStuUE7N6IOSFPby5AjGaTiArva58wXg1Evr-TXIMTS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 16 Dec 2022 08:07:40 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2F7A 70 B
264 B 47ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGWn_12qTl01qQdkzsYfyw4&google_cver=1&google_push=AavPq0NnPN7nzgA3w__tgSIWs_tr7-wQX2Y9816dFviJ0E60bjkBvQAHtovp398gUZRQhPMuPdXwoJgeWMmXpLDtLbioLAC1Em6C
Requested by: Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F7A
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKetfxybpjIzHT98vEkJXxw&google_cver=1&google_push=AavPq0NrBHnkzMnSvOYj52X1P8DnIhdXQ6VDuFJXDrFCjDmI18g96O6ICczCWiAnkTRZw7YUQEIplbWzR21...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NrBHnkzMnSvOYj52X1P8DnIhdXQ6VDuFJXDrFCjDmI18g96O6ICczCWiAnkTRZw7YUQEIplbWzR21IgYxUmDLFlOrNYOgH&google_hm=InfHfZ6pTTKOzjmm35tUSBY

170 B
188 B

59ms
59ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NrBHnkzMnSvOYj52X1P8DnIhdXQ6VDuFJXDrFCjDmI18g96O6ICczCWiAnkTRZw7YUQEIplbWzR21IgYxUmDLFlOrNYOgH&google_hm=InfHfZ6pTTKOzjmm35tUSBY

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NrBHnkzMnSvOYj52X1P8DnIhdXQ6VDuFJXDrFCjDmI18g96O6ICczCWiAnkTRZw7YUQEIplbWzR21IgYxUmDLFlOrNYOgH&google_hm=InfHfZ6pTTKOzjmm35tUSBY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F7A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECvmxxTvUBHVWVOxVsvo8z4&google_cver=1&google_push=AavPq0MvHuQNwt_DJ6PWqNodEYcSUG25TfQGdB4mymPbLbXXRhzvCT30KPseuyxw6j_CrXngUyTSfmmM58CMa_...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3ODAyNjE5ODY4ODc5MDY4Mw%3D%3D&google_push=AavPq0MvHuQNwt_DJ6PWqNodEYcSUG25TfQGdB4mymPbLbXXRhzvCT30KPseuyxw6j_CrXngUyTSfmmM58CMa_Nb69...

170 B
188 B

57ms
57ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3ODAyNjE5ODY4ODc5MDY4Mw%3D%3D&google_push=AavPq0MvHuQNwt_DJ6PWqNodEYcSUG25TfQGdB4mymPbLbXXRhzvCT30KPseuyxw6j_CrXngUyTSfmmM58CMa_Nb69_XrfSX_YUp

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3ODAyNjE5ODY4ODc5MDY4Mw%3D%3D&google_push=AavPq0MvHuQNwt_DJ6PWqNodEYcSUG25TfQGdB4mymPbLbXXRhzvCT30KPseuyxw6j_CrXngUyTSfmmM58CMa_Nb69_XrfSX_YUp
Date: Sat, 17 Dec 2022 08:07:40 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F7A
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEAPEc2jrumx2cnIeSodDyyY&google_cver=1&google_push=AavPq0MOqsrcqAj_Zk1PURU2t509KlU-S2MKASXyZtt0WjkyrHC8hX7Lszs6k_MCxSfkgqseHR1xWXslVLkIfZQQrOUKNqu...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MOqsrcqAj_Zk1PURU2t509KlU-S2MKASXyZtt0WjkyrHC8hX7Lszs6k_MCxSfkgqseHR1xWXslVLkIfZQQrOUKNquCMkFN

170 B
188 B

87ms
87ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MOqsrcqAj_Zk1PURU2t509KlU-S2MKASXyZtt0WjkyrHC8hX7Lszs6k_MCxSfkgqseHR1xWXslVLkIfZQQrOUKNquCMkFN

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MOqsrcqAj_Zk1PURU2t509KlU-S2MKASXyZtt0WjkyrHC8hX7Lszs6k_MCxSfkgqseHR1xWXslVLkIfZQQrOUKNquCMkFN
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2F7A 0
12 B 56ms
55ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IV0acIJynNdgvtZg91Kvdswz5FNLBFCBPeAZmI-yqY_QAxAIJ97ewloBG6sP5rS2nGIVNn

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 2FB0 91 KB
92 KB 36ms
36ms Script
application/javascript 2600:9000:206e:f800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:f800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 05:28:02 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 1651178
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: rPETBGCWCtREKuLrOYWnBYHFQCN-Nsnc2uaW64b7CGT_8Bc84a7KBA==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame B6D7 43 B
215 B 60ms
59ms Image
image/gif 54.73.29.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=19081025402&pubId=1&placementId=396819421&adsafe_par&bundleId=&dealId=&bidurl=https://pelotainvernal.com/&adsafe_url=https%3A%2F%2Fpelotainvernal.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpelotainvernal.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:92e7157d-3903-df01-b2b9-5aa040562eb5,c:x2uJsU,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-9wrg8,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:127,mot:0,app:0,maw:0,fm:tqg7mcK+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d111%7C1d112%7C1d113%7C1d114%7C1d115%7C1e1%7C1e21%7C1e3%7C1f*.925113%7C1f1%7C1f2%7C1f3,idMap:1f*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:143,oid:e077bbc1-7de1-11ed-94a7-5e7d04cf452a,v:19.8.377,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.29.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-29-246.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16644202875967455809/ Frame 1287 1 KB
767 B 70ms
69ms Document
text/html 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:40 GMT
expires: Sun, 17 Dec 2023 08:07:40 GMT
last-modified: Tue, 25 Oct 2022 17:10:54 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B6D7 0
0 79ms
78ms Fetch
image/gif 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaGIv_1p3Lr1SXG5klkqpOBRJRL2r2zsMxZAC1Ix2CHltpDcRbfydBpyi2NkzBbj7p6Eb1zzrt0a91_I4CZccADFUn3JMPA2BDUJPNfSj8l61jlhK_S9ycmjUE1hcsPET9f1C2Bnvagf8KDknnBLtW7W9qItgMp3c38Ji4Mil7Q4yHY9oK--Knf6rvvLp7SDUzUbyBFQamypUwy4jvGS71uuWUWl4xxyL0rCR-xRw-ZNQPWdZxDeAwoLNQ7PMn5kvMyW9dDnFdV-cCOSF4d5MiILV0cIJkP-QArG4zrlpFKVr_BvSJkkvWZ6nWCq_9hV39eE9bMUijiN5q6DhG7J8LnTyZdbgE8qpmqKE7_C8XmptFtiedQtT1kjxV9dIO8XsekoDF5GLqlZCSB7qn7DoPCaWnAeM_rGZKvoDM8wbQ-wI0IRvscDne-ZvsvvLWLmuIDP5bma2Z0pcki_l6mZXc2U7N2X7qLj7R5T-DDgTVJUtOs-P6vapd6b_SZpH-wKyyGdsOIUGi75Vo99jIs0hJcRpG12-YauvlLpMRLLPhNaYmUwPMKJcSSNnuakAPMH3jONeAmDECP34NT2SLK10he0J7EFCiLMfE6B_FXu8q51SAb1ksLfKi-_o5iFr3rNCBEgI398_ZTX_6OaFkmOIyQVyMkLc4Y-kjnTb8dpFVrAPuN0XfJhYUjQSfERylhBy4c5MWrZ_G1VD7imNRxXR7Tt3n-4TCPAB6cdHRvsgHrytrMOFKph9mi7lrxxoH6zXg7PCp7MKf3VPinwYlOM-qLTBakYXXAwd9B9FOOKqC3wCay3-JuMmDo4N0leVi3oa2L3PfYetQl-pnHyOSjR_bqQ1oXD4xd_mKc4csYcrVub8iwB28Kzh4dhcqFFCiGJ9vBzQi3MgQBmISVkqT6xzK--CKaOgtbRQV06-qP4YzswG8fq_FlhLOSkiU3f9b9f4jGobNqSu1-WFmix-j6a9mZp54fZtVc23alTCoLB0tuROA3vGwVyOYSklGPkcOUUtnJxyVH1OYsIYlLL077nvpaIr5QavbYMqRx6cLiAZiaWKeNQyJcunamb8DEuc5IeHt_WfwCMaRWhworMA7XN3t7hUrNap0tS6wdbbR6PqOe3gVfPzVAyRzU4msN3Jr5tuNpWwXVxeb4m8Rrcq7zeJfl2V7YV9WszgjrzQ-3SRPPXlVc1Y40pdTmaXcW99AfO_SFzOEWByAi3PI69nBF8qyOq1VYx6aP9syC0QoK91jppkPnvBXRnC1IRP9LWzx744-NGzvwX6sjw&sai=AMfl-YQHhAuP3yigLliVsybpR7BDu7GVd4VK-Z-FAJQyPBtMh2VdewMSuej3pwZ5CLRZFfUmyuqLVriWeAwaHwhperE7xLN2XyZSNoktkNcExS0zrccY7r9BDAhhVzgYTDubFQvDN_KQsje6kG0AIFK8VtMAwq8Xk6lVWYrOnf_3gB3WTF7B2n_bSAmFjS2NBXzoUE8bA7RaQ0wgHwmMkZuPbuUj9QuVy9x24UgKzMGSB7c8W7GF0AoLL3NPB0eR3JTwdY90-7g5KS8&sig=Cg0ArKJSzBoCZWpMDVjSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=209&cbvp=1&cstd=204&cisv=r20221207.80441&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Dec 2022 08:07:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Dec 2022 08:07:40 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame B6D7 60 B
60 B 202ms
34ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=322783817&gdpr_consent=&gdpr=

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Sa, 17 Dez 2022 08:07:41 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1119
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B6D7 43 B
215 B 115ms
115ms Image
image/gif 2600:1f18:1aca:4281:68f:8ebb:736f:849f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=92e7157d-3903-df01-b2b9-5aa040562eb5&tv=%7Bc:x2uJtt,pingTime:-3,time:177,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:142%7D,%7Bpiv:0,vs:o,r:l,t:176%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:177,n:176,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B48~1,0~0%5D,as:%5B48~728.90%5D%7D%7D,%7Bsl:o,t:176,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqg7mcK+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d111%7C1d112%7C1d113%7C1d114%7C1d115%7C1e1%7C1e21%7C1e3%7C1f*.925113%7C1f1%7C1f2%7C1f3,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:143%7D&br=c
Requested by: Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:68f:8ebb:736f:849f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B6D7 43 B
215 B 114ms
114ms Image
image/gif 2600:1f18:1aca:4281:68f:8ebb:736f:849f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=92e7157d-3903-df01-b2b9-5aa040562eb5&tv=%7Bc:x2uJtu,pingTime:-6,time:178,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:178,n:176,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B48~1,0~0%5D,as:%5B48~728.90%5D%7D%7D,%7Bsl:o,t:176,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqg7mcK+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d111%7C1d112%7C1d113%7C1d114%7C1d115%7C1e1%7C1e21%7C1e3%7C1f*.925113%7C1f1%7C1f2%7C1f3,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:143%7D&tpiLookup=ao:pelotainvernal.com*&br=c
Requested by: Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:68f:8ebb:736f:849f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame EFF3 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 18:33:48 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B6D7 43 B
215 B 115ms
115ms Image
image/gif 2600:1f18:1aca:4281:68f:8ebb:736f:849f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=92e7157d-3903-df01-b2b9-5aa040562eb5&tv=%7Bc:x2uJtL,pingTime:0,time:195,type:pf,im:%7Bsf:0%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:142%7D,%7Bpiv:0,vs:o,r:l,t:176%7D,%7Bpiv:100,vs:i,r:,t:195%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:195,n:176,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B48~1,0~0%5D,as:%5B48~728.90%5D%7D%7D,%7Bsl:o,t:176,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B18~0%5D,as:%5B18~728.90%5D%7D%7D,%7Bsl:i,t:195,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqg7lPH+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b.1203349-67009481%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d111%7C1d112%7C1d113%7C1d114%7C1d115%7C1e1%7C1e21%7C1e3%7C1f*.925113%7C1f1%7C1f2%7C1f3,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:143%7D&br=c
Requested by: Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:68f:8ebb:736f:849f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B6D7 43 B
215 B 115ms
114ms Image
image/gif 2600:1f18:1aca:4281:68f:8ebb:736f:849f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=92e7157d-3903-df01-b2b9-5aa040562eb5&tv=%7Bc:x2uJtN,pingTime:-2,time:197,type:a,im:%7Bpom:1,prf:%7BbeA:302,beZ:303,mfA:429,cmA:430,inA:430,inZ:433,prA:433,prZ:440,si:445,poA:445,poZ:456,cmZ:456,mfZ:456,loA:480,loZ:483,ltA:498,ltZ:498,mdA:304,mdZ:352%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:142%7D,%7Bpiv:0,vs:o,r:l,t:176%7D,%7Bpiv:100,vs:i,r:,t:195%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2,o:195,n:176,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B48~1,0~0%5D,as:%5B48~728.90%5D%7D%7D,%7Bsl:o,t:176,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B18~0%5D,as:%5B18~728.90%5D%7D%7D,%7Bsl:i,t:195,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqg7lPH+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b.1203349-67009481%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d111%7C1d112%7C1d113%7C1d114%7C1d115%7C1e1%7C1e21%7C1e3%7C1f*.925113%7C1f1%7C1f2%7C1f3,idMap:1f*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:143,sinceFw:53,readyFired:true%7D&br=c
Requested by: Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:68f:8ebb:736f:849f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame F4B4 0
153 B 391ms
115ms XHR
text/plain 18.218.58.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=64e20400&ps_id=357265&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.58.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-58-137.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
access-control-allow-methods: GET, OPTIONS

GET
H2 200 track
st.pubmatic.com/ Frame F4B4 0
49 B 28ms
27ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671264459&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1287 113 KB
38 KB 78ms
78ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Dec 2022 08:07:40 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 1287 118 KB
40 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 15:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58107
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Dec 2022 15:59:13 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2988 15 KB
6 KB 38ms
38ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pelotainvernal.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:40 GMT
server: Kestrel
server-processing-duration-in-ticks: 343006
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D6A6 0
20 B 73ms
72ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYkYjzHidY9z8G8yvgQf17IKQBwAAAAA4AeAEAg&bg=!IiGlIWXNAAYgquz3AKo7ACkAdvg8WoPYvMlprjqNRDWnxeVjR1RaeVOvAyRXSgzi-Ok_QbIIPoWMsAIAAACbUgAAAAJoAQcKABrfJ_tx10lfdh7X26JsmwZBBETwrRSgqwFwf5kDLs38ZPjpcMFO-5WMk2mcyvIdvTujJl0_cb6mfThEJxlYAj-FAWAnQZLmsUvvho2RDwu0nL6sRZsPwA2EFF2ZCNXh_vcaPnvnbnp9VqpkGQfEXKD5JYulxWkl-Ho0RCK2iUWb7MufkTA9hkDKxP05fEumdZDGRyZS00m-mKI6wYlshRIQnZQdMX3yWLkSLvwxRbIY4HBDjKGBrjYWgX9Ddszf4wXpYdC3PWw5MSgVAajEmYmzRdqWW76i4_dPJ52zuPMEP2EgRyTy596Ec4TXnVPpBJoj5IAp392tldtDXMMSRVQan4Tvlo8Gnu3uYMKMUyghtRduQ4zM_kNc5EZfS4ne7XYNk5ublIGHmdjcnaNGcKiPcS9PfDfuTgE89_zx5450cZAYyo87mUrVBznZncUyJHlJydHQAc3IVXkYpIXrs0pvEWP3_HDSxXRhF2zkyzagYTKup5pftTwBolknkLMjcDvojMSATYucSuq42fQN0fy_2C0wa00AbRntL4jUGtzyiFYlyRPw1HABqYrJps1HwKqsQNXJro9psMdj_ws0OGNqwF-bkr-SkmtmZq6su2POx6MO8eflLhCZk7zqyQ2XHYuLXHoccQ230CcXdW99ZxRGHNejyQjgXsi_TdlBkVAxxZTNbg5y_Jz-vyoxI90Vs9K1PO3WzsEMowUE_nmKy6Gf7-Q61nn8rruDZLOZBth0zwuNjbiz3-xyb9THHzPM32FJitymeJRAPjvdYwxMTkcomwULU1EYite1x_E9xXFpX3Turgko10ZLfGoZQIs_s--_xP9hLmL_lEzq8u7oBK7NYqNB77OitEQ_IK-0Tt_Q3ejvYpUxqeKLrPnYwZCIaIXGOWtx5L3Ook1RQlDgI5mWvnn7gEqeqRCHX6yL5-0uMiTWD6WOWK51GNHVrHz_HUdUFKBi_FQqB9IfSWQ2OukpHKTnR3qs5_Zy3Id5N7_sw2Z2HQST9j3AieDAh6m2U6Zwt25zUcCE9o-ayWf8VP_pCZG1rF0Sv-25yhheb0XOf94rmG2T8OVwY8ZtAbNopLhck9-WEtakdX1Q3wse7n0IYwsd5zEfqtc65aQ

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2988
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=pelotainvernal.com&sn=ChromeSyncframe&so=3&topUrl=pelotainvernal.com&bundle=HFGyJF9Cam1ZdjQ1QSUyRmxpQ0N4TkZJWUUzd3pUZUZwOVRINGV0T2xKRkZ...
https://mug.criteo.com/sid?cpp=ZIyH8nxqKzVrZ2JpY3E2M3FEeWpXdDBEVi9YYzN3cWd0ZEFqYU1QMUVvbWRtYXZFZVoyL0M2ZWVURzRPQ1EvTUhPU2VxUUl3dVpCVDB4N1NTNzlGTGxLWEFoNlp2VlVNUERrQkN4Y245TUJ2K2p2Q1VPWWRGYkI3ekVrTn...

465 B
677 B

34ms
33ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ZIyH8nxqKzVrZ2JpY3E2M3FEeWpXdDBEVi9YYzN3cWd0ZEFqYU1QMUVvbWRtYXZFZVoyL0M2ZWVURzRPQ1EvTUhPU2VxUUl3dVpCVDB4N1NTNzlGTGxLWEFoNlp2VlVNUERrQkN4Y245TUJ2K2p2Q1VPWWRGYkI3ekVrTnk2M0xGN2NCdXpKNGdlOFQxS2hwVmhna2ZFbzlSVzhqYzY5QnZiVUc3dFUrVHNaNXByQUhuaXJUNUZPOWV0ZzNZWDZ6QmFuRHZCUHJQcU5NSDhOZVZUUG1MdGtGa2thY1A0SHoxbEszQTdxd2VCNXVnSURCcVNsRVBSSlBGUnFKb2dBS2haVFVHVTFaZVRHZmVXbm1zNTVjSzdJVjdKZEhoODZPVURNRzBsYU9yaTJZUk55MD18&cppv=2

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

620a7e55a8dc8e272ed0de340def609f1605984e98800a4a3cdd874483c6eff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2507493
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ZIyH8nxqKzVrZ2JpY3E2M3FEeWpXdDBEVi9YYzN3cWd0ZEFqYU1QMUVvbWRtYXZFZVoyL0M2ZWVURzRPQ1EvTUhPU2VxUUl3dVpCVDB4N1NTNzlGTGxLWEFoNlp2VlVNUERrQkN4Y245TUJ2K2p2Q1VPWWRGYkI3ekVrTnk2M0xGN2NCdXpKNGdlOFQxS2hwVmhna2ZFbzlSVzhqYzY5QnZiVUc3dFUrVHNaNXByQUhuaXJUNUZPOWV0ZzNZWDZ6QmFuRHZCUHJQcU5NSDhOZVZUUG1MdGtGa2thY1A0SHoxbEszQTdxd2VCNXVnSURCcVNsRVBSSlBGUnFKb2dBS2haVFVHVTFaZVRHZmVXbm1zNTVjSzdJVjdKZEhoODZPVURNRzBsYU9yaTJZUk55MD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 500599
content-length: 0
expires: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B6D7 0
0 74ms
74ms Fetch
image/gif 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaGIv_1p3Lr1SXG5klkqpOBRJRL2r2zsMxZAC1Ix2CHltpDcRbfydBpyi2NkzBbj7p6Eb1zzrt0a91_I4CZccADFUn3JMPA2BDUJPNfSj8l61jlhK_S9ycmjUE1hcsPET9f1C2Bnvagf8KDknnBLtW7W9qItgMp3c38Ji4Mil7Q4yHY9oK--Knf6rvvLp7SDUzUbyBFQamypUwy4jvGS71uuWUWl4xxyL0rCR-xRw-ZNQPWdZxDeAwoLNQ7PMn5kvMyW9dDnFdV-cCOSF4d5MiILV0cIJkP-QArG4zrlpFKVr_BvSJkkvWZ6nWCq_9hV39eE9bMUijiN5q6DhG7J8LnTyZdbgE8qpmqKE7_C8XmptFtiedQtT1kjxV9dIO8XsekoDF5GLqlZCSB7qn7DoPCaWnAeM_rGZKvoDM8wbQ-wI0IRvscDne-ZvsvvLWLmuIDP5bma2Z0pcki_l6mZXc2U7N2X7qLj7R5T-DDgTVJUtOs-P6vapd6b_SZpH-wKyyGdsOIUGi75Vo99jIs0hJcRpG12-YauvlLpMRLLPhNaYmUwPMKJcSSNnuakAPMH3jONeAmDECP34NT2SLK10he0J7EFCiLMfE6B_FXu8q51SAb1ksLfKi-_o5iFr3rNCBEgI398_ZTX_6OaFkmOIyQVyMkLc4Y-kjnTb8dpFVrAPuN0XfJhYUjQSfERylhBy4c5MWrZ_G1VD7imNRxXR7Tt3n-4TCPAB6cdHRvsgHrytrMOFKph9mi7lrxxoH6zXg7PCp7MKf3VPinwYlOM-qLTBakYXXAwd9B9FOOKqC3wCay3-JuMmDo4N0leVi3oa2L3PfYetQl-pnHyOSjR_bqQ1oXD4xd_mKc4csYcrVub8iwB28Kzh4dhcqFFCiGJ9vBzQi3MgQBmISVkqT6xzK--CKaOgtbRQV06-qP4YzswG8fq_FlhLOSkiU3f9b9f4jGobNqSu1-WFmix-j6a9mZp54fZtVc23alTCoLB0tuROA3vGwVyOYSklGPkcOUUtnJxyVH1OYsIYlLL077nvpaIr5QavbYMqRx6cLiAZiaWKeNQyJcunamb8DEuc5IeHt_WfwCMaRWhworMA7XN3t7hUrNap0tS6wdbbR6PqOe3gVfPzVAyRzU4msN3Jr5tuNpWwXVxeb4m8Rrcq7zeJfl2V7YV9WszgjrzQ-3SRPPXlVc1Y40pdTmaXcW99AfO_SFzOEWByAi3PI69nBF8qyOq1VYx6aP9syC0QoK91jppkPnvBXRnC1IRP9LWzx744-NGzvwX6sjw&sai=AMfl-YQHhAuP3yigLliVsybpR7BDu7GVd4VK-Z-FAJQyPBtMh2VdewMSuej3pwZ5CLRZFfUmyuqLVriWeAwaHwhperE7xLN2XyZSNoktkNcExS0zrccY7r9BDAhhVzgYTDubFQvDN_KQsje6kG0AIFK8VtMAwq8Xk6lVWYrOnf_3gB3WTF7B2n_bSAmFjS2NBXzoUE8bA7RaQ0wgHwmMkZuPbuUj9QuVy9x24UgKzMGSB7c8W7GF0AoLL3NPB0eR3JTwdY90-7g5KS8&sig=Cg0ArKJSzBoCZWpMDVjSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=409&vt=11&dtpt=200&dett=3&cstd=204&cisv=r20221207.80441&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Dec 2022 08:07:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EFF3 0
20 B 72ms
72ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B71aPzHidY7u4HKCp9u8P79iliAkAAAAAOAHgBAI&bg=!AAOlA0fNAAYgquz3AKo7ACkAdvg8WvCYvpDOFMOxL76Ay53IDvP4pAGXwZMNH-3nnV9cNHm4GBXUEwIAAABzUgAAAAJoAQeZAyrGCdUxn8Aj8UnRDIvXOdWYCILdSGaOws_ZR1me1gtjk3VL3Hq79rSnAtYLVYhQR_Dv2RdL_JHiyXoPwvhSx9ciX5lxSe6Ig9AtR_POP7cu-RuKvFrC4Pk4gbzY7iQnWhhnwVInvtUFOJLznvsh5d1QO0AEyUaAUy9y7QixPiTxWxGNzVCfenze4SbXiQcMEh4bXAT8gHtYFX9eQf3ADs0Ixgn4wR8HK7n0bWTGjFvUa-KiezO-DVi98HQexCi6gz715s3EGqcz3Vm9AhUV0kSC-y-mYeawK96v_gDNeYnO-MpzPu7oaDqJuHBl8-vJF93lb5VvayC9pjOnMyoCPJ2LDHBLJuPL_d5yit8CLbGPYfqPXMeipl9DgQgD8YL9sHb9potdZl55v0P8tPHjbNn_Pq5sFSddNUgh38SYOZHAFhho5eIl0y5ztm4o63ixE_L-3F_wNMH_WrkK1kelG_6szboY2aseixfzTFTO9Kz_IGQeLUgZk7xy-VfjkcKgvnLcybUck9Y0ABoVfmFw8VURnSYflj1g5luEH0mryrF1I1zFZnqkdfZLGmhMF8HxlbuapFt-UgH4ph60f6jhABhmCXnnspy-YgGbFZwC6ea-RrHy7O_-f3u_7naDYCv0H8bjIYO-NI4LQRzn_YrGeIrFYZql0XI9-UexoOtKzvEUXPu5uj8nvCVJDc-eVVeWESYgNhkx0IPcGQ6l0LSVf3GCdssVsidFFXK2lzTtRfTAHCYsAxBUt5LozRUOtWnpu0KSFn6zwJdLlaj3AVmPANMa0oQZf0AIjmETgXS-i6LMyhekmmjyb29nDGM7JY1TZgSR_GWLA3Oi3KQcsBBRTj-cFzOd69qVRKGRVxGVnWub5Of1SGzct3ovo0bNLZEI_VPg8sb5p59Og5np_ju7v-yWZG3oSki5GhWLfWLs2uc6K3BTGIOqdGXsQ0VwjE0kq1oHPQtMvF0iu1CtPpR62V1ltnY5VbIi2ZJuIHxVOVYmHA3IVIk6P7WS5TgjBwewMaCPH10cp87UJdh71xTiIpgbbeoIeekljtiNYtOGAn77XZN1hZCiq2jvcNA

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 1287 2 KB
809 B 37ms
36ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 778
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 14:38:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Dec 2022 08:16:34 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1287 7 KB
6 KB 74ms
74ms XHR
application/json 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c329a0dc93f82b5f0e3f15ef5165027cfe33eef21fd2ae0b791159200857ac92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5680
x-xss-protection: 0

GET
H3 200 728x90_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 1287 58 KB
17 KB 37ms
37ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d977cef899d6534c8933c5e8a57774dd0e914013e3790568535382299b913e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16938
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 14:16:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Dec 2022 08:21:36 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 0DE7 0
234 B 69ms
23ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=5173d3944bd149d58e53514fb1b5f98b&vfdur=412&cbust=1671264461044553
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:41 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 12/16/2022 08:07:41

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 0DE7 28 KB
11 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10900
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 17:19:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 17 Dec 2022 08:36:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1287 17 KB
6 KB 98ms
98ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 08:07:41 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 1287 4 KB
2 KB 37ms
36ms XHR
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1840
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 11:00:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Dec 2022 08:15:07 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 1287 5 KB
2 KB 38ms
37ms XHR
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Dec 2022 08:15:07 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 1287 2 KB
1 KB 37ms
36ms XHR
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Dec 2022 08:15:10 GMT

GET
H3 200 NH_D_NA_City-Generic_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 1287 61 KB
61 KB 700ms
699ms Image
image/jpeg 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_NA_City-Generic_728x90.jpg

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc2f6c397b2c8bc2ffe3a7f98875347fd37f44f8297f60b1f961123846cad866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:41 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62580
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Dec 2022 08:22:41 GMT

GET
H3 200 impl_v92.js Show response
www.googletagservices.com/dcm/ Frame 0DE7 60 KB
23 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v92.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 00:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23563
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:32:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 00:39:32 GMT

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 1287 50 KB
50 KB 36ms
36ms Font
font/woff2 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=eOh80plTpY&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:00:07 GMT
x-content-type-options: nosniff
age: 454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Dec 2022 08:15:07 GMT

GET
H3 200 B9689862.280584279;dc_ver=92.271;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=4188270516;ord=s384bp;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpelotainvernal.c... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 0DE7 53 KB
25 KB 166ms
93ms Script
text/javascript 142.251.208.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=4188270516;ord=s384bp;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpelotainvernal.com%2F$0;xdt=1;crlt=bYLLmyKv'Q;stc=1;chaa=1;sttr=50;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f6.1e100.net

Software

cafe /

Resource Hash

9e11c754c1c966e94494ee2ba592ab244d19b538e05b0b6c94bff4453815c49b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25825
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 016D 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 18:33:48 GMT

GET
DATA 200
OK truncated
/ Frame 0449 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 vpaid_f51ac984.js Show response
vpaid.springserve.com/production/ Frame 2812 506 KB
89 KB 36ms
36ms Script
application/javascript 2600:9000:2304:9200:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:9200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 17:09:30 GMT
content-encoding: br
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Tue, 06 Dec 2022 22:05:17 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 831492
etag: W/"b030ae2df4f66a78701be0f4e1a3a52f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-id: vDf8JCiMPHQjFxg1rFigBZWREmoFXVUPTghE42seki1hqlju_tmxAg==

POST
H2 200 t Show response
t.lkqd.net/ Frame 56E6 0
166 B 117ms
116ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:41 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 110ms
110ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:41 GMT
server: nginx

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 2812 978 B
851 B 40ms
40ms XHR
application/xml 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459066,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8d671350b1103375b694982c8b072dbb6793216c87bef658903355bb083c60df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 604
expires: Sat, 17 Dec 2022 08:07:41 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 0DE7 8 KB
3 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=4188270516;ord=s384bp;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpelotainvernal.com%2F$0;xdt=1;crlt=bYLLmyKv'Q;stc=1;chaa=1;sttr=50;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:51:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 20:51:03 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0DE7 0
0 72ms
72ms Fetch
image/gif 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuzrem2kibKrgKYjOtb97fw4xOVXnFkEUqAKWNqpxRyJM7VSEK3O7rxQ7cu7kS_9SXWFiH89lQmcvNvodJq7R6c2tw3ztLcvdxJrIzphsg-9QwThn79UpZG7f4g9DoxWh7vLhiwugbpghN1kkvCIiYstBGG5VcdJk9aBs&sai=AMfl-YQPyU3J7Aa4ZIl7Xk3Gjs8YVHPjhnQf1RuuNqyBOOxDylurG5edRjCrjfWNd4VhJiqMdK3GpOuwzCdePY5Z1LdEru5JCp83MctfDpGD&sig=Cg0ArKJSzG8oK0m97ljLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221207.55604&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Dec 2022 08:07:41 GMT

GET
H3 200 11395972518873542780
s0.2mdn.net/simgad/ Frame 0DE7 298 KB
298 KB 41ms
41ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11395972518873542780

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff189758d75309cf2ae680742df627ea16c4417d9565412a97f4e3d4753d9dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:50:36 GMT
x-content-type-options: nosniff
age: 292625
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 305385
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 15:42:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 22:50:36 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 756B 22 KB
8 KB 36ms
36ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 01:32:53 GMT
expires: Fri, 15 Dec 2023 01:32:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C916 1 KB
643 B 36ms
35ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 18 Dec 2022 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0DE7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99f9d716254deb714e30e39e7963f5fe3d882938ac6ccb99619f2a4c2505738a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 21AC 158 KB
37 KB 37ms
37ms Script
application/javascript 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459066,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:41 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 06:03:39 GMT
server: Apache
etag: "277a2-5e7fbf52bc8c8-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38047

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=vToJCYpW1P6seo5&gdpr=0

43 B
766 B

68ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=vToJCYpW1P6seo5&gdpr=0
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:41 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0902e59d1fecaf133@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=vToJCYpW1P6seo5&gdpr=0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ 0
38 B 24ms
22ms Image
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

GET
H/1.1 200
OK cksync.php
cs.media.net/ 44 B
410 B 270ms
156ms Image
image/gif 23.62.220.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.220.47 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-220-47.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:41 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 44
X-MNET-HL2: E
Expires: Sat, 17 Dec 2022 08:07:41 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C916
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dlRvSkNZcFcxUDZzZW81&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&google_cver=1&google_push=AavPq0PoPJZFg92o-7OW0UlkhT5kg4sNLwSCJWgc8b3aSDD...

170 B
188 B

59ms
59ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dlRvSkNZcFcxUDZzZW81&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&google_cver=1&google_push=AavPq0PoPJZFg92o-7OW0UlkhT5kg4sNLwSCJWgc8b3aSDDNOsj-fyDkdXHxapEbhtiU3jVZI6z528AKCoG5dKfrt-XntPnbDajqpA

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:41 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0f25e10db9e73ae52@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dlRvSkNZcFcxUDZzZW81&google_gid=CAESEH7Iq2hZpJ1NNKRV3EqufzE&google_cver=1&google_push=AavPq0PoPJZFg92o-7OW0UlkhT5kg4sNLwSCJWgc8b3aSDDNOsj-fyDkdXHxapEbhtiU3jVZI6z528AKCoG5dKfrt-XntPnbDajqpA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C916
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJfQnQ8M4lw7zSSHb5qGGlo&google_cver=1&google_push=AavPq0Pvp7zcvLhldR6mwm1PkHN5jZhi_k20Tg5Dfq2g8u17iZdH-LvAIWwo5XLJtMA5-UKQP64dTzrLDQmIZlTz...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Ey1jnXjNQQC9cbrLNQoX5w&google_push=AavPq0Pvp7zcvLhldR6mwm1PkHN5jZhi_k20Tg5Dfq2g8u17iZdH-LvAIWwo5XLJtMA5-UKQP64dTzrLDQmIZlTzHFgXovUE...

170 B
188 B

59ms
59ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Ey1jnXjNQQC9cbrLNQoX5w&google_push=AavPq0Pvp7zcvLhldR6mwm1PkHN5jZhi_k20Tg5Dfq2g8u17iZdH-LvAIWwo5XLJtMA5-UKQP64dTzrLDQmIZlTzHFgXovUEeojh

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Dec 2022 08:07:41 GMT
Server: MT3 254 34fcae8 master zrh-pixel-x31 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Ey1jnXjNQQC9cbrLNQoX5w&google_push=AavPq0Pvp7zcvLhldR6mwm1PkHN5jZhi_k20Tg5Dfq2g8u17iZdH-LvAIWwo5XLJtMA5-UKQP64dTzrLDQmIZlTzHFgXovUEeojh
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 17 Dec 2022 08:07:40 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C916
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEK0p_Qxw7HLalcNHahgXp8g&google_cver=1&google_push=AavPq0NoCYesieug-bdtfDeNAMu_QB-Pf2uFHUq6yc70o8PwZ_pUZsu6A2U4Y3a39URaLEP3rMFJfFc-UXG-lLLTypqrCbhH05MQfQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0DBD4F893D4F4D98A323225492AEFE7C&google_push=AavPq0NoCYesieug-bdtfDeNAMu_QB-Pf2uFHUq6yc70o8PwZ_pUZsu6A2U4Y3a39URaLEP3rMFJfFc-UXG-lLL...

170 B
188 B

57ms
57ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0DBD4F893D4F4D98A323225492AEFE7C&google_push=AavPq0NoCYesieug-bdtfDeNAMu_QB-Pf2uFHUq6yc70o8PwZ_pUZsu6A2U4Y3a39URaLEP3rMFJfFc-UXG-lLLTypqrCbhH05MQfQ

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Dec 2022 08:07:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0DBD4F893D4F4D98A323225492AEFE7C&google_push=AavPq0NoCYesieug-bdtfDeNAMu_QB-Pf2uFHUq6yc70o8PwZ_pUZsu6A2U4Y3a39URaLEP3rMFJfFc-UXG-lLLTypqrCbhH05MQfQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 16 Dec 2022 08:07:41 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C916 70 B
264 B 48ms
45ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGWn_12qTl01qQdkzsYfyw4&google_cver=1&google_push=AavPq0Oet9odBfK0PLfgDXlAmlGR0QH71UMxm5aPHDrNP_-Xrbk7_wtiQEkVR8cvjWqeg6pp-Or50RRYidfRRm1t1ISIuE648Uck
Requested by: Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C916
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKetfxybpjIzHT98vEkJXxw&google_cver=1&google_push=AavPq0N-wdPb-ReumnEbrlVzvNTkCQRCnNhwG2qsfQYTpgSQearOGuoC5rBXwaKedHZkDDHGmL715kqpKDp...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0N-wdPb-ReumnEbrlVzvNTkCQRCnNhwG2qsfQYTpgSQearOGuoC5rBXwaKedHZkDDHGmL715kqpKDpr8TDvY0RB4t0828AL&google_hm=InfHfZ6pTTKOzjmm35tUSBY

170 B
188 B

58ms
57ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0N-wdPb-ReumnEbrlVzvNTkCQRCnNhwG2qsfQYTpgSQearOGuoC5rBXwaKedHZkDDHGmL715kqpKDpr8TDvY0RB4t0828AL&google_hm=InfHfZ6pTTKOzjmm35tUSBY

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0N-wdPb-ReumnEbrlVzvNTkCQRCnNhwG2qsfQYTpgSQearOGuoC5rBXwaKedHZkDDHGmL715kqpKDpr8TDvY0RB4t0828AL&google_hm=InfHfZ6pTTKOzjmm35tUSBY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C916
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECvmxxTvUBHVWVOxVsvo8z4&google_cver=1&google_push=AavPq0N2ayBQfxww427l7TC0ppOTSOwsLXp7UDjmqYhwnKAboPmT9eXzzIFsKtAneqDKUlKbERzX_HF9Dbr8ly...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3ODAyNjE5ODY4ODc5MDY4Mw%3D%3D&google_push=AavPq0N2ayBQfxww427l7TC0ppOTSOwsLXp7UDjmqYhwnKAboPmT9eXzzIFsKtAneqDKUlKbERzX_HF9Dbr8lyKx15...

170 B
188 B

59ms
58ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3ODAyNjE5ODY4ODc5MDY4Mw%3D%3D&google_push=AavPq0N2ayBQfxww427l7TC0ppOTSOwsLXp7UDjmqYhwnKAboPmT9eXzzIFsKtAneqDKUlKbERzX_HF9Dbr8lyKx151_3sodRH0snA

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3ODAyNjE5ODY4ODc5MDY4Mw%3D%3D&google_push=AavPq0N2ayBQfxww427l7TC0ppOTSOwsLXp7UDjmqYhwnKAboPmT9eXzzIFsKtAneqDKUlKbERzX_HF9Dbr8lyKx151_3sodRH0snA
Date: Sat, 17 Dec 2022 08:07:41 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C916
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEAPEc2jrumx2cnIeSodDyyY&google_cver=1&google_push=AavPq0MrLcQWWn9W1LdR4I3xEHGlc_FAmztnlCJlZkL9PsG8422jouLfMMtP1HhHHnGY2FgvaVbNLYp7juE2mxokmjmyPVT...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MrLcQWWn9W1LdR4I3xEHGlc_FAmztnlCJlZkL9PsG8422jouLfMMtP1HhHHnGY2FgvaVbNLYp7juE2mxokmjmyPVTy6LY1Lw

170 B
188 B

89ms
89ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MrLcQWWn9W1LdR4I3xEHGlc_FAmztnlCJlZkL9PsG8422jouLfMMtP1HhHHnGY2FgvaVbNLYp7juE2mxokmjmyPVTy6LY1Lw

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MrLcQWWn9W1LdR4I3xEHGlc_FAmztnlCJlZkL9PsG8422jouLfMMtP1HhHHnGY2FgvaVbNLYp7juE2mxokmjmyPVTy6LY1Lw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C916 0
12 B 57ms
55ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JxwiFnceOmH3BWQp9H9Nlri8FOGvAL8UDXVu8zApzZWSxyJqiAPmNt-Cd2OVw3_7OCkvfw

Requested by

Host: c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
URL: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 756B 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 18:33:48 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 89C7 38 KB
14 KB 47ms
46ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459066,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=81164
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Sat, 17 Dec 2022 08:07:41 GMT
expires: Sun, 18 Dec 2022 06:40:25 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 21AC 38 KB
14 KB 52ms
51ms Script
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459066,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:41 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=81164
accept-ranges: bytes
content-length: 13968
expires: Sun, 18 Dec 2022 06:40:25 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B6D7 43 B
215 B 116ms
113ms Image
image/gif 2600:1f18:1aca:4281:68f:8ebb:736f:849f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=92e7157d-3903-df01-b2b9-5aa040562eb5&tv=%7Bc:x2uJEA,pingTime:-10,time:866,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671264459675%7C%7Ca2b9af3d137002f7501901393a208f5d%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7C077a3203fb2e48c31c7ec4b60c962730%7C%7C53e5874f0bd508e000c291b5a3c6f729%7C%7Ca9831ec00b5d0768ec00c4ba7cdf7aef%7C%7C3c38f70da25b4ba2ef5b85ebf597be73%7C%7C41a40e642cdd54e99e2f0f4c0bd0778a%7C%7C1663701684,sca:%7Bspg:9d7d88cb-1a33-1b1a-7ba4-5e44f4fa56ee%7D%7D
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:68f:8ebb:736f:849f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0DE7 0
0 71ms
71ms Fetch
image/gif 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuzrem2kibKrgKYjOtb97fw4xOVXnFkEUqAKWNqpxRyJM7VSEK3O7rxQ7cu7kS_9SXWFiH89lQmcvNvodJq7R6c2tw3ztLcvdxJrIzphsg-9QwThn79UpZG7f4g9DoxWh7vLhiwugbpghN1kkvCIiYstBGG5VcdJk9aBs&sai=AMfl-YQPyU3J7Aa4ZIl7Xk3Gjs8YVHPjhnQf1RuuNqyBOOxDylurG5edRjCrjfWNd4VhJiqMdK3GpOuwzCdePY5Z1LdEru5JCp83MctfDpGD&sig=Cg0ArKJSzG8oK0m97ljLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=136&vt=11&dtpt=135&dett=2&cstd=0&cisv=r20221207.55604&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Dec 2022 08:07:41 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 89C7 2 KB
2 KB 29ms
29ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20792895&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 88d24f7443502064d5fd35dc85736f7f1a6d4ef66642ca12e3f19ce37a89b2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 17 Dec 2022 08:07:39 GMT
content-length: 1984
content-type: text/html; charset=UTF-8

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame CF72
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jvYUeY_9TnyV804kiPAALo6gHySV_UkqivC6rkMt

42 B
418 B

28ms
28ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jvYUeY_9TnyV804kiPAALo6gHySV_UkqivC6rkMt
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 17 Dec 2022 08:07:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sat, 17 Dec 2022 08:07:41 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jvYUeY_9TnyV804kiPAALo6gHySV_UkqivC6rkMt
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3E24
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7178026198688790683&gdpr=0&gdpr_consent=

42 B
323 B

35ms
35ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7178026198688790683&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 17 Dec 2022 08:07:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Sat, 17 Dec 2022 08:07:41 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7178026198688790683&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET

redir
rtb-csync.smartadserver.com/ Frame 645C
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDcUJFN0hPdklBQUI5dlQ2OUx6dw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACqBE7HOvIAAB9vT69Lzw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...

0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 835D
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WjomeRqfQjtRmQiNFeo4pdly2hY

42 B
296 B

35ms
34ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WjomeRqfQjtRmQiNFeo4pdly2hY
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 17 Dec 2022 08:07:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Sat, 17 Dec 2022 08:07:41 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WjomeRqfQjtRmQiNFeo4pdly2hY

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 427F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y514ywAAALNDNgAZ&gdpr=0&gdpr_consent=

1 B
240 B

34ms
34ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y514ywAAALNDNgAZ&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sat, 17 Dec 2022 08:07:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Sat, 17 Dec 2022 08:07:41 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y514ywAAALNDNgAZ&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220032-HHN
x-timer: S1671264462.590415,VS0,VE0

GET match
a.audrte.com/ Frame 89C7 0
0

GET

info2
uipglob.semasio.net/pubmatic/1/ Frame 89C7
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=280CD529-6208-45F6-8529-B0BE05611F49&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=280CD529-6208-45F6-8529-B0BE05611F49&sInitiator=external&gdpr=0&gdpr_consent=

0
0

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 89C7
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=280CD529-6208-45F6-8529-B0BE05611F49&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=280CD529-6208-45F6-8529-B0BE05611F49&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=280CD529-6208-45F6-8529-B0BE05611F49&addseg=19,36,42

0
0

128ms
30ms

Image
application/json

185.64.189.229
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=280CD529-6208-45F6-8529-B0BE05611F49&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date: Sat, 17 Dec 2022 08:07:41 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=280CD529-6208-45F6-8529-B0BE05611F49&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET

/
loada.exelator.com/load/ Frame 89C7
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=280CD529-6208-45F6-8529-B0BE05611F49&gdpr=0&gdpr_consent=
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0

0
0

GET

sync
a.sportradarserving.com/ Frame 89C7
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

0
0

GET
H2 200 280CD529-6208-45F6-8529-B0BE05611F49
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 89C7 43 B
601 B 51ms
49ms Image
image/gif 2a05:d018:d29:3605:749a:6a0e:3033:c14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/280CD529-6208-45F6-8529-B0BE05611F49?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:749a:6a0e:3033:c14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 89C7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=280CD529-6208-45F6-8529-B0BE05611F49&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9tFavHZE2uWwfCq5DXoOj__fGZPDpoc-~A&gdpr=0&gdpr_consent=

0
260 B

132ms
28ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9tFavHZE2uWwfCq5DXoOj__fGZPDpoc-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:39 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9tFavHZE2uWwfCq5DXoOj__fGZPDpoc-~A&gdpr=0&gdpr_consent=
date: Sat, 17 Dec 2022 08:07:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 89C7 0
104 B 220ms
83ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=280CD529-6208-45F6-8529-B0BE05611F49&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 89C7 0
191 B 119ms
30ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 756B 0
20 B 72ms
71ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzVCpzXidY5aTD8TA9u8P3MuKmA0AAAAAOAHgBAI&bg=!LyylLGjNAAYgquz3AKo7ACkAdvg8WnscD5leomb6Z4yrZzcZ_e6u_Ft-9CoRZFJaOFX5KCBPtqTH5QIAAAB2UgAAAAJoAQeZAxm_nnDi1g6y0zyG7ugKWBL8vBn9N-YLALfvGSV03A0rEmDIQtlBB6VuRbbbkY09JY2BIyeKnH1Lp2khW7y5_QaH2n453qK0HXobUKZb5-G4nlOqvADv8ApziVbIg3ED2jbkDtuQzLDmaBLJnBJPmEOOi7Ou7KP6t3czsrjMPZePK46OJ9N28PT9SbvilV3WZSUJJUu0Z0zk6hDxkrktWnVxgedC0H33ULdOYkvKgv3yqj0TgR76FWjLtN2MTZiXAeQCPY-icN2ZaBKLYdvoH75_0oNI6R4PhahjPEV3A1y6cqimPuJcpi7oxgMxqTrppW2Ow40eqC2kY9jY-0XFJfOxZwMxn0OZAH2IxhNa8Gi5VdjobC4nf_FQHb667Ny-4DdP6Kc7ZatOM_HnPQR9gOPNbB-jEwM_VUo65VEiLgigIDpbDm2DmA39NnHxQUn_oAWT0vFCj-UWcn9OAqHHVtlvHonQvXCPAZseCwBhDLWD8scsVz31vplH3BiOrK_DC5ZPkudckqGkk-d4jzjrPRRymlgd5cBy7TQD40pWlBE9KENUNIVd2trcgvi5wet7V3T4d1vVCc7kJRiSnnqdg8SjqE6otSmD6_tciKLOk1xq_Lvv-qadaPSB1ESOvWZiSLhMldkgp6-QqNR1ecsoeeaWgaEf9RLhzJRLVfMtFajIqzkKX-IewyVgrr14nM92Pmw0iw0c-u9zVpLXZzp3J9TAHGYbvT4Wy92_l0fYqVtrcHBuA8oF63-4fnMfyy7acjcX4skKhKACiIS53yG8YvTqyFrUaePhPkLB_fJaRQNPdTf2a55EUbPxsPjI-hOf6KHqjvMGl0dMZUUI3tX7nKZhmoIKfW4A0HQwWeYsyW2qioFDfXAn6Xn_eNGu4_kfsxPXo0JjhZB8GF9dFGyZrKsJrIrrRQ48I0GlCVjCHAaQMbHO-SfkMYLUpZmJqhYXLPrfmKOoV5zGesMBlwTmrTZ8p5o_hCU2qASKLNTffC0Aa1IZggAVmHSeYksJPEVHLb5KwPVq0IZyb4c2Hohb9nGiWUq2oy20b_4O

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B6D7 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstydWSyBUoCxJfa0An3nYWOKcmrXPq3xdfd9oEmREYnP2Trs9CEQ8tMQbtWO-VSc2iB6Tz-XNkTu1MBLzk34pKDbZw8fj87-ZS-S1ef6wlESicblUUWNXeWLzvJAuO853fpSFJz2A&sai=AMfl-YTJv76ej-OL6lcj0HPMDeJyjs0tWfT1zQN-7Vzv-leEmdoxM2b7VPD0jF4LXJtG_j8VZOOtGlFN_A9jKPRLI2mca71BelaJm7y8NhpfsxLAV9XfU1FN9AYpm9KSzQ&sig=Cg0ArKJSzHEzfpXk9MRiEAE&cid=CAQSOwDq26N9A3P5KuK6rSF9vJ3eQfdtg761NxuMe6lZFpSWSek0Gbat98Dv01_8dBqdI4GB9DRgWuwQvtlOGAEgEw&id=lidar2&mcvt=1000&p=511,275,601,1003&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1811199381&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671264460296&rpt=375&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B6D7 43 B
215 B 129ms
128ms Image
image/gif 2600:1f18:1aca:4281:68f:8ebb:736f:849f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=92e7157d-3903-df01-b2b9-5aa040562eb5&tv=%7Bc:x2uJKF,pingTime:1,time:1243,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:142%7D,%7Bpiv:0,vs:o,r:l,t:176%7D,%7Bpiv:100,vs:i,r:,t:195%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1048,o:195,n:176,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B48~1,0~0%5D,as:%5B48~728.90%5D%7D%7D,%7Bsl:o,t:176,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B18~0%5D,as:%5B18~728.90%5D%7D%7D,%7Bsl:i,t:195,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1048~100%5D,as:%5B1048~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:123,fm:tqg7lPH+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b.1203349-67009481%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d111%7C1d112%7C1d113%7C1d114%7C1d115%7C1e1%7C1e21%7C1e3%7C1f*.925113%7C1f1%7C1f2%7C1f3,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:143,sis:216%7D&br=c
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:68f:8ebb:736f:849f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B6D7 43 B
215 B 116ms
115ms Image
image/gif 2600:1f18:1aca:4281:68f:8ebb:736f:849f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=92e7157d-3903-df01-b2b9-5aa040562eb5&tv=%7Bc:x2uJKF,pingTime:1,time:1243,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:142%7D,%7Bpiv:0,vs:o,r:l,t:176%7D,%7Bpiv:100,vs:i,r:,t:195%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1048,o:195,n:176,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B48~1,0~0%5D,as:%5B48~728.90%5D%7D%7D,%7Bsl:o,t:176,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B18~0%5D,as:%5B18~728.90%5D%7D%7D,%7Bsl:i,t:195,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1048~100%5D,as:%5B1048~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:123,fm:tqg7lPH+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b.1203349-67009481%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d111%7C1d112%7C1d113%7C1d114%7C1d115%7C1e1%7C1e21%7C1e3%7C1f*.925113%7C1f1%7C1f2%7C1f3,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:143,sis:216,metricId:publ1,cmr:t%7D&br=c
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:68f:8ebb:736f:849f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B6D7 43 B
215 B 115ms
115ms Image
image/gif 2600:1f18:1aca:4281:68f:8ebb:736f:849f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=92e7157d-3903-df01-b2b9-5aa040562eb5&tv=%7Bc:x2uJKG,pingTime:1,time:1244,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:142%7D,%7Bpiv:0,vs:o,r:l,t:176%7D,%7Bpiv:100,vs:i,r:,t:195%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1049,o:195,n:176,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B48~1,0~0%5D,as:%5B48~728.90%5D%7D%7D,%7Bsl:o,t:176,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B18~0%5D,as:%5B18~728.90%5D%7D%7D,%7Bsl:i,t:195,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1049~100%5D,as:%5B1049~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:123,fm:tqg7lPH+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b.1203349-67009481%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d111%7C1d112%7C1d113%7C1d114%7C1d115%7C1e1%7C1e21%7C1e3%7C1f*.925113%7C1f1%7C1f2%7C1f3,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:143,sis:216,metricId:grpm1,cmr:t%7D&br=c
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:68f:8ebb:736f:849f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:41 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 21AC 27 B
479 B 36ms
35ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459066,,&us_privacy=&cb=1671264461450&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fpelotainvernal.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fpelotainvernal.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-12-17%208:7:41&ranreq=0.5955182274176534&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264459066,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:41 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://pelotainvernal.com
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 track
st.pubmatic.com/ Frame 21AC 0
49 B 27ms
27ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671264462&wa=0&vadsId=-1&e=95&vc=2
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 2812 0
152 B 116ms
115ms XHR
text/plain 18.218.58.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=b0e41bd3&ps_id=356921&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.58.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-58-137.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
access-control-allow-methods: GET, OPTIONS

GET
H2 200 track
st.pubmatic.com/ Frame 2812 0
49 B 27ms
27ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671264461&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 90ms
89ms XHR
application/json 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f4da9e6b8cb335c335141503a6145613eb920e582cc71634e8d5dfad44a232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11305
x-xss-protection: 0

POST
H2 200 t Show response
t.lkqd.net/ Frame 56E6 0
166 B 112ms
112ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:42 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 106ms
106ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:42 GMT
server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 172ms
172ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 08:07:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1578 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 151911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 13:55:51 GMT
expires: Fri, 15 Dec 2023 13:55:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 169A 783 B
534 B 33ms
32ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

43d9aeb281645742f8885bf52021dd14c292cd6409ebed9e59f70463a2649ada

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kq3kqmnMpypbtGBAER49Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Kq3kqmnMpypbtGBAER49Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 08:07:42 GMT
expires: Sat, 17 Dec 2022 08:07:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 169A 0
0 68ms
68ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3050005988402424&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 1578 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 18:33:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0DE7 42 B
64 B 68ms
67ms Fetch
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDtFfAxduUIaNEFyvM64FgN8qtq5oKq144b-9G7h92ILic8eUf_bevlS9k-OigHOC4fARjp-ry6JfZboo1OX081e4CAT_4&sig=Cg0ArKJSzBThn6tdXE-4EAE&id=lidar2&mcvt=1003&p=0,0,600,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=4188270516&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671264460291&rpt=1184&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0DE7 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstztgvSNv2_6nGbeZ7gf1ln6uBwq0ldsoLGQPaIlwtVixwalxMyOevZmajnIkoTyORpc3rPIspetzC9MSEOEyqRMKXlq383QpcWLAeH_lsU5lhUfKMc0Zyhl1Gu&sai=AMfl-YRzGXMEuwkjixGE2vugNgCebSypUBF9xCBow_KhYmljZsZLi3ab2siKCTG-JBMwGgIoneTdE9OGQtCOg1GGzrUBIDi0WA98BQJO8CHbjgWMOoh0JEmGe3LjMN509w&sig=Cg0ArKJSzHBNfs4xim1SEAE&cid=CAQSOwDq26N9A3P5KuK6rSF9vJ3eQfdtg761NxuMe6lZFpSWSek0Gbat98Dv01_8dBqdI4GB9DRgWuwQvtlOGAEgEw&id=lidar2&mcvt=1007&p=574,1149,1178,1449&mtos=0,1007,1007,1007,1007&tos=0,1007,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=2344183488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671264460291&rpt=1180&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1578 0
12 B 35ms
34ms Image
text/plain 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?URfazQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 ad Show response
v.lkqd.net/ Frame 3482 2 KB
2 KB 113ms
113ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=9633316&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 23d51b054f018a0f69fddc44bcb648cb716507ba55a991d8c28e0c09f7e1d6c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:42 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1404

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 40B1 230 KB
61 KB 26ms
26ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:42 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1671264462.cds216.fr8.hn,1671264462.cds253.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 9DD8 4 KB
2 KB 25ms
25ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Sat, 17 Dec 2022 08:07:42 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671264462.cds216.fr8.hn,1671264462.cds226.fr8.c

POST
H2 200 ad Show response
v.lkqd.net/ Frame 40B1 30 KB
4 KB 156ms
156ms XHR
application/json 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=9633316&m=&rtv=1&thost=pelotainvernal.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c61627ee3d76cba414ec45b1d42a0cec31155b006ced7bc775f574b84ac4d7d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Dec 2022 08:07:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3909

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 107ms
107ms Preflight 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=9633316&m=&rtv=1&thost=pelotainvernal.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Sat, 17 Dec 2022 08:07:42 GMT
server: nginx

GET
H2

200

cs
cs.lkqd.net/ Frame 9DD8
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1e434d1f-99a5-4230-a206-5436e12638b4

43 B
308 B

106ms
106ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1e434d1f-99a5-4230-a206-5436e12638b4
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:43 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1e434d1f-99a5-4230-a206-5436e12638b4
date: Sat, 17 Dec 2022 08:07:42 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 9DD8 43 B
308 B 106ms
106ms Image
image/gif 146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9DD8 43 B
308 B 107ms
107ms Image
image/gif 146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 9DD8
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722

43 B
308 B

106ms
106ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 9DD8
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WjomeRqfQjtRmQiNFeo4pdly2hY

43 B
308 B

106ms
106ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WjomeRqfQjtRmQiNFeo4pdly2hY
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:43 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WjomeRqfQjtRmQiNFeo4pdly2hY
Date: Sat, 17 Dec 2022 08:07:42 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

POST
H2 200 t Show response
t.lkqd.net/ Frame CBF4 0
166 B 112ms
112ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
106ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:43 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
70ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3050005988402424&bg=!cHOlczfNAAYgquz3AKo7ACkAdvg8Wru4sH_nrU62wZBKMTgO4wafpe-zC8zhWHYOXmfAONW_a9cEEAIAAABgUgAAAAVoAQcKAJktmeSZ-jJ0qsG9sV9C7MWC9E7K9Pir7Vr1YljJoU6l3hRsqYA2-IqndwuWRbPqISNuUSTBtBeyyCm_3Zhmc6Tb6KyY-0JmzY4NOqbldRr2HrQdLhpm8_tVAbf43z0ui6h7aIb0dngqU_VY9iz-BDajT06mh7-4eA-GzTq_wGqSgmWbbyO-uXiWQ9T1nHX2p7NTv-n-SLjiaaKZAuED3_opqaZ29ostEYyCMPHt6f7Eq4Hf_6XnJ-1OGUJ3gykVt469lP7uxMaErgrJT8-MI9rM8OQjgFyGBJnn40wngwNtUvcdXF-qZNYCg9LBuDlwi24B_XIf8fqfxf6XyjZhUuuHAp9lyCGRMwYUCaE0fkuKxc5tT0Cpcy95hzpfzN27ORJG2qNdzWmHQIjS6DVtvA0YfTQQTmp7ikUF2DdB6VvX4ObtaDd9o7WlSi-UZ4bJTCCwemjNacanYWBqPkJwfKrYTeEQ7CJPVbeDJFuYpqXSQr6csDy9_oAumP50C5gEiC3BZTH2SOXwAl8i33X8Jtw_HrWKRmjTk7FmIQgAchWnE_4kugBBtTJBjNn_YApnz7P_ERDksviNwErINSITtTVLEiITdTa4gHbPqPxIATnijymTIoley5uyAV2mA6-vRN8mmzm4tsLIaWh1Uz3edMwfkYIqP55Ke0C_oNAjV4PeqInIemw5UnhUZzeCrfFzZWtjI5Df5v54DqOSkXBcCuFY0Nx7RshJJX2qtwIH9JKJku1p_lajh5eoTRV9xPTt0OFzeF-tv-8naSC98GgrHWhajRmcw8edYiZjvIWzOhKX5GM4Q3gmBgokKV75f8d_CiM8vYMQ2E-IsM-MH9w9IPu-Unmcg7pdTWygHqzUoPWncEevgt5_2EzAjG3M7HTddhfwG-Suwx_dS6b6VJqWO72FkxIS-ITv1wkIsHeq0jCikpt-P7hIBN7n4m1e96tIbbPa2YVT-LpsLLuA6WUUhM8OzfVeTgwivkZRMUACPEliS9ojLe-P6rVcDc_6rr0WCsCOgwIwljR78VENmjmq6rQAqTM3zYE2CaZeMT-3RVzvStbbtliHEMyGkQq5XjymS0RaCv_MfTTZsIovU-GdeOxzkOzmUSnSjkIcY33ht6i051gGtHMQk-jxm5JVP74iZWYGNz9UuOc4IXBGzPQ9DCoHtohN6tuBSyHkarO4VQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 39ms
39ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fpelotainvernal.com%2F&cb=1708039164&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C87766961978952390981190398285%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:43 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.004381
X-SpotX-Timing-Transform: 0.000260
Content-Encoding: gzip
X-SpotX-Timing-SpotMarket: 0.004381
X-SpotX-Timing-Page-Require: 0.000419
X-fe: 085
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.003453
X-SpotX-Timing-Page-Cookie: 0.000027
Content-Length: 79
X-SpotX-Timing-Page: 0.009119
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000330
Last-Modified: Sat, 17 Dec 2022 08:07:43 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://pelotainvernal.com
X-SpotX-Timing-Page-Exception: 0.000000
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000008
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-Mux: 0.000241
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 831 B
1 KB 52ms
52ms XHR
application/xml 2.18.79.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C8776696197895239098260109353%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ad0285da14aa75a410d2015198062e7fa2ba9f1a1d3363c6ce9ab80beec83804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:43 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 831
x-sticky-vk: 1671264463078052-553
Expires: Sat, 17 Dec 2022 08:07:43 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:43 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame CBF4 0
166 B 113ms
112ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 40B1 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 vpaid_f51ac984.js Show response
vpaid.springserve.com/production/ Frame CD93 506 KB
89 KB 38ms
37ms Script
application/javascript 2600:9000:2304:9200:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:9200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 17:09:30 GMT
content-encoding: br
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Tue, 06 Dec 2022 22:05:17 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 831494
etag: W/"b030ae2df4f66a78701be0f4e1a3a52f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-id: 5l09ZxmXHhTkOqe499hXjW-tlCB9ZZLKzlVfOOS_HPlJ-CQIPNmkdA==

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 106ms
106ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:43 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame CBF4 0
166 B 112ms
112ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame CD93 978 B
850 B 39ms
39ms XHR
application/xml 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264463023,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 07acc2681f432e300cfee25f15b1e16019a1566d55120ef4f78cd21454ddc5eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:43 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 603
expires: Sat, 17 Dec 2022 08:07:43 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 75C8 158 KB
37 KB 36ms
36ms Script
application/javascript 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264463023,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:43 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 06:03:39 GMT
server: Apache
etag: "277a2-5e7fbf52bc8c8-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38047

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5E43 38 KB
14 KB 37ms
37ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264463023,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=81162
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Sat, 17 Dec 2022 08:07:43 GMT
expires: Sun, 18 Dec 2022 06:40:25 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 75C8 38 KB
14 KB 42ms
41ms Script
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264463023,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:43 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=81162
accept-ranges: bytes
content-length: 13968
expires: Sun, 18 Dec 2022 06:40:25 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5E43 2 KB
2 KB 29ms
29ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14529667&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3c1197af85f97be1d7c68c2725b022938242d26124bc9ad2580f86ff88d6e8a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 17 Dec 2022 08:07:42 GMT
content-length: 1871
content-type: text/html; charset=UTF-8

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 637F 35 B
468 B 44ms
44ms Document
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=280CD529-6208-45F6-8529-B0BE05611F49&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sat, 17 Dec 2022 08:07:43 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0B27
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

148ms
148ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 17 Dec 2022 08:07:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Sat, 17 Dec 2022 08:07:43 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET

i.match
s.tribalfusion.com/z/ Frame 2484
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

0
0

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 26D4 43 B
283 B 251ms
28ms Document
image/gif 63.251.232.165
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Sat, 17 Dec 2022 08:07:43 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-9

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 8FFB
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1671264463650
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4056150493

70 B
264 B

46ms
46ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4056150493
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sat, 17 Dec 2022 08:07:43 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Sat, 17 Dec 2022 08:07:43 GMT
etag: RX0470f075a5c4440490cbaa2d6d9f0136003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4056150493
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame BB4F 43 B
279 B 298ms
41ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Sat, 17 Dec 2022 08:07:43 GMT
Vary: Accept-Encoding
X-adserver-worker: ragnarok-ed97b4e82c0c@version_1.531
X-core-time: 1ms
X-server-arch: v2

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame DD91 0
0 233ms
28ms Document
text/plain 162.55.120.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.120.55.162.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Sat, 17 Dec 2022 08:07:43 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

404

gdpr_consent= Show response
sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/ Frame 1181
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...

49 B
265 B

48ms
48ms

Document
image/gif

34.252.235.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznVhYWYRRTMnhMMVR
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 49
content-type: image/gif
date: Sat, 17 Dec 2022 08:07:43 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.10.109

Redirect headers

content-length: 0
location: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznVhYWYRRTMnhMMVR

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 5E43
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=132d639d-78cd-4100-bd71-bacb350a17e7

0
128 B

154ms
153ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=132d639d-78cd-4100-bd71-bacb350a17e7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:43 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 17 Dec 2022 08:07:43 GMT
Server: MT3 254 34fcae8 master zrh-pixel-x11 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=132d639d-78cd-4100-bd71-bacb350a17e7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 17 Dec 2022 08:07:42 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5E43
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7593657138415183722&gdpr=0&gdpr_consent=&us_privacy=

1 B
255 B

158ms
158ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7593657138415183722&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 17 Dec 2022 08:07:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7593657138415183722&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5E43
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:77aba6bb-b021-44a0-827b-6296dbf52548&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

35ms
35ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:77aba6bb-b021-44a0-827b-6296dbf52548&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 17 Dec 2022 08:07:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:77aba6bb-b021-44a0-827b-6296dbf52548&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sat, 17 Dec 2022 08:07:43 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5E43
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=680161537510071120

42 B
95 B

34ms
34ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=680161537510071120
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 17 Dec 2022 08:07:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 17 Dec 2022 08:07:43 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1c50b67a-0c4c-4e06-9db0-e5addc22a109
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=680161537510071120
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 75C8 27 B
456 B 35ms
34ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264463023,,&us_privacy=&cb=1671264463339&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fpelotainvernal.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fpelotainvernal.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-12-17%208:7:43&ranreq=0.924813818882614&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264463023,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:43 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://pelotainvernal.com
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 track
st.pubmatic.com/ Frame 75C8 0
49 B 27ms
27ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671264464&wa=0&vadsId=-1&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame CD93 0
152 B 116ms
114ms XHR
text/plain 18.218.58.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=e6719141&ps_id=356921&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.58.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-58-137.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
access-control-allow-methods: GET, OPTIONS

GET
H2 200 track
st.pubmatic.com/ Frame CD93 0
49 B 27ms
27ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671264463&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:44 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame CBF4 0
166 B 113ms
112ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:44 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 3482 2 KB
2 KB 115ms
115ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=7794502&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 3779a47780ee66db6d88fc894c7c59c2cbcabc16bd924dbc98838e128d11c9a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:44 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1399

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame D276 230 KB
61 KB 25ms
25ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:44 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1671264464.cds216.fr8.hn,1671264464.cds253.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 56C1 4 KB
2 KB 25ms
25ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Sat, 17 Dec 2022 08:07:44 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671264464.cds216.fr8.hn,1671264464.cds226.fr8.c

POST
H2 200 ad Show response
v.lkqd.net/ Frame D276 38 KB
4 KB 163ms
163ms XHR
application/json 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=7794502&m=&rtv=1&thost=pelotainvernal.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c8cf549c868830964613226f448ced0de6ac59d42b22f359ca265e6bfca44d0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Dec 2022 08:07:44 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4190

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 107ms
107ms Preflight 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=7794502&m=&rtv=1&thost=pelotainvernal.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Sat, 17 Dec 2022 08:07:44 GMT
server: nginx

GET
H2

200

cs
cs.lkqd.net/ Frame 56C1
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=acf8bbe4-0986-4c88-83b1-e5ee17a27290

43 B
308 B

106ms
106ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=acf8bbe4-0986-4c88-83b1-e5ee17a27290
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:44 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=acf8bbe4-0986-4c88-83b1-e5ee17a27290
date: Sat, 17 Dec 2022 08:07:44 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 56C1 43 B
308 B 108ms
107ms Image
image/gif 146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:44 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 56C1 43 B
308 B 106ms
106ms Image
image/gif 146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:44 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 56C1
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722

43 B
308 B

107ms
107ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:44 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7593657138415183722
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 56C1
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WjomeRqfQjtRmQiNFeo4pdly2hY

43 B
308 B

106ms
106ms

Image
image/gif

146.20.132.117
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WjomeRqfQjtRmQiNFeo4pdly2hY
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.117 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:44 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WjomeRqfQjtRmQiNFeo4pdly2hY
Date: Sat, 17 Dec 2022 08:07:44 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 0586 0
166 B 113ms
112ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:45 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 106ms
106ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:44 GMT
server: nginx

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 41ms
41ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fpelotainvernal.com%2F&cb=270092577&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C1146227611090399239863001792%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 08:07:45 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.004979
X-SpotX-Timing-Transform: 0.000338
Content-Encoding: gzip
X-SpotX-Timing-SpotMarket: 0.004979
X-SpotX-Timing-Page-Require: 0.000436
X-fe: 118
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.004112
X-SpotX-Timing-Page-Cookie: 0.000024
Content-Length: 79
X-SpotX-Timing-Page: 0.010476
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000335
Last-Modified: Sat, 17 Dec 2022 08:07:45 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://pelotainvernal.com
X-SpotX-Timing-Page-Exception: 0.000000
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000009
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-Mux: 0.000243
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 832 B
1 KB 51ms
50ms XHR
application/xml 2.18.79.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C11462276110903992391649816507%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 20a1cdacfe2eb555821271aaa4199a9b5c2244b76ff3ab8d967909f5144f9f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 08:07:45 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 832
x-sticky-vk: 1671264464966054-558
Expires: Sat, 17 Dec 2022 08:07:45 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
106ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:45 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 0586 0
166 B 113ms
112ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:45 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame D276 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 vpaid_f51ac984.js Show response
vpaid.springserve.com/production/ Frame 4691 506 KB
89 KB 36ms
35ms Script
application/javascript 2600:9000:2304:9200:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:9200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 17:09:30 GMT
content-encoding: br
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Tue, 06 Dec 2022 22:05:17 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 831496
etag: W/"b030ae2df4f66a78701be0f4e1a3a52f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-id: Gq5lw59nKZ6S1WAdQmU9QXbkGcuXubqC7e5csKe8TJKqCfjhrsu53g==

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 4691 978 B
850 B 36ms
35ms XHR
application/xml 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e34578da52d9ebd0068921fdc89974b432b4098637c6c0fb3fa4c21dc5ec1df7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:45 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 603
expires: Sat, 17 Dec 2022 08:07:45 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
106ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:45 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 0586 0
166 B 112ms
112ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:45 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame C6E1 158 KB
37 KB 36ms
36ms Script
application/javascript 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:45 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 06:03:39 GMT
server: Apache
etag: "277a2-5e7fbf52bc8c8-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38047

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5AE3 38 KB
14 KB 44ms
43ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=81160
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Sat, 17 Dec 2022 08:07:45 GMT
expires: Sun, 18 Dec 2022 06:40:25 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C6E1 38 KB
14 KB 49ms
49ms Script
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:45 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=81160
accept-ranges: bytes
content-length: 13968
expires: Sun, 18 Dec 2022 06:40:25 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5AE3 551 B
874 B 29ms
29ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95476010&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ca1d30a17989f17c2ef0d2beed8e07699074734dc785a7c53187118d5476fe0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 17 Dec 2022 08:07:45 GMT
content-length: 551
content-type: text/html; charset=UTF-8

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 4721 0
0

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 225A 43 B
213 B 57ms
30ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Sat, 17 Dec 2022 08:07:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame FFF5
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0DBD4F893D4F4D98A323225492AEFE7C&gdpr=0&gdpr_consent=

1 B
53 B

35ms
35ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0DBD4F893D4F4D98A323225492AEFE7C&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sat, 17 Dec 2022 08:07:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Sat, 17 Dec 2022 08:07:45 GMT
expires: Fri, 16 Dec 2022 08:07:45 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0DBD4F893D4F4D98A323225492AEFE7C&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame C6E1 27 B
456 B 35ms
34ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,&us_privacy=&cb=1671264465205&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fpelotainvernal.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fpelotainvernal.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-12-17%208:7:45&ranreq=0.28546687228859047&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:45 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://pelotainvernal.com
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B6D7 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4281:68f:8ebb:736f:849f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=92e7157d-3903-df01-b2b9-5aa040562eb5&tv=%7Bc:x2uKMq,pingTime:5,time:5196,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:142%7D,%7Bpiv:0,vs:o,r:l,t:176%7D,%7Bpiv:100,vs:i,r:,t:195%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5001,o:195,n:176,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B48~1,0~0%5D,as:%5B48~728.90%5D%7D%7D,%7Bsl:o,t:176,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B18~0%5D,as:%5B18~728.90%5D%7D%7D,%7Bsl:i,t:195,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:131,fm:tqg7lPH+11%7C121%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C19%7C1a1%7C1a2%7C1b.1203349-67009481%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d111%7C1d112%7C1d113%7C1d114%7C1d115%7C1e1%7C1e21%7C1e3%7C1f*.925113%7C1f1%7C1f2%7C1f3,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:143,sis:216%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:68f:8ebb:736f:849f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:45 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 track
st.pubmatic.com/ Frame C6E1 0
49 B 27ms
27ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671264466&wa=0&vadsId=-1&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 4691 0
152 B 116ms
115ms XHR
text/plain 18.218.58.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=3c396d7a&ps_id=357265&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.58.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-58-137.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:45 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
access-control-allow-methods: GET, OPTIONS

GET
H2 200 track
st.pubmatic.com/ Frame 4691 0
49 B 28ms
27ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671264465&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 vpaid_f51ac984.js Show response
vpaid.springserve.com/production/ Frame 3978 506 KB
89 KB 36ms
35ms Script
application/javascript 2600:9000:2304:9200:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:9200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 17:09:30 GMT
content-encoding: br
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Tue, 06 Dec 2022 22:05:17 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 831496
etag: W/"b030ae2df4f66a78701be0f4e1a3a52f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-id: 5BsvEmcO13aFwGPgUzFcpFa5K0H2N-jWUn99MCGkQCCa-Sw8Zc0gjQ==

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 3978 978 B
850 B 36ms
35ms XHR
application/xml 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d4cb7e8709105c5ad2548d4e71166dc6d33ea3829b84a31899e1dce50fb78fc8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 08:07:46 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 603
expires: Sat, 17 Dec 2022 08:07:46 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 6474 158 KB
37 KB 37ms
37ms Script
application/javascript 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:46 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 06:03:39 GMT
server: Apache
etag: "277a2-5e7fbf52bc8c8-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38047

POST
H2 200 t Show response
t.lkqd.net/ Frame 0586 0
166 B 114ms
113ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:46 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:46 GMT
server: nginx

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 42EB 38 KB
14 KB 43ms
42ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=81159
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Sat, 17 Dec 2022 08:07:46 GMT
expires: Sun, 18 Dec 2022 06:40:25 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6474 38 KB
14 KB 37ms
36ms Script
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:46 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=81159
accept-ranges: bytes
content-length: 13968
expires: Sun, 18 Dec 2022 06:40:25 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 42EB 47 B
167 B 31ms
31ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59801365&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 17 Dec 2022 08:07:45 GMT
content-length: 47
content-type: text/html; charset=UTF-8

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 6474 27 B
456 B 35ms
34ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,&us_privacy=&cb=1671264466132&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fpelotainvernal.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fpelotainvernal.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-12-17%208:7:46&ranreq=0.40307620724846127&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671264464906,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 08:07:46 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://pelotainvernal.com
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 track
st.pubmatic.com/ Frame 6474 0
49 B 28ms
27ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671264467&wa=0&vadsId=-1&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 3978 0
152 B 115ms
114ms XHR
text/plain 18.218.58.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=9292e8c5&ps_id=356921&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.58.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-58-137.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:46 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
access-control-allow-methods: GET, OPTIONS

GET
H2 200 track
st.pubmatic.com/ Frame 3978 0
49 B 27ms
27ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671264466&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 17 Dec 2022 08:07:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

POST
H2 200 t Show response
t.lkqd.net/ Frame 0586 0
166 B 112ms
112ms XHR
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Sat, 17 Dec 2022 08:07:46 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 106ms
106ms Preflight
text/plain 146.20.128.203
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.203 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 17 Dec 2022 08:07:46 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACqBE7HOvIAAB9vT69Lzw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=280CD529-6208-45F6-8529-B0BE05611F49

Domain: uipglob.semasio.net
URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=280CD529-6208-45F6-8529-B0BE05611F49&sInitiator=external&gdpr=0&gdpr_consent=

Domain: loada.exelator.com
URL: https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0

Domain: a.sportradarserving.com
URL: https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

98 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
s.pelotainvernal.com/	1970-01-20 08:24:29	Name: AWSALB Value: 6LCQqGGnemvERwTXXOA8XYeC/S2veOk4kNNJ+FkzvwxmFRS3lQISi113bvljhXmGu8KXinvWsZ1Tm5FlupdPk7tRJcHNIj7owLCHcgb8MD5fd8r2jctomsH5+lcw
s.pelotainvernal.com/	1970-01-20 08:24:29	Name: AWSALBCORS Value: 6LCQqGGnemvERwTXXOA8XYeC/S2veOk4kNNJ+FkzvwxmFRS3lQISi113bvljhXmGu8KXinvWsZ1Tm5FlupdPk7tRJcHNIj7owLCHcgb8MD5fd8r2jctomsH5+lcw
.pelotainvernal.com/	1970-01-20 17:36:00	Name: __gads Value: ID=4bdb7ed821fe63f1:T=1671264457:S=ALNI_MZtHwsWcpycohopM3y1kKfZ58IHFg
.pelotainvernal.com/	1970-01-20 17:36:00	Name: __gpi Value: UID=00000b939dc21876:T=1671264457:RT=1671264457:S=ALNI_MZDXafVZaUAeVRTcua26QY-Blf7_g
pelotainvernal.com/	1970-01-20 08:57:36	Name: _pbjs_userid_consent_data Value: 3524755945110770
.pelotainvernal.com/	1970-01-20 17:00:00	Name: _pubcid Value: 4a9fc5b5-fc3a-4ee6-99ef-32171eba3704
.pelotainvernal.com/	1970-01-20 17:50:24	Name: _ga Value: GA1.2.624986645.1671264457
.pelotainvernal.com/	1970-01-20 08:15:50	Name: _gid Value: GA1.2.176069806.1671264458
.pelotainvernal.com/	1970-01-20 08:14:24	Name: _gat_gtag_UA_19230497_1 Value: 1
.yahoo.com/	1970-01-20 17:00:22	Name: A3 Value: d=AQABBMp4nWMCEPtvnYUXRJVNiwgobDnFXC0FEgEBAQHKnmOnYwAAAAAA_eMAAA&S=AQAAAgiLdGeQCg0naxnVtvtVBF4
.bidswitch.net/	1970-01-20 17:00:00	Name: tuuid Value: e49456df-4916-4db4-97d2-a925ebc1c45f
.bidswitch.net/	1970-01-20 17:00:00	Name: c Value: 1671264458
.bidswitch.net/	1970-01-20 17:00:00	Name: tuuid_lu Value: 1671264458
.rubiconproject.com/	1970-01-20 17:00:00	Name: khaos Value: LBRNPGZZ-1W-KJJK
.rubiconproject.com/	1970-01-20 17:00:00	Name: audit Value: 1\|naVuGyos1qrg9MFCpQBmH7U1ZxogGjlwOA+xFj1I9scPlNhSTbzUQ1pKencdhEx2Skyj9x8eeR3thoi474+Tg2jYHTlS9mMvGIFatoJ0DXuyqVI1k5poNA==
.ads.stickyadstv.com/	1970-01-20 08:57:36	Name: UID Value: 90abf936cf4cbee56b241f9f0f1653
.turn.com/	1970-01-20 12:33:36	Name: uid Value: 7593657138415183722
.taptapnetworks.com/	1970-01-20 17:00:00	Name: SONATA_ID Value: csonata_88e9e579-1fd8-4465-ba69-7c02a4b7c10d
.quantserve.com/	1970-01-20 17:44:38	Name: mc Value: 639d78ca-6c905-36e29-8d725
.pelotainvernal.com/	1970-01-20 17:38:53	Name: __qca Value: P0-2110882463-1671264458279
a.vidoomy.com/	1970-01-20 17:00:00	Name: SSCookie Value: 1
.doubleclick.net/	1970-01-20 17:36:00	Name: IDE Value: AHWqTUl5TifCMLxj42Lv9DDvTAXiJXbssVuFm7nxqTWLMdcuWOqxCrJXdphPb06qouw
.pelotainvernal.com/	1970-01-20 17:36:00	Name: cto_bidid Value: svmqVl9MNVVvJTJCMVlCQXNGQUhHa0drSDZpZXNNUTd3R25NMXZsdkVSdm9GbDlRd3NFQWlQcEN5Rzk1ZXBpM2NHTVpCJTJGb0V2N1dxd2VoVCUyQmclMkZsdjdGNDVnYkR3JTNEJTNE
sync.srv.stackadapt.com/	1970-01-20 17:00:00	Name: sa-user-id Value: s%3A0-5a3a2679-1a9f-423b-5199-088d15ea38a5.vM2FyT82LpC023FWh%2BFb92dRFk2sbOkSJk%2F6MzOHdpU
.srv.stackadapt.com/	1970-01-20 17:00:00	Name: sa-user-id-v2 Value: s%3AWjomeRqfQjtRmQiNFeo4pdly2hY.bRzlFTC5tvFrfaIJJJle6XWbptewji9qesF3QjldvVo
.adnxs.com/	1970-01-20 10:24:00	Name: uuid2 Value: 680161537510071120
.blismedia.com/	1970-01-20 17:00:04	Name: b Value: 639D78CB8EE02222B76AFFCABLIS
.3lift.com/	1970-01-20 10:24:00	Name: tluid Value: 947373943957176583124
.casalemedia.com/	1970-01-20 17:00:00	Name: CMID Value: Y514y.QJ13jpKNHYD59KMgAA
.casalemedia.com/	1970-01-20 10:24:00	Name: CMPS Value: 1209
.casalemedia.com/	1970-01-20 10:24:00	Name: CMPRO Value: 1209
.adnxs.com/	1970-01-20 10:24:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C''seze1!]tbPl1M>e)ZlrFUfJ+tGXxo]LE_I8FrL.<RoqU'@MjoW:?Bj7_KBchCl#]g3If)y3KL9D3I?+dX/5?H
.doubleclick.net/	1970-01-20 08:14:28	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 17:00:00	Name: KADUSERCOOKIE Value: 280CD529-6208-45F6-8529-B0BE05611F49
.360yield.com/	1970-01-20 10:24:00	Name: tuuid Value: 487097f0-3941-4dcc-ae11-ee23481a7bb7
.360yield.com/	1970-01-20 10:24:00	Name: tuuid_lu Value: 1671264459
.scoota.co/	1970-01-20 17:50:24	Name: tuuid Value: 27235952-f12c-4060-9e47-fe2b74706ef6
.scoota.co/	1970-01-20 17:50:24	Name: c Value: 1671264459
.scoota.co/	1970-01-20 17:50:24	Name: tuuid_lu Value: 1671264459
.spotxchange.com/	1970-01-20 17:00:00	Name: audience Value: dfbba914-7de1-11ed-864b-1fe3cd8f0006
.everesttech.net/	1970-01-20 17:00:00	Name: everest_g_v2 Value: g_surferid~Y514ywAAALNDNgAZ
.weborama.fr/	1970-01-20 17:40:19	Name: AFFICHE_W Value: 3Rr89AEOGdrd30
.zeotap.com/	1970-01-20 17:00:00	Name: zc Value: bd2249af-57e3-4da8-6987-c493422c5d94
.simpli.fi/	1970-01-20 17:01:26	Name: suid Value: 0DBD4F893D4F4D98A323225492AEFE7C
.de17a.com/	1970-01-20 16:52:48	Name: guid Value: 1.7395731750294412503
.pubmatic.com/	1970-01-20 08:57:36	Name: KRTBCOOKIE_80 Value: 22987-CAESEFrHGGVQ2SH4_bkO3wHPTQ4&KRTB&16514-CAESEFrHGGVQ2SH4_bkO3wHPTQ4&KRTB&23025-CAESEFrHGGVQ2SH4_bkO3wHPTQ4&KRTB&23386-CAESEFrHGGVQ2SH4_bkO3wHPTQ4
.adform.net/	1970-01-20 08:59:02	Name: C Value: 1
.pubmatic.com/	1970-01-20 08:57:36	Name: KRTBCOOKIE_57 Value: 22776-680161537510071120&KRTB&23339-680161537510071120
.adform.net/	1970-01-20 09:40:48	Name: uid Value: 5933519048619694325
.pubmatic.com/	1970-01-20 08:57:36	Name: KRTBCOOKIE_336 Value: 5844-7395731750294412503
.pubmatic.com/	1970-01-20 08:57:36	Name: KRTBCOOKIE_391 Value: 22924-5933519048619694325&KRTB&23263-5933519048619694325
.amazon-adsystem.com/	1970-01-20 12:56:38	Name: ad-id Value: A25TT3hO80QXvkI-QyteMIo
.amazon-adsystem.com/	1970-01-20 17:50:24	Name: ad-privacy Value: 0
.mathtag.com/	1970-01-20 17:40:19	Name: uuid Value: 132d639d-78cd-4100-bd71-bacb350a17e7
.pubmatic.com/	1970-01-20 10:24:00	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 10:24:00	Name: pp Value: 156498
.pubmatic.com/	1970-01-20 08:15:50	Name: PMDTSHR Value: cat:
.ctnsnet.com/	1970-01-20 17:00:00	Name: gid_CAESEKetfxybpjIzHT98vEkJXxw Value: 1
.adfarm1.adition.com/	1970-01-20 10:24:00	Name: UserID1 Value: 7178026198688790683
.w55c.net/	1970-01-20 17:44:38	Name: wfivefivec Value: vToJCYpW1P6seo5
.w55c.net/	1970-01-20 08:57:36	Name: matchgoogle Value: 5
.criteo.com/	1970-01-20 17:36:00	Name: uid Value: b7e92de7-c076-4d93-be1a-f3db9f6a5594
m.exactag.com/	1970-01-20 10:24:00	Name: exactag_new_gk Value: ce8dd01420584e08b59afb7ae1352a67%7C15.02.2023%2008%3A07%3A40
m.exactag.com/	1970-01-20 12:33:36	Name: exactag_new_uk Value: 2603e2468370496c8ee53006130bfeea%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 83d8691afde443bc92f4ebb7
.pelotainvernal.com/	1970-01-20 17:36:00	Name: cto_bundle Value: 3-izQ19Cam1ZdjQ1QSUyRmxpQ0N4TkZJWUUzdyUyRkM0OGYlMkJ2VHlocWV5TEs0M09UM3olMkZnTUUxc3FORmQ4RmV3WSUyQjZyaFJBRlRJSWJrUmJwTnNUZEV4TUZJQ003NTlUZFhoWktNS29WWUVkYWxZb0Rib01JdkxnakRDclVvMWJtNUZsbHJCS1g3eEZOODVkQ2tydDMwVmtLVjI5Yk9qQjU5cTIySzVYbEhCZWtHSXBJY3R3JTNE
.mathtag.com/	1970-01-20 08:57:36	Name: mt_mop Value: 4:1671264462
.ctnsnet.com/	1970-01-20 17:00:00	Name: cid Value: 2277c77d9ea94d328ece39a6df9b5448
.w55c.net/	1970-01-20 08:57:36	Name: matchcasale Value: 5
.quantserve.com/	1970-01-20 10:24:00	Name: d Value: EJUBDgHqJ4EO-TA
.analytics.yahoo.com/	1970-01-20 17:00:00	Name: IDSYNC Value: "1982~28w8:18yl~28w8:18z8~28w8"
.pubmatic.com/	1970-01-20 08:57:36	Name: KRTBCOOKIE_153 Value: 1923-jvYUeY_9TnyV804kiPAALo6gHySV_UkqivC6rkMt&KRTB&19420-jvYUeY_9TnyV804kiPAALo6gHySV_UkqivC6rkMt&KRTB&22979-jvYUeY_9TnyV804kiPAALo6gHySV_UkqivC6rkMt&KRTB&23403-jvYUeY_9TnyV804kiPAALo6gHySV_UkqivC6rkMt
.pubmatic.com/	1970-01-20 08:57:36	Name: KRTBCOOKIE_1101 Value: 23040-7178026198688790683&KRTB&23278-7178026198688790683&KRTB&23369-7178026198688790683
.pubmatic.com/	1970-01-20 08:57:36	Name: KRTBCOOKIE_218 Value: 4056-Y514ywAAALNDNgAZ&KRTB&22978-Y514ywAAALNDNgAZ&KRTB&23194-Y514ywAAALNDNgAZ&KRTB&23209-Y514ywAAALNDNgAZ
.casalemedia.com/	1970-01-20 10:24:00	Name: CMTS Value: 3266
.fiftyt.com/	1970-01-20 17:00:00	Name: fifid Value: 6c00f5aa-0cc1-4cb4-4b67-ca6ba7703a7d
.fiftyt.com/	1970-01-20 17:00:00	Name: cs Value: MTY3MTI2NDQ2MXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fMtgC5-Vy6vLXb3l8jM1J7Xq0XZayRPI7NKWy1NdnCpc
.pubmatic.com/	1970-01-20 08:57:36	Name: KRTBCOOKIE_860 Value: 16335-WjomeRqfQjtRmQiNFeo4pdly2hY&KRTB&23334-WjomeRqfQjtRmQiNFeo4pdly2hY&KRTB&23417-WjomeRqfQjtRmQiNFeo4pdly2hY&KRTB&23426-WjomeRqfQjtRmQiNFeo4pdly2hY
.fiftyt.com/	1970-01-20 08:24:29	Name: fppm Value: 20221217080741
.bidr.io/	1970-01-20 17:42:54	Name: bito Value: AACqBE7HOvIAAB9vT69Lzw
.bidr.io/	1970-01-20 17:42:54	Name: bitoIsSecure Value: ok
.onaudience.com/	1970-01-20 17:00:00	Name: cookie Value: e5b343997febff59
.onaudience.com/	1970-01-20 08:15:50	Name: done_redirects161 Value: 1
.semasio.net/	1970-01-20 17:00:00	Name: SEUNCY Value: 40CFA0ED13857001
.pubmatic.com/	1970-01-20 10:24:00	Name: DPSync3 Value: 1671321600%3A174%7C1672444800%3A227_235_241_219_245_201_226_197_221
.pubmatic.com/	1970-01-20 08:57:36	Name: SPugT Value: 1671264463
.pubmatic.com/	1970-01-20 08:57:36	Name: KRTBCOOKIE_22 Value: 14911-7593657138415183722&KRTB&23150-7593657138415183722
.pubmatic.com/	1970-01-20 08:57:36	Name: PugT Value: 1671264463
ads.playground.xyz/	1970-01-20 08:24:25	Name: connect.sid Value: s%3AxMK5NNUzwru2Xn1yCklwe7FVi1jGASXy.aNyt2d7JnjDAobZ1BkXiDmqtuR2lXCeU2Y2Lol8VlMA
.adsby.bidtheatre.com/	1970-01-20 08:24:29	Name: __kuid Value: 77aba6bb-b021-44a0-827b-6296dbf52548.440478463
.1rx.io/	1970-01-20 17:00:00	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0470f075-a5c4-4404-90cb-aa2d6d9f0136-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.onaudience.com/	1970-01-20 08:15:50	Name: done_redirects200 Value: 1
.tribalfusion.com/	1970-01-20 10:24:00	Name: ANON_ID Value: aqnoeUmMZaEpDXqwsOQAbZbtAs7APTul8b6vihZbXDK
.csync.loopme.me/	1970-01-20 10:24:00	Name: viewer_token Value: acf8bbe4-0986-4c88-83b1-e5ee17a27290
.ads.pubmatic.com/	1970-01-20 08:15:50	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 10:24:00	Name: chkChromeAb67Sec Value: 4
.pubmatic.com/	1970-01-20 08:15:50	Name: pi Value: 156498:3
.pubmatic.com/	1970-01-20 10:24:00	Name: SyncRTB3 Value: 1671840000%3A223_15_2%7C1672444800%3A214_161_81_99_22_238_165_56_13_55_88_251_7_233_254_204_234_21_8_176_3_220_54_71_166_243%7C1672099200%3A63%7C1673827200%3A203%7C1672531200%3A35%7C1676419200%3A69

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network	error	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=280CD529-6208-45F6-8529-B0BE05611F49&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:132d639d-78cd-4100-bd71-bacb350a17e7&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 502 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznVhYWYRRTMnhMMVR Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.sportradarserving.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.lkqd.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
ap.lijit.com
aud.pubmatic.com
bid.g.doubleclick.net
c1.adform.net
c79c2500101a741060cc6b806098b9a7.safeframe.googlesyndication.com
cdn-conectate.kiskoo.com
cdn.doubleverify.com
cdn.firstimpression.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
core.iprom.net
cr.frontend.weborama.fr
cs.lkqd.net
cs.media.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
ecdn.firstimpression.io
fastlane.rubiconproject.com
flower-ads.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
loada.exelator.com
m.exactag.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pelotainvernal.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
pubmatic-match.dotomi.com
r.scoota.co
rtb-csync.smartadserver.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
rules.quantcount.com
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s3.amazonaws.com
script.4dex.io
search.spotxchange.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sonata-notifications.taptapnetworks.com
st.pubmatic.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
t.lkqd.net
t.seedtag.com
tpc.googlesyndication.com
tr.blismedia.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v.lkqd.net
vid-io-cle.springserve.com
vid.pubmatic.com
visitor.fiftyt.com
vpaid.pubmatic.com
vpaid.springserve.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.audrte.com
a.sportradarserving.com
cm-supply-web.gammaplatform.com
loada.exelator.com
rtb-csync.smartadserver.com
s.tribalfusion.com
t.lkqd.net
uipglob.semasio.net
104.18.132.145
104.96.128.226
13.248.245.213
13.32.110.61
13.32.145.29
141.94.171.214
141.95.171.142
141.95.33.111
142.250.27.156
142.251.208.166
142.251.208.98
146.20.128.203
146.20.132.117
15.197.193.217
151.101.130.49
151.139.128.10
159.65.196.12
162.55.120.196
172.217.19.98
172.64.154.237
178.250.0.157
178.250.0.163
18.156.0.31
18.196.15.33
18.218.58.137
185.29.132.245
185.64.189.110
185.64.189.115
185.64.189.221
185.64.189.229
185.64.190.75
185.64.190.80
185.80.39.216
185.94.180.124
185.94.180.125
195.5.165.20
198.47.127.20
2.18.36.193
2.18.37.67
2.18.79.136
2001:4de0:ac18::1:a:3a
2001:678:cb4:bbbb::11
209.191.163.152
213.155.156.185
213.19.147.45
213.202.235.10
23.62.220.47
2600:1f18:1aca:4281:68f:8ebb:736f:849f
2600:9000:206e:f800:8:48e:53c0:93a1
2600:9000:2304:8a00:6:44e3:f8c0:93a1
2600:9000:2304:9200:15:6f6c:b180:93a1
2602:803:c003:200::41
2606:4700:10::ac43:266a
2606:4700:10::ac43:db6
2606:4700:20::681a:79
2606:4700:20::ac43:4bf1
2606:4700:3031::ac43:b7f8
2606:4700::6811:180e
2606:4700::6812:372
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:82a::2004
2a00:1450:400c:c08::9d
2a00:1450:400d:802::2002
2a00:1450:400d:802::2008
2a00:1450:400d:803::2006
2a00:1450:400d:804::2001
2a00:1450:400d:804::2003
2a00:1450:400d:806::2002
2a00:1450:400d:807::2001
2a00:1450:400d:807::2003
2a00:1450:400d:807::200a
2a00:1450:400d:808::2002
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::200e
2a00:1450:400d:80e::2002
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:11a::217:9a8a
2a02:fa8:8806:20::2010
2a04:4e42::485
2a05:d018:d29:3605:749a:6a0e:3033:c14
3.19.54.139
3.66.71.88
3.68.131.166
34.102.253.54
34.107.148.139
34.111.129.221
34.111.131.239
34.149.12.213
34.149.50.64
34.248.17.75
34.252.235.208
34.91.62.186
34.96.105.8
35.186.193.173
35.201.96.126
35.214.223.115
35.244.159.8
37.157.3.30
37.252.171.52
37.252.173.215
51.89.9.251
52.18.201.205
52.216.18.171
54.208.89.30
54.211.49.49
54.73.29.246
54.93.177.113
63.251.232.165
67.220.228.201
69.20.43.192
85.114.159.93
98.98.134.243
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
008be15ff7db879ddccb3bf415d1143924af4eca6d1dd5250726ac423624f9d5
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
07acc2681f432e300cfee25f15b1e16019a1566d55120ef4f78cd21454ddc5eb
0878b0132b9593004bc867e5a9caca3e4b8ccbf77fd16b6cac044e05aab10d84
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
09778ab5d08d1983b0ba1d423603b1b0f2214947ed465534dcc9ac047bf929ba
09dc9ca0e44e877bd2cb35abcf57287c22a89f4301c7163bd04a7c9c2eb28a73
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b88c189e013b355da90b0d7074d85ceea9cf7b20c23ff066c80ef0e35716337
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e791e480dde83b8f74afa00a76d796ad8f123c3708e9efa8268bb039e30236d
0f69e5935b0388c56dd59ef9c83713119d9c2d2d321121a129a2e4eefdb9b5ec
0fc22832567771085068ce18bb7546c776e378638e9fe825a7d4f625754a83c1
116c2fde67870997da57d3408b110df8666173f3adb06bca4edc7de1489d8911
11f8f43550598a3533e2a0fa1825a3548f4fd0dd5953e48a6ac2e8c4d358fd06
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1422bd301c768c0c81ab05b7fa1fc5441a36c1d7c488bbd3868b3a2c69f5787a
14fa937604e0fd3f7f1f8fa5daa5ab7e25052e1b1b826688b0109fac4251bf6f
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19737707017ce7f188707e1e6fbae40088945cb235a8c37971b507b97d771a4b
19a4a578621340bbaafeb46490e966c97367374a75fc6cfb260e8f463cb59c0e
1b4fa1fbd4126989cd1faf5d75f69203706ef1a02c920813cc8838970e133f0e
1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e894e7cf7187c224f386656a508446013f4cd6edea742f5241ce57258db06c6
20a1cdacfe2eb555821271aaa4199a9b5c2244b76ff3ab8d967909f5144f9f17
222b9757cedea663b1a7cad06ccf4ec8e97d29ebdd5e694f72338cf00e261194
22601341dcd3ae1b5159bc4d1b7a0b6309ffa1285a427d3ccc220fc06c37a691
239e835ed72c6b871d73b000d86c3b5d08bbc547df9e84cee8938756b225eeb9
23d51b054f018a0f69fddc44bcb648cb716507ba55a991d8c28e0c09f7e1d6c0
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5
32783ca8dfe504a3421d80bc94528cff98c76529b6c6f6ac9cc7aa2a741e13df
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3521616fbd1415fd86988bfc9773f6044497f54354e0b924f7db878f91c1af83
3620d28357207cd4b8092fe728bed5a606c78c07d4043ed225b7c3e8e58fa731
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36c2343f3359688c9948184e631420db683b3d1a105206fcf76f1354c106425e
36dce21067b3249b82280e41f4673966c45dd21b5765db9f23933fb34641e672
3779a47780ee66db6d88fc894c7c59c2cbcabc16bd924dbc98838e128d11c9a4
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3a0533a13afb670ec11ee5ff801847283430c2a115dcef0c96934cd6096987d2
3aa5cdd18374b285ddc76c94ee1735df8b3e518cb7202fa7feec77a3b13437a3
3c1197af85f97be1d7c68c2725b022938242d26124bc9ad2580f86ff88d6e8a3
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf38ed7e2cf81d106ebd9af9c5ac0e7628a619e41c4fb4a489439ba5a2d6c8
43cde0c46e5bcf3af0d7e3f47c5dff43a22f0842b511b6db26ea46650f46b861
43d9aeb281645742f8885bf52021dd14c292cd6409ebed9e59f70463a2649ada
43ed01782a52f74351b31f996f02f0761540c3af7cdbd0693891a3e5abcfa3c1
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
4618254f188a729ee1f2634282a44f2555cc478dc76936d04e1add77091c13d0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
47f719c1691461a5d778135c0512d51c87f8eea39be7ddad829830925902674b
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e44620a6d6524dfb4f59d2acd16070c789a70908433b6f0883ad42ed15b293
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ffe1619d0cddcd71c73eb41dcf1bf9219646f36b90667b3746c8a6771375fc6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
52084175f1ddbd7e4168245880f4dd0c69cedbcac6096306ecae4e56181ad545
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fdec27e59d14197a4141899c3edaf2880a7d21ba309b1c23451801a55fda62
568264bc1c4cc59e47bc677e8f8133ea8b5c684ddb911913a5ffe2a91161faac
5fb4f7390884fbc0fcccc0785dba622381ec58fa3abe84803df6b7b511b92be6
5fce8f89f33c6f0257417fbf3476c9847131ca25f2d184a5fc7a11e61f8d65ff
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620a7e55a8dc8e272ed0de340def609f1605984e98800a4a3cdd874483c6eff9
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66c1d4fcfbf0da9349992e22675f034041aae91ad2cd6505c86564c281986c32
6761422a7411c94e55f44cb30ae52f1e1b404c217c274631abc6a1dac608af40
67b55fa1ac1eb182c16573559fb708578b5ff0677b376090584be98f40f7cb5b
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
6863cc2c6ce578743cadabac5bd04e90942f1dad98395b53232e03a7d75e224a
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f272fccfb3459a79bd48d562cd33cf5086280c5039268ab4d22e2f59b0981de
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
74df90f5f0e27dd5df2470215692754169878aa5443c25a3515e1768e3db03b1
75f2814a3b5d2bb1b8ae643850494afd11d4d32545ff675102eb11870f9ee70d
7704eb6f85a784d8c15f978dd89eabd5de573d4e9ad6303634910cdc25d1da7b
77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7c8cf549c868830964613226f448ced0de6ac59d42b22f359ca265e6bfca44d0
7cb2efcc5d453f6ac99a8ccec267e3780da3fef194100af8be268cae0d62a3ff
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7dabee15e932985f02ada69507a5520a35cf1f0ffe134758d0cfe74ffbad4113
7e9276746ee6d70a75d8362ddd8e20aa1ce8a008c8e39c66a9e05b758f636d01
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8343c228a756770850a52f0f7ed91e53e611471c7f2ed208799a24491694902e
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87ec184cd9b3cfb5ccbf631c766fc0d6b01d8811184a5f6f49f2ec528429dad4
88d24f7443502064d5fd35dc85736f7f1a6d4ef66642ca12e3f19ce37a89b2a1
89576551d8623a5884d6e9b741ba4f15762891c8e09473317a68663245d85a68
89c93cbf2f461176e5f7c51294ecc9e70570187c31f766d9a42804b5895c4b49
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8d671350b1103375b694982c8b072dbb6793216c87bef658903355bb083c60df
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eb46fa1663f13361f33d3aebf03d3cdef67349a4ce5e6ea38e3964072bf39f2
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
964d62b1d7dfaffc9cc325d0c996b7e19c00aa3915e58a7ffe5a2e41a7aefc8a
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
978ff60a5cb1f41344c68dd89d87e2b4afd276edc752fa71779565804b9ebdf8
983ca12c60ed1dbeefa81589ffa6f725a5bc804776bb21845213ee4672fcbd64
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99b030c09a284e08ff678c3ecdc15a3651c05b3ede236851a32ea0f755d109b5
99f9d716254deb714e30e39e7963f5fe3d882938ac6ccb99619f2a4c2505738a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c61627ee3d76cba414ec45b1d42a0cec31155b006ced7bc775f574b84ac4d7d
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e11c754c1c966e94494ee2ba592ab244d19b538e05b0b6c94bff4453815c49b
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a67612c801d54b2817687d2155b63f849b671d96ffd423cb77b36b0b66fa2192
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a839e7cc1bd5c7d118823ef1fcb4fc397c581b3ff442e46124ffa22412284e66
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
aa0a235a0edb76846d6a656d6b81b3308d36d4f3411cb6c73df7b15da0782ce2
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
ad0285da14aa75a410d2015198062e7fa2ba9f1a1d3363c6ce9ab80beec83804
af9474e5a7a9093351569e5cb64b9b34596d02e5cd1ede8ead7acf41740f76cf
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ac2302fad1d30571d4eec6194f7402b7ff855aa9cde40eafb9347b9d33ff4b
b1e6977c97d06a3abcc8d1fd1066c075f628c1d5606aa59e97f7d83b76cd6520
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873
b59274b06fc793177aedbfa4b52d6d2571528266198414ae2b1795d7d87bff48
b7382d2ae003d2c93657df0912f924975ba279a3f78743aa90ae0ef63502eb19
bac0705d11ffc896d765dc3507e2ad3abb961795b05bb857039ca92f649a0745
bd558b6b0fa8256504d6f1796203c55c540013d7d4021f79241476f3ac49dac1
bdbbb447bf69f791cb6717a186852f2b9661ca900a74d8235d37ef9ed65ac0dd
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806
c329a0dc93f82b5f0e3f15ef5165027cfe33eef21fd2ae0b791159200857ac92
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c54527742912dc24ffdbc35d926d8d76f016b8258e9ebb94dfb50a729d6901df
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
ca1d30a17989f17c2ef0d2beed8e07699074734dc785a7c53187118d5476fe0d
cae78c07458a9dad63b93c30ca8c0e545ccc4a36faee919174b947cd9fa3f43b
cc2f6c397b2c8bc2ffe3a7f98875347fd37f44f8297f60b1f961123846cad866
cd257ced5860b54b3c71dd2e1c9704a552f0c2be8e63ef42cdf47e05293da1bb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d4cb7e8709105c5ad2548d4e71166dc6d33ea3829b84a31899e1dce50fb78fc8
d4f0dfe4f2130f154223e847e05537a8209be1a75512e846ac69d93dff1efb6f
d5f4da9e6b8cb335c335141503a6145613eb920e582cc71634e8d5dfad44a232
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d74835ebc144bb92d18a970ca79cae0840c356a5967bb1d1d9428c32c183cdb1
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d977cef899d6534c8933c5e8a57774dd0e914013e3790568535382299b913e8f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec0fa89665fa646ab3a2b5ed8fc8e4589a06b38b91b707239fd14bfc2ed2a33
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0f35fc5d87135d11206b5f9f33392df2c2b873019a33460b933b72db6be49c4
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e34578da52d9ebd0068921fdc89974b432b4098637c6c0fb3fa4c21dc5ec1df7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e623892396d4c27ed16b05b2647e5dd2721e66233718809dce32a4ebb129a252
e7762b2fbdbaa7526bcbf86a221f88ba9e091f9af2a7ff7ac32ac7c91776ac95
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea1b70e59d71bb9824849949981e1ca343ebfd3f5cad1eabdeb8a5bbfd7a453f
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee735ad9351455e1417cd144ed24de18f6311c98a1284b55cd59fd0d25489d22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc401ddc077eb5872de502e7f449041b6ae9aefe1754c3b99525cfd09301fb3
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f46bd08554535b5a3d16c9dceb14b39dfff05bab3a7137ad3904b96433cf9b19
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67c3d3aff432b76fefe04b15fd91f197e2ea49a37acad35e14759b4444e1753
f6c6e44da7758d9332bea2c252fca3747aca424873369dcf1fe0d7246a5eab17
f9aea573b4ea60e87c8d6b19c88dc1d00bcf6f1a1b63a44bdcf5e591e2be1617
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff189758d75309cf2ae680742df627ea16c4417d9565412a97f4e3d4753d9dd6

pelotainvernal.com Open in urlscan Pro 54.208.89.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

489 Requests

85 %HTTPS

32 %IPv6

85 Domains

129 Subdomains

92 IPs

14 Countries

4724 kBTransfer

13489 kBSize

98 Cookies

3 Outgoing links

Redirected requests

489 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pelotainvernal.com Open in urlscan Pro
54.208.89.30 Public Scan

Screenshot
Live screenshot

Full Image

489
Requests

85 %
HTTPS

32 %
IPv6

85
Domains

129
Subdomains

92
IPs

14
Countries

4724 kB
Transfer

13489 kB
Size

98
Cookies

489 HTTP transactions
13 data transactions