elcorito.chat Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://photo.hdd3.one/VIEW-PHOTO_cbhub8b4t
Effective URL:
https://elcorito.chat/
Submission Tags: @phish_report
Submission: On August 29 via api (August 29th 2023, 12:16:05 am UTC) from FI — Scanned from FI

Summary HTTP 145 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 28 IPs in 3 countries across 19 domains to perform 145 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is elcorito.chat.
TLS certificate: Issued by GTS CA 1P5 on August 6th 2023. Valid for: 3 months.

This is the only time elcorito.chat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	170.10.160.83 170.10.160.83	32748 (STEADFAST) (STEADFAST)
1	69.10.59.181 69.10.59.181	19318 (IS-AS-1) (IS-AS-1)
27	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	104.18.34.83 104.18.34.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	() ()
4	142.250.184.194 142.250.184.194	() ()
6	2404:6800:400... 2404:6800:4003:c04::78	() ()
1	2a00:1450:400... 2a00:1450:4001:802::2004	() ()
145	28

1 170.10.160.83 (United States)

ASN32748 (STEADFAST, US)
PTR: serverchat24.com

photo.hdd3.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.10.59.181 (Bloomfield, United States)

ASN19318 (IS-AS-1, US)
PTR: popola.com

huevopollito.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

elcorito.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (None, )

ASN- ()

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c04::78 (None, )

ASN- ()

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	539 KB
27	elcorito.chat elcorito.chat	734 KB
15	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371 securepubads.g.doubleclick.net	265 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	106 KB
7	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 12612 ic.tynt.com — Cisco Umbrella Rank: 6151 de.tynt.com — Cisco Umbrella Rank: 1612	9 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 366 fonts.googleapis.com — Cisco Umbrella Rank: 45	149 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120 www.googleadservices.com	332 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37 region1.google-analytics.com — Cisco Umbrella Rank: 2412	21 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	349 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	227 KB
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 13863	2 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 14873	3 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3589	49 KB
1	google.com www.google.com	1 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	59 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 16779	183 B
1	waust.at waust.at — Cisco Umbrella Rank: 44341	4 KB
1	huevopollito.com huevopollito.com	499 B
1	hdd3.one photo.hdd3.one	591 B
145	19

	Domain	Requested by
27	elcorito.chat	huevopollito.com elcorito.chat
25	tpc.googlesyndication.com	photo.hdd3.one googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
20	pagead2.googlesyndication.com	elcorito.chat pagead2.googlesyndication.com photo.hdd3.one googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
6	www.gstatic.com	googleads.g.doubleclick.net
5	ic.tynt.com	elcorito.chat
5	www.googletagmanager.com	elcorito.chat www.googletagmanager.com
5	fonts.googleapis.com	elcorito.chat googleads.g.doubleclick.net
4	www.googleadservices.com	elcorito.chat
4	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
2	googleads4.g.doubleclick.net	photo.hdd3.one
2	region1.google-analytics.com	www.googletagmanager.com
2	t.dtscout.com	waust.at t.dtscout.com
2	images.dmca.com	elcorito.chat
2	netdna.bootstrapcdn.com	elcorito.chat netdna.bootstrapcdn.com
2	ajax.googleapis.com	elcorito.chat
1	www.google.com	tpc.googlesyndication.com
1	de.tynt.com	cdn.tynt.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	cdn.tynt.com	waust.at
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	whos.amung.us	waust.at
1	waust.at	elcorito.chat
1	huevopollito.com	photo.hdd3.one
1	photo.hdd3.one
145	29

This site contains links to these domains. Also see Links.

Domain
radio.elcorito.chat
www.dmca.com
www.google.com

Subject Issuer	Validity	Valid
photo.hdd3.one cPanel, Inc. Certification Authority	`2023-07-17` - `2023-10-15`	3 months	crt.sh
huevopollito.com SSL.com RSA SSL subCA	`2023-06-21` - `2023-09-19`	3 months	crt.sh
elcorito.chat GTS CA 1P5	`2023-08-06` - `2023-11-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
images.dmca.com R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2023-07-25` - `2023-10-23`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://elcorito.chat/
Frame ID: 61E3F3F2765B1AE3106B9607C8377BE4
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20190131/zrt_lookup.html
Frame ID: 96A95BDB41C76476A5BBA7D7D30692AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&adk=1812271804&adf=3025194257&lmt=1679701550&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Felcorito.chat%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161995&bpp=4&bdt=1037&idt=273&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1735567959380&rume=1&frm=20&pv=2&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=301
Frame ID: 23D40FE05801989212285B7DE0C7D130
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161999&bpp=2&bdt=1040&idt=301&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ifuhMGIzi&p=https%3A//elcorito.chat&dtd=306
Frame ID: 058997BA1E49AB4618912CA54B7CC8F4
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=2005281337&adf=2296579135&pi=t.ma~as.8294562186&w=504&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=504x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268162001&bpp=1&bdt=1043&idt=315&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=357&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Kh0U6LaQsk&p=https%3A//elcorito.chat&dtd=317
Frame ID: FCC598C56805A15A61DB3DF5FE949403
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_XsQEQysq3igIYlYrL9AEwAQ&v=APEucNWAO83BqDU-xpTYeq2YNbBBbyzBbLlowRhtmDjq5mbGWA2JOEpicWABQ4kjOxEsInKijDDcMmucI-KlkMQloRFQSFR81V3oPCRSbVRCuKgMkjbUbsOvNA9HKSD4ReYahBz5tbpNEpsWipipkRtJU12cSxukGpeIjn7PPhfGem1NQnmmmQs
Frame ID: DE4B0A038F66935B4CB0A4B7EE3E3153
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/abg_lite_fy2021.js
Frame ID: 00AB1EA1B2932C491B8FD20D1942D364
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4A2FD6B5DB0C5BA9E68AA6FB64EC2976
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1
Frame ID: 606DA864109D37C0156EBEBFEB432904
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA6332BBDA89589692804D505DB1468A
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 107E66909D01AE333BCC1F80E98B60E6
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Frame ID: 3A55252802DE2C15241DFF584548074E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Frame ID: 1B2F76307124051087A341305FC9BC66
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Frame ID: 4AAE64F10DE54E03B8B0F79C8A46D86E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 07E4BEA78E669E97232329A927B4EC71
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35110C6176B2165F5E9F2D6B9A65B7F3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Elcorito ▷ Una Vaina Bien! |CHAT DOMINICO-BORICUA|

Page URL History Show full URLs

https://photo.hdd3.one/VIEW-PHOTO_cbhub8b4t Page URL
https://elcorito.chat/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

145
Requests

99 %
HTTPS

74 %
IPv6

19
Domains

29
Subdomains

28
IPs

3
Countries

2519 kB
Transfer

5579 kB
Size

12
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://radio.elcorito.chat/
Title: ¡Chat y Radio Dispositivos Mobiles!

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=b79b6e7d-3d96-4b3b-8f80-3c7363e77180&refurl=https://elcorito.chat/

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en/chrome/browser/
Title: Chrome Browser!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://photo.hdd3.one/VIEW-PHOTO_cbhub8b4t Page URL
https://elcorito.chat/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121

https://googleads.g.doubleclick.net/pagead/adview?ai=C2940wjjtZJPcFpKqZfXStcAC4suX42nG4r_J1g2C57S1-QEQASC_nrwhYMMEoAG92963A8gBCakCik-GOUc2kD6oAwHIA8sEqgT1AU_Qe3ka8D_Xj593NEXaZifCVrqhqBsQDUTsQ4wIf1De1L68MldjaEdKhqFLzXwarjgxmChKDSE_WWe-fbTk8fk8jizyTXqsv1ycuHemRiu7SuZHIYQ-2o7VCRY14dHjJ1Y0KfS2lmiFCPiS58c-PlrOA4DyHMx3hbisXz4HZb08msf3D6t287b3cwdtxc_5FN9213ZSYFWjC-MCsAAc4f8L8EjTVzUnEsyEBb84weaYJUSmXMolxLGsY0goEs3r5cpUPHSQHzVY0rLc3khf2Vx8eS2IS3wVPMc2vzdGCzUO4vPHWCK6O19SwPLNvNQzBFcI30aHwAT3uJuuwwOIBdv7xIkxkgUECAQYAZIFBAgFGASgBi7YBgKAB6ukoUioB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCIrQGgCJIUsAgC0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJG2h0dHBzOi8vY2FybG9mYWN0b3J5LnBsL3BsL4AKAcgLAbgT5APYEw2CFA8aDWVsY29yaXRvLmNoYXSIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNDg5NjM3NTg4MTU5NTExNBgA&sigh=_6HLTW3f_mk&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW21AQRS0KXkydUR9y3BBbOIxp0dNLSBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210930227878301421158%22,%22debug_reporting%22:true,%22destination%22:%22https://carlofactory.pl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22922201533%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210708355226948422113%22}&andc=true

Request Chain 124

https://googleads.g.doubleclick.net/pagead/adview?ai=Cjp8pwjjtZICdF42ViQbKoq3ABNP-uPdwjffM26oRwZ3Ps9cOEAEgv568IWDDBKABoZXy7QLIAQmpAphWrLq0IrI-qAMByAPLBKoE8gFP0CzlJe3hkzJKbFZ9MhJQyyj7n14q7kKC110ocg39ggGP5VdhXzmebHps4X6dGLgcDNlAd-x8RMdKR1DCYVWrZfUqkizBj6xp8gBwCap9bMviJOGKEKcuap-Z6ENNcaOqLlGo2d5wWaOj4XXZs5_A94ZeVTSaA2CXP0EFjrsWMaAypBJSsMF43zJIuScerumZcztH4KQNLCVKP3TlU4G1E9bI63hwmtLNeXuR2b9zQvdPIUGbzl9s5swnkd4w0Yqx8FmYUjQfpdWq2XVp508E2kETuoo4gVu-C69HrWTPXw6GzcJi_J5cC44EzXnXTF6BosAE0fmko7EEiAX77JWoSpIFBAgEGAGSBQQIBRgEoAYu2AYCgAfH6o2SAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL-EAaAIkhSwCALSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgk9aHR0cHM6Ly9xdWl6LmJldHRlcm1lLndvcmxkL2VzL2ZpcnN0LXBhZ2UtZ2VuZXJhdGVkP2Zsb3c9MTQ0M4AKAcgLAdgTC4IUDxoNZWxjb3JpdG8uY2hhdIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00ODk2Mzc1ODgxNTk1MTE0GAA&sigh=AUIS6FfDUGE&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWAbjIF8yqjmEWbLgxqVy0tXtrfTbW1RgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229849003811055049184%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767330977%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210144406951857853137%22}&andc=true

145 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VIEW-PHOTO_cbhub8b4t Show response
photo.hdd3.one/ 768 B
591 B 559ms
175ms Document
text/html 170.10.160.83
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://photo.hdd3.one/VIEW-PHOTO_cbhub8b4t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.10.160.83 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: serverchat24.com
Software: LiteSpeed /
Resource Hash: 9a0493c889c58b96e508431fc9eac773683d9839bcaf3c0feef44afec85b2733

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 347
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 00:15:59 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
huevopollito.com/ 40 B
499 B 504ms
161ms Script
text/html 69.10.59.181
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://huevopollito.com/?api=1&lan=teampara3&ht=1
Requested by: Host: photo.hdd3.one
URL: https://photo.hdd3.one/VIEW-PHOTO_cbhub8b4t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.10.59.181 Bloomfield, United States, ASN19318 (IS-AS-1, US),
Reverse DNS: popola.com
Software: nginx / PHP/7.0.33
Resource Hash: 36cd2759ed1fdcb9b931fac68414fa848200e2b7fd6ec344d57bf40799aa4a6c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://photo.hdd3.one/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 00:16:00 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.0.33
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 Primary Request / Show response
elcorito.chat/ 22 KB
6 KB 376ms
212ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/
Requested by: Host: huevopollito.com
URL: https://huevopollito.com/?api=1&lan=teampara3&ht=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66625453601bcbcc54e1d678eb76162f1b117ea1d26c8bb2ad1aa8598d59d886

Request headers

Referer: https://photo.hdd3.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fe09a54dd6cb529-OSL
content-encoding: br
content-type: text/html
date: Tue, 29 Aug 2023 00:16:00 GMT
last-modified: Sat, 25 Mar 2023 01:45:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BMCrex9miT0l2s47fNUlIzAMWj6hgI%2FdnAQ4nDmHG6eVsRGpy0rFa2NEVnLZJtrLVzAKtt8AWhQ8F49%2F6tKWMCKlHYY%2Bu7BmhemVr%2BcEwMJaqEHXgJn7mm3OYUQmBDGNYCBWRSo0zalMyAl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 audio8_html5.css
elcorito.chat/ 37 KB
5 KB 77ms
73ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/audio8_html5.css
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1d4cdd9e85ef7e00db8d1c1ef6fe8e352628e3b528a2e247dd1b779444a6087

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 Oct 2018 02:02:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 89035
etag: W/"938b-5bb18030-448c080;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdSzGCYvpNz%2Fnfgovf7NC6C21YLDw4wxcTEjCyDE%2BkaKOsKoFElb8QeHIIrIcQQuxvZJCJ9Auq2lkjHqRhqIYrJrBEsyHrUUWz4TwcqCfxKSD947FvPDQxpXls2DdODD%2FZfgQnDaq8KpS0Xr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7fe09a563e4bb529-OSL
alt-svc: h3=":443"; ma=86400
expires: Sun, 03 Sep 2023 23:32:05 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.1/ 82 KB
82 KB 397ms
187ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.1/jquery.min.js

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e1354fc542b617c58cbba3aeb5116a528cf08bb1299f5dc7f3bc77a3b902b68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 26 Aug 2023 21:28:30 GMT
x-content-type-options: nosniff
age: 182851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83513
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 21:28:30 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ 233 KB
63 KB 295ms
86ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 26 Aug 2023 05:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63865
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 05:57:50 GMT

GET
H2 404 lastfm.api.md5.js
elcorito.chat/js/ 0
0 281ms
277ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/lastfm.api.md5.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrXqiRwUhj8%2BDCaDLxF%2Bc59U66PUNglRvbN%2B5xzEi%2FwqMiOtLS4DjeXMBNBYJWvbbMeMlNhKk7frgWu0nVuBdZodm%2F3BfW6Y1oZpuY314lF3um8xzYvQSW8XvClIIHWQUNoB1ZdHmIchmqRv"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, max-age=0
cf-ray: 7fe09a563e54b529-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 404 lastfm.api.js
elcorito.chat/js/ 0
0 173ms
169ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/lastfm.api.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azHVXfBfjsYuuAO6R%2BelNJxlD8WwU5VDCcZ26aO3l46mvncCDdFK1kNLgAtbBctKO%2FlHw2BpebEf2cX%2FaNEelAdczSZ1A0uuUUAug49oR5tn0tVDeJm%2FHDnOkIt%2BLM1662h7KYFuzA01L3u9"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, max-age=0
cf-ray: 7fe09a563e55b529-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 404 lastfm.api.cache.js
elcorito.chat/js/ 0
0 283ms
279ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/lastfm.api.cache.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aL5XQyoZknBPrP8LLfN3qn60rgaypjNhJ%2B7XjbtgGoA2j0uwQm5dzGj8%2B0Raz6A7hLIyzE9zXQti6LLh5z2j8x8ewnKdB3qCMaSPaXiKuMMeZZbLaofqcksX8iiYkcDRKtlG70lunVENa4t"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, max-age=0
cf-ray: 7fe09a563e57b529-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 200 swfobject.js Show response
elcorito.chat/js/ 10 KB
4 KB 80ms
77ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/swfobject.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jun 2009 04:14:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 89036
etag: W/"27ec-4a308488-17e1680;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9wa6Cl3BqVhqxXq58LzBi347umGqSK%2BIJERi4ANmliMZVEkDdzDegATchmAwTwmDNnA3qWuHV4Zls4xz8wFfpWp6C5utsQBPjzurxPq61PJNRyPK%2FSgW3BI%2Binf0MS0XObH8qm5Ay8Nkg78"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7fe09a563e58b529-OSL
alt-svc: h3=":443"; ma=86400
expires: Sun, 03 Sep 2023 23:32:05 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
elcorito.chat/js/ 1 KB
1 KB 78ms
75ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/jquery.mousewheel.min.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8104390115f92b27003b1e4e503ef59343ccfef4ac19751093544e8cfaeae26

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 26 Jun 2014 07:11:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 89036
etag: W/"570-53abc7b6-17d1bb6;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Og6NacEzsJaRkYfLJcEnAk3op74peFbcmk7AAOZx49%2B0O5qPdhnrBXid4k%2FeofCXavlIMrVr4m63xUav4RKViNbA14YQvGptpIG95agfAkV3oVIjjTGW%2F9Mp1Xq4G5MdeC8KxdhMp6r0eVuv"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7fe09a563e5bb529-OSL
alt-svc: h3=":443"; ma=86400
expires: Sun, 03 Sep 2023 23:32:05 GMT

GET
H2 200 jquery.touchSwipe.min.js Show response
elcorito.chat/js/ 11 KB
4 KB 189ms
186ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/jquery.touchSwipe.min.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ab340987711378e8cb5582b1f97f6938037712213396d8e7c7f8fa7b1ab4e5a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 04 Jun 2014 05:05:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2c99-538ea91a-17d1bbc;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfyHYtfs5F%2Br8DGcj4MpGZQOyGkY2AWw86Rmfs6DNRdTAepXVBJ3UYiz4Sb1vF4gy%2BWRW0agwgasGDxbsVOKhivxleEDk81x0kGapKu0Cgwm%2FMjPHqMEVAZEaAgMcGxLFDtto3jXfO%2BVY2DH"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7fe09a563e5cb529-OSL
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Sep 2023 00:16:01 GMT

GET
H2 200 audio8_html5.js Show response
elcorito.chat/js/ 57 KB
13 KB 238ms
235ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/js/audio8_html5.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3039294d93ec76b04b90caa559cfb3e21a2aea6707455068d28e23c9530c522b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Feb 2020 10:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e43a-5e58ece0-17dd81f;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VDJQIljuXQ840GWUOot8vIZhLUqjSzkTmdxWRZ9Jj%2BdQNctX%2F0IAtDx4C%2FXJyzN3faMGucjr7cqAulG28apSTyNkIvrrJyGkExOOCTDQIMvnvBXOhjf8kwncRDRmyjM3DvIAhkV1xHfrK7N"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7fe09a569e85b529-OSL
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Sep 2023 00:16:01 GMT

GET
H2 200 bootstrap.min.css
elcorito.chat/scripts/bootstrap/css/ 97 KB
17 KB 78ms
76ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/scripts/bootstrap/css/bootstrap.min.css
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a2de362f54e3c988cc8c9fbf68fe12018c8ae42fe11509a747f52f17834466

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 89036
etag: W/"184dc-5e736f78-286312d;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4FhSmviA8%2FHJm16VrFpDmg019T7YmNflCfL1QYL%2FbWkIQMZjuUYT3xzAwbxTJogFliP1Ms5Cicd5ZJH%2FGlNVA8RZiBPK2FMMHpJ8%2BhJGZv1K3%2BYX0942rUJnpP4y%2Bcz9K1PbEyMbVANmqMz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7fe09a563e4db529-OSL
alt-svc: h3=":443"; ma=86400
expires: Sun, 03 Sep 2023 23:32:05 GMT

GET
H2 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 21 KB
5 KB 224ms
76ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601, 617, 617
age: 7178841
cdn-cachedat: 2021-08-03 04:14:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 6358afe6e12aefed963ad27f3935d6d1
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7fe09a572b9eb500-OSL
cdn-requestpullsuccess: True

GET
H2 200 stylesheet.css
elcorito.chat/assets/ 22 KB
6 KB 80ms
78ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/assets/stylesheet.css
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 263e0ef22df06639af1fa219ae0ab49beff0ea390f9094ec777565f7256f86db

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 89036
etag: W/"56e5-5e736f78-8c2f84;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYgXEt00sVxb0F%2Bng0TsHsICx4uR%2BZ3FKGlx52NvCGRcpuPspwzrt7pAJrpLjzmPGNY7vZdy5Z9gzlbAZx74xFkx8k%2FZSs14HbopM67%2FhOWC6Fhys5JpI6NaZrkYiXOXaDRLQxLfUKHCyh8Z"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7fe09a563e4fb529-OSL
alt-svc: h3=":443"; ma=86400
expires: Sun, 03 Sep 2023 23:32:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
985 B 297ms
102ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo+Narrow|Source+Sans+Pro:200

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce33e35a475e197d3021b98c39d61aadb9780dab2e0fd0992c8f27f4d44bdae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 29 Aug 2023 00:16:01 GMT

GET
H2 200 simpleparallax.css
elcorito.chat/scripts/parallax/ 749 B
638 B 76ms
74ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/scripts/parallax/simpleparallax.css
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a29a4c0bb4e5f3a765e711bf3463e29253bc45137107b05bfac1f5436c803da

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 89036
etag: W/"2ed-5e736f78-4461d93;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhkFeACfvNEWRWOHZ%2FhaV6eWwYvmHYNwnfkUPHVai3d87jtWTXVMsyipZ0mcl9oLDfxNISv7NTgiBJmCrXNX5NSq9qhJhpvfm507BNKBqq7c5%2BIu5iLhO6%2FI3QJqJq%2BEQlfbUyxhDF3nI0q1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7fe09a563e51b529-OSL
alt-svc: h3=":443"; ma=86400
expires: Sun, 03 Sep 2023 23:32:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 287ms
101ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144973325-1

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc49578bbfc8a73ba0f69cc371da46a8bbaad468091877f0c5c2957184c0ecb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66459
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Aug 2023 00:16:01 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 311ms
125ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

175cf7e0bd50450650c87ca96a17d43e5cbb58e84f3a04c73639431012f62ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51229
x-xss-protection: 0
server: cafe
etag: 3124424490835293948
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 00:16:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 411ms
225ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156928160-1

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f02de7bbc47fc54654c7493dcfbd4656e01a658fc386a447aacbe69bb378e823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66472
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Aug 2023 00:16:01 GMT

GET
H3 200 todosconwebcam.jpg
elcorito.chat/images/ 173 KB
174 KB 281ms
279ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/todosconwebcam.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9779d8159d328d842f63cac031444d411a42c8dadfae9f2313e6e4369485274b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2b5da-5e736f78-dd356c;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bh5nYjhkrkZdeIED0I2%2FOESxBuCS2pjoqvdkjYPSgV7ZJZhSorbkcnyyFrZC%2BxX8Q5UpeT7G7AddZZfmZCq99xu%2Fzl9LyCObXpemtIdql7GCRIrZD6WSdH%2BxkWmvpGeewEcpZSbraUapAiB9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe09a59d879b4f1-OSL
alt-svc: h3=":443"; ma=86400
content-length: 177626
expires: Tue, 05 Sep 2023 00:16:01 GMT

GET
H3 200 webcam.png
elcorito.chat/images/ 4 KB
4 KB 207ms
205ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/webcam.png
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49883b2ff34194c5fbf2ed8a87a378de086a67334253d63d77ee02488c9d3f10

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
cf-cache-status: MISS
last-modified: Sat, 20 Feb 2021 20:14:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ff2-60316da6-dd356d;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTJi7RH%2FNu3m103%2BAgvwV3bDJbZYZC1t%2BylmJ8x4VGyexLsXCmCpGZP3K4wAVFA2hZwM8oDIqzlP9tYPtAQs7O1WBBtIaP%2BTW1vUl1JVnrctIu1a28rymO99JnDoW6XAjku5EXVa3v5qSLLc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe09a59d87bb4f1-OSL
alt-svc: h3=":443"; ma=86400
content-length: 4082
expires: Tue, 05 Sep 2023 00:16:01 GMT

GET
H3 200 dj.jpg
elcorito.chat/images/ 45 KB
46 KB 281ms
279ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/dj.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a77ea5147173c42b23e754663635f044a9fc9cae895aa1487e7cbe4a46ae156

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b4a8-5e736f78-dd1d17;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecWBxpnlbNf9mWQmPBgz6uuCpTsp0hmt357IJjkCyoSJL%2FqKekanF9DlRUq93ejG70ueTtgMgtnt7DNOivri1oEowD9qapeHsoOE4UQuX9JMCKvGdvOya0jLQ4TsmCGwKB0v%2BjsVRtpksRN8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe09a59d87cb4f1-OSL
alt-svc: h3=":443"; ma=86400
content-length: 46248
expires: Tue, 05 Sep 2023 00:16:01 GMT

GET
H3 200 salas.png
elcorito.chat/images/ 37 KB
37 KB 237ms
235ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/salas.png
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b302f3162063054c6c6a18ac90cc62e69a395912cd157dacd2d53e1d4b06597e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9393-5e736f78-dd3566;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6DRD0nfaJ4go1IA2H%2Fo5e8OZuFBN263d6rI3PEd2nSOtBd%2B8bNY5iGeFHD7D%2Bohvc36iq2eS1VnnsplhwgntEjd%2BvqvXBRk5fZ7ZTslPSOZVtCAE3cpq8a5NMZ%2F2lNushmHqF6Vzio1PyTB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe09a59d87eb4f1-OSL
alt-svc: h3=":443"; ma=86400
content-length: 37779
expires: Tue, 05 Sep 2023 00:16:01 GMT

GET
H3 200 amistad.jpg
elcorito.chat/images/ 23 KB
23 KB 77ms
75ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/amistad.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 287441d6ca926bac6b7e4e50b48412faf12fa3654c80d3abd0f20dc420632eee

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89036
alt-svc: h3=":443"; ma=86400
content-length: 23445
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
server: cloudflare
etag: "5b95-5e736f78-dd1d0f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fg79FgOKKxLFhl4BqzG2vhXwONAInqqqcTJiD1YW8WaiYpWDTFtXTH4hLW50cbewSu2O8TIF%2B4%2ByHc7zfTs6WeIIbRol7IkA9D8oIWxTJjdKSUaOJrTx3NlaV7FF2G79f4pi0N7hSBaZ2HzA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe09a59d87fb4f1-OSL
expires: Sun, 03 Sep 2023 23:32:05 GMT

GET
H3 200 contacto.png
elcorito.chat/images/ 13 KB
14 KB 207ms
205ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/contacto.png
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc2a934d09315618cc7d670f748958a584c14cb54a8619b455b71ec9f62fc887

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "351e-5e736f78-dd1d14;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5n9tV6GSZ7q7cAnj56muQwOra%2Bzc45Z16pdD4CWdY6o7fKx19Jn0jP79DWfSUBdJfQi8LDBzg%2FHCEPbZ3VydP8aHpcyUp6fMVxpuB7EegCzqhRQRJm%2BH7U9geZZaMVM%2FUV7EAw2nqkqgMotk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe09a59d880b4f1-OSL
alt-svc: h3=":443"; ma=86400
content-length: 13598
expires: Tue, 05 Sep 2023 00:16:01 GMT

GET
H3 200 ligar.jpg
elcorito.chat/images/ 20 KB
20 KB 413ms
411ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/ligar.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e38ca9bffa82d9df246392811cb84323aae578099752e322751189cd897ab0c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4fd2-5e736f78-c95bda;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsIsnbNL8GuqkVel9kRUpA%2FQNN5BAdIeET6mlc4iyhYbXLBu0w%2BdEmtQN22u7mE4j6mOB%2BbJbsUCcd1YcgpI2HPjFnrsN81b%2BIuCY4NB7MlnjT1maroPCKqEjXdTXmaqewt7%2B1xlX2nOw75E"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe09a59d881b4f1-OSL
alt-svc: h3=":443"; ma=86400
content-length: 20434
expires: Tue, 05 Sep 2023 00:16:01 GMT

GET
H3 200 madura.jpg
elcorito.chat/images/ 30 KB
31 KB 208ms
205ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/madura.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5dba68d705ba20baa1e8133d51261af4897d351c3d861704aa280eabd710480

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7862-5e736f78-dd3564;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oX0sQCoBUoF%2BYd%2FL01p8FR1Pdal4KuewOzxX6EY2P4%2BxVky6E8yGaAzgz9Ael4xsI6hE97DACUC86w4qTvJZuCGzt8dCIF6jayyG715fZA7%2FzQedfFo%2FbD2xMzb2FMcV6cPY95E7bZOeQHva"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe09a59d882b4f1-OSL
alt-svc: h3=":443"; ma=86400
content-length: 30818
expires: Tue, 05 Sep 2023 00:16:01 GMT

GET
H3 200 18-30.jpg
elcorito.chat/images/ 28 KB
29 KB 143ms
141ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/images/18-30.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b894ff327ab4f945741b16af437bfe9d6b5e89d0726181528b60b8c2ddc017e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89036
alt-svc: h3=":443"; ma=86400
content-length: 28742
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
server: cloudflare
etag: "7046-5e736f78-dd1d0b;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAWs0s3GOR1VYLoW06eLdhoYZ4n0lunSyWa5bAhR9q%2FaNQZym%2FhOJhfzhmRXnrlBfI3V4WR%2FUWVK4ha52Xy2Ch6RvImZgK1BS8o2zhBeZEhRQdMZkqm1xxQ9NUJzxrOXEq14oW%2B4OyeABzzJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe09a59d883b4f1-OSL
expires: Sun, 03 Sep 2023 23:32:05 GMT

GET
H2 200 dmca_protected_sml_120l.png
images.dmca.com/Badges/ 2 KB
2 KB 121ms
68ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca_protected_sml_120l.png?ID=b79b6e7d-3d96-4b3b-8f80-3c7363e77180
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 619f522608653b3074b1161f407de89e5806804729edacadd3accc0e1bf97a94

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
last-modified: Tue, 04 May 2010 23:19:10 GMT
server: Microsoft-IIS/10.0
etag: "26b76633e0ebca1:0"
x-powered-by: ASP.NET
x-hw: 1693268161.cds219.sk1.hn,1693268161.cds253.sk1.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/dmca_protected_sml_120l.png>; rel="canonical"
content-length: 2122

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
671 B 203ms
67ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1693268161.cds219.sk1.hn,1693268161.cds225.sk1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 s.js Show response
waust.at/ 8 KB
4 KB 185ms
61ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/s.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2528
etag: W/"63c0411e-2170"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeUL9wU8aAJtgSpu%2FkZOGaDZ0djHO%2BJ6QN26TOJcO8vKcdi4%2FbZWx9kTzyRZtGbFNHZgJq2BYFsd373tc9IAwHZWOKq8YHCmwVAkoyxduli91sTe8uJr4gaklsd1mMomP%2BRwVTwO"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7fe09a5a9e3fd97f-HEL
expires: Tue, 29 Aug 2023 23:33:53 GMT

GET
H3 200 jquery-1.10.2.min.js Show response
elcorito.chat/scripts/ 91 KB
34 KB 374ms
374ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/scripts/jquery-1.10.2.min.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"16bb3-5e736f78-18013c6;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HAwjEML3SrOy%2B%2Fgrlz38iETp1lgg5BMFrSfyuviXP50yK543JmQH%2FN2%2FOIcgpgU3kzNpTbEL3Zjs6jn%2FpF0Z3Iq961CXz61l541mTeBIZcEYC1hvduxb30b8JxCtnxDcGinM3xeIWISPTuc"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7fe09a59a85bb4f1-OSL
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Sep 2023 00:16:01 GMT

GET
H3 200 bootstrap.min.js Show response
elcorito.chat/scripts/bootstrap/js/ 27 KB
8 KB 75ms
74ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/scripts/bootstrap/js/bootstrap.min.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 89036
etag: W/"6cae-5e736f78-3093870;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfCtSHdAl9jkTsEz73rpc0Z%2BDAHz8VdU8W9MjNNHhITaXAUTOkrKd0bUCTs2nzue4O5N30R4B4pUk1v7OJ27QQTITyBpPtzJkV7rs324L8qy7Tutp%2BEYIQceigTpghaRhx156l5%2F1rUCjiXJ"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7fe09a59d870b4f1-OSL
alt-svc: h3=":443"; ma=86400
expires: Sun, 03 Sep 2023 23:32:05 GMT

GET
H3 200 landscape-bg.jpg
elcorito.chat/assets/ 130 KB
131 KB 414ms
412ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/assets/landscape-bg.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4fb502ca1cb75eab89973f7726007591fb388ebfdea4216faddca45118213c1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "209b8-5e736f78-8c2f83;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0gUNCr8CjsRSv31dZ1dbh%2Fz8Mt92wE8wwsWlXmdL%2BZIKtZQ3tn9RSB3Xe0a73IEf%2B6uFVZX9EI1YgcR9OH5gMPTaqqvKt%2FgNKxPfELvN5N4Td9%2FxojU4ZBhV1zUb8%2FY3L8Gwnykh5wd3R17"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe09a59d884b4f1-OSL
alt-svc: h3=":443"; ma=86400
content-length: 133560
expires: Tue, 05 Sep 2023 00:16:01 GMT

GET
H3 200 default.js Show response
elcorito.chat/scripts/ 3 KB
1 KB 237ms
234ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/scripts/default.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c23dc6d33756a70efed4e2d27fd9314b2dca3ee7e0243fd552c041a61c6c5e8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c3d-5e736f78-18013c3;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywnsPuPx6z3Hu9d%2BtPkViA3qbscZZ%2FxpWTNpP6wAq8%2BhuzcsWQsgE%2FMNgfgWZot5V%2F%2F%2BzS7OU%2B%2F9VPQPIg%2F%2BWOVkQAbsLoIBN06XCIX7aXNbcNK6%2BWYEOAy7tIFk6sBxzwiY0q9AVZtbIEcB"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7fe09a59d876b4f1-OSL
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Sep 2023 00:16:01 GMT

GET
H3 200 simpleparallax.js Show response
elcorito.chat/scripts/parallax/ 319 B
705 B 170ms
167ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elcorito.chat/scripts/parallax/simpleparallax.js
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fd7fb85167ed50ef6b6e19d89b2f5dea7b32a133b02ec15744b5921f72e9751

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"13f-5e736f78-4461d94;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqNVsqvSoRBTaze4lVkM2JUunPC%2BRYR%2BePKWeqUuq4DHKXamqyZD%2FOLJpUSLG5uGZ0Q2p3Z%2Bbobg6BgaVwufGEjDYoJw%2BybuE6w1QXlTrD%2BV%2F9LxYQHgH4PJkls0IftRiKFumK4gsEMSr9Zh"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7fe09a59d877b4f1-OSL
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Sep 2023 00:16:01 GMT

GET
H3 200 2383_z3y7qw.jpg
elcorito.chat/assets/ 125 KB
125 KB 412ms
412ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elcorito.chat/assets/2383_z3y7qw.jpg
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54ad56988bf78090ce07a5897636fcf8f1f4209a244c8ec03aa45d16f6309375

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89036
alt-svc: h3=":443"; ma=86400
content-length: 127665
last-modified: Thu, 19 Mar 2020 13:11:20 GMT
server: cloudflare
etag: "1f2b1-5e736f78-8c2f81;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lIm6tpMnZy4ZBLjWafVfar3daIXmXXaqPPXAvYxsz9vv9M3cxuPaimTvezvrpCZkKa9V9n8TyWxVW65XLcsetoClRPWW5rNVWlsRrrqggbNc5zp3VFHCN0BKRSUQXTo8%2BPOrorM%2BrvVvEnt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fe09a59d885b4f1-OSL
expires: Sun, 03 Sep 2023 23:32:05 GMT

GET
H2 200 tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3msNicr6A.woff2
fonts.gstatic.com/s/archivonarrow/v29/ 12 KB
12 KB 264ms
87ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivonarrow/v29/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3msNicr6A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow|Source+Sans+Pro:200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

955cbadaf9207e872e90e8413c278a3a78f7477355f5167080a18aa6e656f277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elcorito.chat
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 26 Aug 2023 17:08:49 GMT
x-content-type-options: nosniff
age: 198432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11800
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:01:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 17:08:49 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 280ms
104ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow|Source+Sans+Pro:200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec190e2f6ca2b272958e593e24827f3e51d2352733b509cbe1e30868b875bb7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elcorito.chat
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 26 Aug 2023 09:26:29 GMT
x-content-type-options: nosniff
age: 226172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14428
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 09:26:29 GMT

GET
H3 200 fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 43 KB
44 KB 178ms
107ms Font
font/woff 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Origin: https://elcorito.chat
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1076
cdn-cachedat: 01/04/2023 08:53:03
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 44432
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "3293616ec0c605c7c2db25829a0a509e"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 649faa2b9f47ebcc06faed46a9219554
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7fe09a5a4c870b59-OSL
cdn-requestpullsuccess: True

GET
H2 200 / Show response
t.dtscout.com/i/ 2 KB
2 KB 403ms
278ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Felcorito.chat%2F&j=https%3A%2F%2Fphoto.hdd3.one%2F
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 991c306927ae3a48545e30fa2edcf01da1b53f4837ae65c30e8116d92e4bdde5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:02 GMT
x-t: 0.268
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bf7ccAqacidfAWC2wgaWP9UKWMtBu1l55PRNYx92nIPtAxPrYTen5%2B9%2Buk0rdyMgwbIcgG4TzH176TZUiBI%2FtQeYXIDvn4GPEtJ7CuZe0vQkzT2r3BpzSuNafFCL2wsaeQuE13hDP4XtOe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 7fe09a5bdf6f4c8a-HEL
expires: Tue, 29 Aug 2023 00:16:01 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 29 B
183 B 350ms
203ms Script
text/javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=8lruh7yuwp&t=Elcorito%20%E2%96%B7%20Una%20Vaina%20Bien!%20%7CCHAT%20DOMINICO-BORICUA%7C&c=s&x=https%3A%2F%2Felcorito.chat%2F&y=https%3A%2F%2Fphoto.hdd3.one%2F&a=0&d=1.332&v=27&r=4792
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8234bccff302ed4ba52da9c9c1952f16644a6f9a921f8e8409a4cca9687ac3bd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:02 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7fe09a5d1a6d0b55-OSL
content-type: text/javascript;charset=UTF-8

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/ 384 KB
130 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4896375881595114&plah=elcorito.chat&bust=31077452

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

519e5275a9fb510192bb8d399f6f98fb337cb105269d9b9028c43d38584e9b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133271
x-xss-protection: 0
server: cafe
etag: 7346871587197598744
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 00:16:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230824/r20190131/ Frame 96A9 10 KB
5 KB 270ms
86ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230824/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

age: 81600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 01:36:02 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 01:36:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 103ms
102ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2QGFJD0WL7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144973325-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a68f8660c6a9fd5e5eb405f5f52af5d99a2e4ec44e4d041f10ce12de39d598c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78713
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 00:16:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 271ms
89ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144973325-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Aug 2023 23:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1899
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 29 Aug 2023 01:44:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 120ms
120ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156928160-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144973325-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8a8f586750ca8ff3eb470b33c50a6e0c3d89eb89aea4745177c5b2319769290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66579
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Aug 2023 00:16:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 145ms
145ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7QBYH7SFLV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156928160-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f21e940f1ce313a8af7765e6df6c772104f351067b045d3ed0c09337242f44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78765
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 00:16:02 GMT

GET
H2 200 / Show response
t.dtscout.com/pv/ 50 B
342 B 278ms
278ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=elcorito.chat&_ss=1pvy7atv8k&_pv=1&_ls=0&_u1=1&_u3=1&_cc=fi&_pl=m&_cbid=73z3&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Felcorito.chat%2F&j=https%3A%2F%2Fphoto.hdd3.one%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec7099b56d834d12dbea918994564e605ea14610c0a23970a9f91b5a91240ba

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:02 GMT
x-t: 0.171
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KB06Es7xPw%2FVRfTc8f%2BupS8K69yyJ9jH5mjZRiaKmZq2siRiX42g3wHjJiDhiGlupl75Ld3yfJ0lFg9JmlGK2d8qpYeyNA0y9WHeLVeMkzaR%2FwGC63Fu3pnTWWAXLckvDnlzZ9C%2Fd6sxSgE%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 7fe09a5d99534c8a-HEL
expires: Tue, 29 Aug 2023 00:16:01 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 199ms
68ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2QGFJD0WL7&gtm=45je38n0&_p=1583375967&cid=1584915242.1693268162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1693268162&sct=1&seg=0&dl=https%3A%2F%2Felcorito.chat%2F&dr=https%3A%2F%2Fphoto.hdd3.one%2F&dt=Elcorito%20%E2%96%B7%20Una%20Vaina%20Bien!%20%7CCHAT%20DOMINICO-BORICUA%7C&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QGFJD0WL7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elcorito.chat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/ 55 KB
21 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4896375881595114&plah=elcorito.chat&bust=31077452

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bef813d674fe3cfb11969e2fe860b5e6ab38635cd11d199cc62d7964be4f5d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 08:23:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21490
x-xss-protection: 0
server: cafe
etag: 12863670588703421085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 08:23:31 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
332 B 95ms
95ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=elcorito.chat&callback=_gfp_s_&client=ca-pub-4896375881595114

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aee03be428989bb9f7fb6ec7e177dde00914128ddfeeaf8d7a9708bfd9b29e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 23D4 326 KB
79 KB 613ms
613ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&adk=1812271804&adf=3025194257&lmt=1679701550&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Felcorito.chat%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161995&bpp=4&bdt=1037&idt=273&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1735567959380&rume=1&frm=20&pv=2&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=301

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaa931ca9a73e452feb6564f76452678affeaa548375786dff0f168017432094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 80797
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 00:16:02 GMT
expires: Tue, 29 Aug 2023 00:16:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 124ms
123ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=navbar%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0589 107 KB
36 KB 543ms
543ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161999&bpp=2&bdt=1040&idt=301&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ifuhMGIzi&p=https%3A//elcorito.chat&dtd=306

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

526754c37bf96e2e25587ea2d9a54741fbe98a281c0aba8a6fa619b948bfc0fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37163
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 00:16:02 GMT
expires: Tue, 29 Aug 2023 00:16:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FCC5 100 KB
42 KB 425ms
425ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=2005281337&adf=2296579135&pi=t.ma~as.8294562186&w=504&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=504x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268162001&bpp=1&bdt=1043&idt=315&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=357&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Kh0U6LaQsk&p=https%3A//elcorito.chat&dtd=317

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113678bb0b9311d4068dcca804bf657bdfbcfb326286f9952b9f0e4c1a8ac2ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42461
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 00:16:02 GMT
expires: Tue, 29 Aug 2023 00:16:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 103ms
70ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7QBYH7SFLV&gtm=45je38n0&_p=1583375967&cid=1584915242.1693268162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1693268162&sct=1&seg=0&dl=https%3A%2F%2Felcorito.chat%2F&dr=https%3A%2F%2Fphoto.hdd3.one%2F&dt=Elcorito%20%E2%96%B7%20Una%20Vaina%20Bien!%20%7CCHAT%20DOMINICO-BORICUA%7C&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7QBYH7SFLV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elcorito.chat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 20 KB
7 KB 216ms
69ms Script
application/javascript 104.18.34.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c408f5b072dc8f5449091bc50d95ea19c724eb19e1ff19a61d19336ac0087259

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 10 Aug 2023 17:56:38 GMT
server: cloudflare
age: 22755
etag: W/"64d524d6-4e3d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7fe09a5fdaa02d81-ARN
expires: Fri, 01 Sep 2023 00:16:02 GMT

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 97ms
96ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1583375967&t=pageview&_s=1&dl=https%3A%2F%2Felcorito.chat%2F&dr=https%3A%2F%2Fphoto.hdd3.one%2F&ul=en-us&de=UTF-8&dt=Elcorito%20%E2%96%B7%20Una%20Vaina%20Bien!%20%7CCHAT%20DOMINICO-BORICUA%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1843943692&gjid=95201948&cid=1584915242.1693268162&tid=UA-144973325-1&_gid=750923532.1693268162&_r=1&gtm=457e38n0&jsscut=1&z=682153485

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://elcorito.chat/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elcorito.chat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 98ms
97ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1583375967&t=pageview&_s=1&dl=https%3A%2F%2Felcorito.chat%2F&dr=https%3A%2F%2Fphoto.hdd3.one%2F&ul=en-us&de=UTF-8&dt=Elcorito%20%E2%96%B7%20Una%20Vaina%20Bien!%20%7CCHAT%20DOMINICO-BORICUA%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1904541842&gjid=1149738076&cid=1584915242.1693268162&tid=UA-156928160-1&_gid=750923532.1693268162&_r=1&gtm=457e38n0&jsscut=1&z=1620151032

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://elcorito.chat/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elcorito.chat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
228 B 495ms
162ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!8lruh7yuwp&lm=0&ts=1693268162632&dn=TC&iso=0&gpp_sid=&pu=https%3A%2F%2Felcorito.chat%2F&r=https%3A%2F%2Fphoto.hdd3.one%2F&t=Elcorito%20%E2%96%B7%20Una%20Vaina%20Bien!%20%7CCHAT%20DOMINICO-BORICUA%7C&chmob=0
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Tue, 29 Aug 2023 00:16:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DE4B 0
16 B 97ms
97ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_XsQEQysq3igIYlYrL9AEwAQ&v=APEucNWAO83BqDU-xpTYeq2YNbBBbyzBbLlowRhtmDjq5mbGWA2JOEpicWABQ4kjOxEsInKijDDcMmucI-KlkMQloRFQSFR81V3oPCRSbVRCuKgMkjbUbsOvNA9HKSD4ReYahBz5tbpNEpsWipipkRtJU12cSxukGpeIjn7PPhfGem1NQnmmmQs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=2005281337&adf=2296579135&pi=t.ma~as.8294562186&w=504&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=504x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268162001&bpp=1&bdt=1043&idt=315&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=357&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Kh0U6LaQsk&p=https%3A//elcorito.chat&dtd=317

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=2005281337&adf=2296579135&pi=t.ma~as.8294562186&w=504&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=504x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268162001&bpp=1&bdt=1043&idt=315&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=357&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Kh0U6LaQsk&p=https%3A//elcorito.chat&dtd=317
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 00:16:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/ Frame 00AB 23 KB
9 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/abg_lite_fy2021.js

Requested by

Host: photo.hdd3.one
URL: https://photo.hdd3.one/VIEW-PHOTO_cbhub8b4t

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:55:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:55:18 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/elements/html/ Frame 00AB 7 KB
3 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: photo.hdd3.one
URL: https://photo.hdd3.one/VIEW-PHOTO_cbhub8b4t

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46862bd03f96bd24aa144ecd892c910f1df88ee0381c34161cb27fa3dceda2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 15:06:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3069
x-xss-protection: 0
server: cafe
etag: 15211577367894686919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 15:06:43 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 00AB 0
0 318ms
123ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstH4cOvq8XA96jBUGMO2znq0RskH-TLJ5YBfzTBroOgDqK5E_tFUn4rFuJUPHCWpy6yu8cS5hGceYNkRr5PN2tH0ZAl5sACXyf4C175x389Hm5SFnntwjCxWK-g_5MEFVm7s3qrr58AOqqx1HKT2h3yNIkXqiKOqf1X0z9qcHWfUuyqa4qFxlpeYh4KN8GsTEBZoTeY1rgoaVyW4ou2fymir2U0fvhICZ-TrYd2rV_G-dxKxj-efkKM6VXjH3VSgFEfwbmhKyFk42vTYELMsos9ugJ0HlThOoDpzX7LwEVyX0pcWxzwZtj7vRlu1nRrv42RrSv3oyLLjh7UG4qsDdTFnCFlAV1WFiIvC5zCHS7Gwga2ZZEulejrX-HZbkFzFT_0-ZWORkkEGcZiK6z4CnkM0tjeodEazWLGcDRBf1VZVtRzsMfq-sWW29jT9YffD9ZM6UmaRh7L7XpKUk6UfkrC_vbgvky5cytUtzDtuRaNKHmUKgWHW9X9R_94i3Q4XLn94uMdx144zp1LZZxuuNy01ZDkpTVsPt57ZNOr3Q_w7Jqo4Kc8XbPdQZg7V6kbHis0FxdNDvHWzdJYpMLGtYAoFoN1--T9xERFwMoY4whOVP7_z3fxS1DXDaYDGzsFpAMtHXMYLEyg1SzwD9fgW2-l3E7wxw8MpamPvigIdyOxlJIB2R7NwSYsIHXAoVaPj67I9jqNWcrO_ZQjw6Zsz4bjagX_G2y5Vw7yWdoeIWTwi-nN9UZkg3cQS9snS0gEHlBhPXCX65l-HpjuFq1klOib4Ra44aScpc-wEOAxVXkFpEz_x_Q2Q0y5sY0bUAWikqBuUfp1yMR1_1ZOLtt0ZNYtvWWPjbn-AtetjbmDYc3-IxvPLMc2Mjuko_KgRnKas5lX-5wXatIHgAneYTZOUMEpP3EX9-DE5MqZ7SKpjD1bdEtThlheGZCpzK_GPHNrdW5Zs6_iLbco2smmRC7zK1lqYpLhL4_xiCU6TQoe5rmGIHux30IAK8gcplM1IFi0xa0azNg9JAjioHJoHO9gPGkNFIm3wRxWLRxmhR-a3NL3XdWkREAw9vV-fmlVmb4t8qRlr2gQWXSXpUmamw1r1_RETOMuY9bo7bLi8qIazqO-rp4nZ1xcv1LB5gAiI5cX-ITHQ7X15rHj151LOoo7cuOyFAUz27MwpmpS02UKgpmXwSFq3xbirr9EPbM0aRh3JE0C7XDy3XKUewyOyuVjLs0AYU1prSG144VWFFd6JIdOPPQzLn1NX4j6D2PcAKq8-hyIuQlhBCWEd5gnL-Gvgtk1gNI&sai=AMfl-YTOVoGsb40tIoZeyKR4SMFyHq8yV5Ooh1hnmmEmf7EFkfoP13rhhuPECHubR9RNOTEer4RN6HMKbJt2ZjYzjdqqEXYBJILEFRy8ofYRZYlfXFw1TBD3WEMDwSfYh5DcLOiSCmN1ZpyjbNwSeHRySSwOKsjnMnBmx67Wk44y3KcORpLftHusoNvdFEYVDsjgSueD3OOUl9BtiQlpbECJJjRV3-oaoeCSnWvRHcBWq1hIdtdphA&sig=Cg0ArKJSzHIX2Ra1BFkFEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20230824.41853&arae=0&ftch=1&adurl=

Requested by

Host: photo.hdd3.one
URL: https://photo.hdd3.one/VIEW-PHOTO_cbhub8b4t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 00:16:03 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 29 Aug 2023 00:16:03 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 00AB 41 KB
14 KB 422ms
225ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: photo.hdd3.one
URL: https://photo.hdd3.one/VIEW-PHOTO_cbhub8b4t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 27 Aug 2023 04:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Aug 2024 04:22:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 00AB 3 KB
1 KB 294ms
98ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:36:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:36:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 00AB 20 KB
8 KB 298ms
102ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:36:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00AB 181 KB
57 KB 320ms
127ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 00:16:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 00AB 42 B
63 B 123ms
123ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CB_p3I9xhPMnmVTAcZdcTLjrsuVz8tnrTehQm9Ngkj5mRc8Ew8BGmYjQYzudR1DfXMh5A-71jj1YALLWIPOTi_TQ28jvao4PDsWtb45VU3ObHsiXA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11457559755328028547
s0.2mdn.net/simgad/ Frame 00AB 58 KB
59 KB 289ms
88ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11457559755328028547

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

153f658e4833a7804cfe495a7b62f1b40cce43605fdf2bdbb119b9aef9bf8ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 17:34:46 GMT
x-content-type-options: nosniff
age: 283277
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59773
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 12:45:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Aug 2024 17:34:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0589 14 KB
1 KB 101ms
100ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161999&bpp=2&bdt=1040&idt=301&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ifuhMGIzi&p=https%3A//elcorito.chat&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e845fcb50a34be246ce18c0187a8662517a3a7a45673ab56ef124fe70da00dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 00:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 29 Aug 2023 00:16:02 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
327 B 496ms
163ms Script
application/javascript 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!8lruh7yuwp&dn=TC&cc=1&chmob=0&r=https%3A%2F%2Fphoto.hdd3.one%2F&gpp_sid=&pu=https%3A%2F%2Felcorito.chat%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Tue, 29 Aug 2023 00:16:02 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 4
expires: Wed, 30 Aug 2023 00:16:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 0589 2 KB
973 B 387ms
221ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161999&bpp=2&bdt=1040&idt=301&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ifuhMGIzi&p=https%3A//elcorito.chat&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:38:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/ Frame 0589 23 KB
9 KB 243ms
85ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161999&bpp=2&bdt=1040&idt=301&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ifuhMGIzi&p=https%3A//elcorito.chat&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:38:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 0589 3 KB
1 KB 255ms
98ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161999&bpp=2&bdt=1040&idt=301&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ifuhMGIzi&p=https%3A//elcorito.chat&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:36:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:36:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 0589 20 KB
8 KB 323ms
166ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161999&bpp=2&bdt=1040&idt=301&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ifuhMGIzi&p=https%3A//elcorito.chat&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:36:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0589 181 KB
57 KB 422ms
268ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161999&bpp=2&bdt=1040&idt=301&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ifuhMGIzi&p=https%3A//elcorito.chat&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 00:16:03 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 0589 36 KB
15 KB 272ms
87ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161999&bpp=2&bdt=1040&idt=301&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ifuhMGIzi&p=https%3A//elcorito.chat&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/78616277021517676/ Frame 0589 24 KB
24 KB 323ms
177ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/78616277021517676/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161999&bpp=2&bdt=1040&idt=301&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ifuhMGIzi&p=https%3A//elcorito.chat&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

825151e0c44686c629eebeb2826a5fc7dae8cdc6d8bc29b40cdb1e5599994eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 26 Aug 2023 15:19:42 GMT
x-content-type-options: nosniff
age: 204981
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24578
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 16:33:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 15:19:42 GMT

GET
DATA 200
OK truncated
/ Frame 0589 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0589 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/ 154 KB
52 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/reactive_library_fy2021.js?bust=31077452

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0168198b75b3e95aed2a89bbcf868668a1547005682606264e14ac9962c427e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53637
x-xss-protection: 0
server: cafe
etag: 13694515219418270424
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 00:16:03 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 164ms
164ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!8lruh7yuwp&lm=0&ts=1693268162632&dn=TC&iso=0&gpp_sid=&pu=https%3A%2F%2Felcorito.chat%2F&r=https%3A%2F%2Fphoto.hdd3.one%2F&t=Elcorito%20%E2%96%B7%20Una%20Vaina%20Bien!%20%7CCHAT%20DOMINICO-BORICUA%7C
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Tue, 29 Aug 2023 00:16:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/ Frame 4A2F 10 KB
4 KB 87ms
87ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

age: 78392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 02:29:31 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 02:29:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/ Frame 606D 10 KB
4 KB 87ms
87ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

age: 78392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 02:29:31 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 02:29:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 00AB 355 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6bd715605dbb553671382db980b45486f35f4d4e434e90c1297a223fa51d1de

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0589 356 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f82b5b17957b123cf8e77a19b842fa5d3ac5adf10e17f4b36158d8ff25bab9b5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 168ms
166ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!8lruh7yuwp&lm=0&ts=1693268162632&dn=TC&iso=0&gpp_sid=&pu=https%3A%2F%2Felcorito.chat%2F&r=https%3A%2F%2Fphoto.hdd3.one%2F
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Tue, 29 Aug 2023 00:16:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 css
fonts.googleapis.com/ Frame 4A2F 2 KB
572 B 98ms
98ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a59e3a82cadfd2a32912b7efb46daaf605102ec22582630bdf091f006e29a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 29 Aug 2023 00:16:03 GMT

GET
H2 200 more_vert_white_48dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4A2F 233 B
549 B 89ms
87ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/more_vert_white_48dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 26 Aug 2023 07:56:10 GMT
x-content-type-options: nosniff
age: 231593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 25 Aug 2024 07:56:10 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4A2F 205 B
296 B 91ms
89ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 27 Aug 2023 06:59:13 GMT
x-content-type-options: nosniff
age: 148610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 26 Aug 2024 06:59:13 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4A2F 604 B
719 B 89ms
88ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 13:52:52 GMT
x-content-type-options: nosniff
age: 296591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 24 Aug 2024 13:52:52 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/elements/html/ Frame 4A2F 15 KB
6 KB 86ms
84ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

328cb29271341963f1503c02d0d00d7d67f60396961e4fdac73b74ebbe16d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 15:00:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6521
x-xss-protection: 0
server: cafe
etag: 18225085782652855565
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 15:00:38 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/elements/html/ Frame 4A2F 20 KB
8 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:41:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 606D 6 KB
715 B 96ms
96ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6186e4df12dc2db44c3332b7606845657e3fdc0bdb10b29f0d06a13cd4431229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 29 Aug 2023 00:16:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 606D 2 KB
926 B 86ms
85ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:38:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/ Frame 606D 23 KB
9 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:38:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 606D 3 KB
1 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:36:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:36:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 606D 20 KB
8 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:36:32 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 606D 225 B
355 B 94ms
92ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 21:21:09 GMT
x-content-type-options: nosniff
server: cafe
age: 10494
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Tue, 29 Aug 2023 21:21:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 606D 181 KB
57 KB 126ms
124ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 00:16:03 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 606D 36 KB
15 KB 91ms
89ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 00AB 0
0 124ms
123ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstH4cOvq8XA96jBUGMO2znq0RskH-TLJ5YBfzTBroOgDqK5E_tFUn4rFuJUPHCWpy6yu8cS5hGceYNkRr5PN2tH0ZAl5sACXyf4C175x389Hm5SFnntwjCxWK-g_5MEFVm7s3qrr58AOqqx1HKT2h3yNIkXqiKOqf1X0z9qcHWfUuyqa4qFxlpeYh4KN8GsTEBZoTeY1rgoaVyW4ou2fymir2U0fvhICZ-TrYd2rV_G-dxKxj-efkKM6VXjH3VSgFEfwbmhKyFk42vTYELMsos9ugJ0HlThOoDpzX7LwEVyX0pcWxzwZtj7vRlu1nRrv42RrSv3oyLLjh7UG4qsDdTFnCFlAV1WFiIvC5zCHS7Gwga2ZZEulejrX-HZbkFzFT_0-ZWORkkEGcZiK6z4CnkM0tjeodEazWLGcDRBf1VZVtRzsMfq-sWW29jT9YffD9ZM6UmaRh7L7XpKUk6UfkrC_vbgvky5cytUtzDtuRaNKHmUKgWHW9X9R_94i3Q4XLn94uMdx144zp1LZZxuuNy01ZDkpTVsPt57ZNOr3Q_w7Jqo4Kc8XbPdQZg7V6kbHis0FxdNDvHWzdJYpMLGtYAoFoN1--T9xERFwMoY4whOVP7_z3fxS1DXDaYDGzsFpAMtHXMYLEyg1SzwD9fgW2-l3E7wxw8MpamPvigIdyOxlJIB2R7NwSYsIHXAoVaPj67I9jqNWcrO_ZQjw6Zsz4bjagX_G2y5Vw7yWdoeIWTwi-nN9UZkg3cQS9snS0gEHlBhPXCX65l-HpjuFq1klOib4Ra44aScpc-wEOAxVXkFpEz_x_Q2Q0y5sY0bUAWikqBuUfp1yMR1_1ZOLtt0ZNYtvWWPjbn-AtetjbmDYc3-IxvPLMc2Mjuko_KgRnKas5lX-5wXatIHgAneYTZOUMEpP3EX9-DE5MqZ7SKpjD1bdEtThlheGZCpzK_GPHNrdW5Zs6_iLbco2smmRC7zK1lqYpLhL4_xiCU6TQoe5rmGIHux30IAK8gcplM1IFi0xa0azNg9JAjioHJoHO9gPGkNFIm3wRxWLRxmhR-a3NL3XdWkREAw9vV-fmlVmb4t8qRlr2gQWXSXpUmamw1r1_RETOMuY9bo7bLi8qIazqO-rp4nZ1xcv1LB5gAiI5cX-ITHQ7X15rHj151LOoo7cuOyFAUz27MwpmpS02UKgpmXwSFq3xbirr9EPbM0aRh3JE0C7XDy3XKUewyOyuVjLs0AYU1prSG144VWFFd6JIdOPPQzLn1NX4j6D2PcAKq8-hyIuQlhBCWEd5gnL-Gvgtk1gNI&sai=AMfl-YTOVoGsb40tIoZeyKR4SMFyHq8yV5Ooh1hnmmEmf7EFkfoP13rhhuPECHubR9RNOTEer4RN6HMKbJt2ZjYzjdqqEXYBJILEFRy8ofYRZYlfXFw1TBD3WEMDwSfYh5DcLOiSCmN1ZpyjbNwSeHRySSwOKsjnMnBmx67Wk44y3KcORpLftHusoNvdFEYVDsjgSueD3OOUl9BtiQlpbECJJjRV3-oaoeCSnWvRHcBWq1hIdtdphA&sig=Cg0ArKJSzHIX2Ra1BFkFEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=487&vt=11&dtpt=484&dett=2&cstd=0&cisv=r20230824.41853&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: photo.hdd3.one
URL: https://photo.hdd3.one/VIEW-PHOTO_cbhub8b4t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 00:16:03 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AA63 22 KB
8 KB 85ms
85ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 158013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 04:22:30 GMT
expires: Mon, 26 Aug 2024 04:22:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/5664746025507194507/ Frame 606D 46 KB
46 KB 141ms
140ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5664746025507194507/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edafc3831ddd27443e358922e99b94087d0c7a303e1cbdd2375c97f9bad82c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:03 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46821
x-xss-protection: 0
last-modified: Thu, 20 May 2021 13:48:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Aug 2024 00:16:03 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4321917875876830729/ Frame 606D 2 KB
3 KB 85ms
84ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4321917875876830729/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80322ded1e1fa544f9c2b0de4af8bda40e63b379814a16f07e7b63c17e58c80b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 26 Aug 2023 16:08:15 GMT
x-content-type-options: nosniff
age: 202068
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2521
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 15:24:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 16:08:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 107E 14 KB
1 KB 98ms
97ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e845fcb50a34be246ce18c0187a8662517a3a7a45673ab56ef124fe70da00dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 29 Aug 2023 00:16:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 107E 2 KB
934 B 95ms
94ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:38:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/ Frame 107E 23 KB
9 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:38:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 107E 3 KB
1 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:36:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:36:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/ Frame 107E 20 KB
8 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230824/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 14:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:36:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 107E 181 KB
57 KB 123ms
122ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 00:16:03 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 107E 36 KB
15 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 165ms
164ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!8lruh7yuwp&lm=0&ts=1693268162632&dn=TC&iso=0&gpp_sid=&pu=https%3A%2F%2Felcorito.chat%2F
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Tue, 29 Aug 2023 00:16:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0589 33 KB
33 KB 88ms
87ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49f9117b94a5252fe9275626b5dd68af08e0b445517dc246e5b444fb617036da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 26 Aug 2023 07:47:01 GMT
x-content-type-options: nosniff
age: 232142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34024
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 07:47:01 GMT

GET
DATA 200
OK truncated
/ Frame 606D 464 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a728904ffd0bdac40d2f563b920d1af3715bac6dbd26a85bd767721bff1a1f7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H3 200 oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js Show response
pagead2.googlesyndication.com/bg/ Frame AA63 37 KB
14 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 27 Aug 2023 19:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 19:02:05 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 00AB 63 KB
24 KB 645ms
91ms Script
text/javascript 2a00:1450:4001:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e883a277132916576be85df21d216a2689dbc586d66ab57c479fcc0e155612ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 23:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2702
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23941
x-xss-protection: 0
server: cafe
etag: 17328101047726939799
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 00:31:02 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 606D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C2940wjjtZJPcFpKqZfXStcAC4suX42nG4r_J1g2C57S1-QEQASC_nrwhYMMEoAG92963A8gBCakCik-GOUc2kD6oAwHIA8sEqgT1AU_Qe3ka8D_Xj593NEXaZifCVrqhqBsQDUTsQ4wIf1D...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210930227878301421158%22,%22debug_reporting%22:true,%22destination%22:%22https://carlofactory.pl%22,%22event_report_window%...

0
0

303ms
122ms

Fetch
text/css

142.250.184.194

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210930227878301421158%22,%22debug_reporting%22:true,%22destination%22:%22https://carlofactory.pl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22922201533%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210708355226948422113%22}&andc=true

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Server

142.250.184.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10930227878301421158","debug_reporting":true,"destination":"https://carlofactory.pl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["922201533"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"10708355226948422113"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 00:16:04 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 00:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10930227878301421158","debug_reporting":true,"destination":"https://carlofactory.pl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["922201533"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"10708355226948422113"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A55 37 KB
14 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js

Requested by

Host: photo.hdd3.one
URL: https://photo.hdd3.one/VIEW-PHOTO_cbhub8b4t

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 27 Aug 2023 19:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 19:02:05 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 606D 63 KB
23 KB 683ms
178ms Script
text/javascript 2a00:1450:4001:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e883a277132916576be85df21d216a2689dbc586d66ab57c479fcc0e155612ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 23:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2702
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23941
x-xss-protection: 0
server: cafe
etag: 17328101047726939799
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 00:31:02 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0589
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cjp8pwjjtZICdF42ViQbKoq3ABNP-uPdwjffM26oRwZ3Ps9cOEAEgv568IWDDBKABoZXy7QLIAQmpAphWrLq0IrI-qAMByAPLBKoE8gFP0CzlJe3hkzJKbFZ9MhJQyyj7n14q7kKC110ocg3...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229849003811055049184%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22...

0
0

303ms
123ms

Fetch
text/css

142.250.184.194

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229849003811055049184%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767330977%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210144406951857853137%22}&andc=true

Requested by

Host: elcorito.chat
URL: https://elcorito.chat/

Protocol

Server

142.250.184.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9849003811055049184","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767330977"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"10144406951857853137"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 00:16:04 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 00:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9849003811055049184","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767330977"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"10144406951857853137"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B2F 37 KB
14 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161999&bpp=2&bdt=1040&idt=301&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ifuhMGIzi&p=https%3A//elcorito.chat&dtd=306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 27 Aug 2023 19:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 19:02:05 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 0589 63 KB
23 KB 684ms
225ms Script
text/javascript 2a00:1450:4001:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4896375881595114&output=html&h=280&slotname=8294562186&adk=528232075&adf=1081431890&pi=t.ma~as.8294562186&w=930&fwrn=4&fwrnh=100&lmt=1679701550&rafmt=1&format=930x280&url=https%3A%2F%2Felcorito.chat%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693268161999&bpp=2&bdt=1040&idt=301&shv=r20230824&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1735567959380&rume=1&frm=20&pv=1&ga_vid=1584915242.1693268162&ga_sid=1693268162&ga_hid=1583375967&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&oid=2&pvsid=3699971015817600&tmod=1284018636&uas=0&nvt=1&ref=https%3A%2F%2Fphoto.hdd3.one%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ifuhMGIzi&p=https%3A//elcorito.chat&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e883a277132916576be85df21d216a2689dbc586d66ab57c479fcc0e155612ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 23:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2702
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23941
x-xss-protection: 0
server: cafe
etag: 17328101047726939799
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 00:31:02 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 163ms
163ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!8lruh7yuwp&lm=0&ts=1693268162632&dn=TC&iso=0&gpp_sid=&pu=https%3A%2F%2Felcorito.chat%2F
Requested by: Host: elcorito.chat
URL: https://elcorito.chat/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Tue, 29 Aug 2023 00:16:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AAE 37 KB
14 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js

Requested by

Host: photo.hdd3.one
URL: https://photo.hdd3.one/VIEW-PHOTO_cbhub8b4t

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 27 Aug 2023 19:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 19:02:05 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 107E 63 KB
23 KB 678ms
274ms Script
text/javascript 2a00:1450:4001:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e883a277132916576be85df21d216a2689dbc586d66ab57c479fcc0e155612ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 23:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2702
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23941
x-xss-protection: 0
server: cafe
etag: 17328101047726939799
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 00:31:02 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 521ms
119ms Preflight
text/html 142.250.184.194

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 00:16:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 443ms
120ms Preflight
text/html 142.250.184.194

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 00:16:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 279ms
105ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230824&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90232239ec112352da0307705008aa2cfd3b6ac9575cb1c3314a7471ef09a735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11819
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 00:16:04 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA63 0
20 B 127ms
126ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcvrWwjjtZM3tFs2N1PIPza2QQAAAAAA4AeAEAg&bg=!FBelF1jNAAYkVgHwBFY7ADQBe5WfOMa62f3csYjO8QocKD9oAYBcaiy-kQ8opRM4Mdxnipg9etw6ARg-cr5mExx9zzfRAgAAAfdSAAAAB2gBBwoAU0-xSm7mGh77blyzFxyxw9-E6OjdXnEyCWiKqGuEzhkCI1jtZsRrqrJ2FHJm0pXRGsaN695G2UQGxanVxtjKaQTHZqNxvL1YVCdLWks2zN7Bl-6YmQLvFjzcaJyEEHzjZzLfRvJ6nWiMu6ewZpjpOGW3hc28DAfA5d4vAWiOP-8f-vCQiYZNxWWX27FGZIq1r0WKIBbwvYZ_DNauaIhWvjtafck7Ma9s2Vj2rqNoS6fyKEyQ2Yt8gaBEgWIzB4L0uz4pC8-Qt7LKuHQkvIv3AlcyO2FLiPVik1vupzRJj8ONZihOo9vQfi78DZQv-nUuoQoJY39OvFT3Oiw4CElfzeOxgDwyFVHcum2TnXLM-HIswNV1O_WBRtuS17mQCFaXTTrB1wweZcvjEQkvmcgwV_dFPyyAcUGWCCXQcp7SuUeQcPeJy-nzOPj-snAAmN3Iu3L60nyWAPEC4KRwn-pGMvS6kM3IqxC3nHcF1OpC3BkHpQU_vXrAZ5CNn5oboDDN0KOsf9MxM5kjJiVb_vp4JFEvTSMNhCIGoK9evMmmwDAUAFCvbT6uspbEGBfocWDaARljZmS3B-p7E_06JZx_igCNXpv1zIxQQJQodHlWEWlFdRiqkvL5W2q3OivZSQvZXgGiJmxBeUggxKfEbr2Y72TzWDcdtPJUFKHWCr5NgD28zxNyo1NlHRCGoIiiRsbntrHo08vmR_spHMeqNmqpSuqdDOBkUJOyGSxJClltiqYcA0ut7BDXbGihPj3HIYufORWv_dM-SLVzMb13EkKZfSo8HxC6hZkcFsi-IKUQjibryu_LWocIZdsTnxkk4Yf7wSIDoRHzd3HNJM1BTrxsQwzxeuZ0F2ec-UQRVNelqJeyxaeV1sV78BdAT06CsQhAzPN477IfRnh9bkwbKjD0JgD7cZXYzPxsigohZcpiSsJpEQxjaAvKej5IqyPhONYsVQyV_moVSX9OMa6vdXTX0IgX3GPaBUu0MlsrXqdyUt6U92ZQO8PNoet4T5UWoNQLR9eZOKm5Id4DQx6WTnyzP709ns8Q5rGrBuK9Axs-YU1jzgLB-PTc0kk6MYY3iRCRyuZlbhmxaBd_wM0jUomuYq-Q7IfSNA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 00AB 0
45 B 1174ms
388ms Ping
image/gif 2404:6800:4003:c04::78

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~llvk59e0&chm=1&ctx=2&gqid=wjjtZPekFtLtgQeqgLTQCQ&qqid=CM3Wz7rLgIEDFc0GVQgdzRYECA&met.4=fb.2r~lb.dl~ol.m5~bdt.-1e0~bpp.-l0~idt.-ca~dtd.-c8~dt.-l1&met.3=733.hi~748.i6~749.i7~742.hi_x~739.ig~736.io_1~374.ip~735.jk_1~738.m5~113.16t_7~113.170~112.16r_9&met.1=1.llvk587a~14.1~15.0~16.1~17.1~18.1~19.1~20.1~21.1~22.3g~23.3g~1.llvk57v3~6.1~7.1~8.1~9.1~10.1~12.1~13.bu~14.en~15.bx~16.fp~17.fp~18.fp~19.yb~20.yb~21.yb&met.7=CAUQCBgBMAE4Ag~CCgQBRgBIGUoZTDKAThlaGZwxwF4rAKwAQG4AQM~CAkQChgBIG0obTDKAThdaG5wyAF4l0mAAetGiAGCtgGwAQG4AQM~CBwQChgBIG0obTDMAThfaG5wyQF4qRqAAf0XiAHoO7ABAbgBAw~CCIQBBgBIHMoczCzAzjAAkB0SIIBUIIBWLUCYNgBaLYCcLEDeKwCsAEBuAED~CCcQChgBIHQodDCzBDi_A2i4AnCaBHiobYAB_GqIAYrFArABAbgBAw~CB4QChgBIHQodDCeAziqAmi4AnCbA3iADIAB1AmIAYEVsAEBuAED~CBwQChgBIHQodDDeAzjqAkB1SIIBUIIBWLcCYNgBaLgCcJ8DeP1CgAHRQIgBvZwBsAEBuAED~CE0QChgBIHUodTDCBDjNA0B1SIQBUIQBWLUCYNkBaLYCcLUDeODFA4ABtMMDiAGNpguwAQG4AQM~CBwQBhgBIHcodzD3ATiAAWh3cPIBeNYCgAEqiAEqsAEBuAED~CCkQBhgBIHcodzCxBDi6A0B4SIoBUIoBWMACYOEBaMECcJgDeKnVA4AB_dIDiAH90gOwAQG4AQM~CCIQBBgBINYEKNYEMNMFOH1o1wRw0gV4rAKwAQG4AQM~CCcQBRgBIO8EKO8EMMoFOFto8ARwxQV490OAActBiAHqsgGwAQG4AQM~CCgQChgBIKIGKKIGMIAMON4FQKQGSMUGUMUGWMsKYJ0HaM0KcKgLeLG9AYABhbsBiAGC9gOwAQG4AQM~CAUQCBgBMI8EONMJaAFwqgN4ic4CgAHdywKIAbqeBqAByfz_________AbABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c04::78 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 07E4 13 KB
5 KB 91ms
88ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 13688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 20:27:56 GMT
expires: Tue, 27 Aug 2024 20:27:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3511 829 B
1 KB 283ms
96ms Document
text/html 2a00:1450:4001:802::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

10cc2309cd21791b9fc703a67b6609f8d665b2b661d3d23b43f05b8cccb914b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-9oybzT27E3Qwv9ycn5--8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://elcorito.chat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'nonce-9oybzT27E3Qwv9ycn5--8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 00:16:04 GMT
expires: Tue, 29 Aug 2023 00:16:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 csi
csi.gstatic.com/ Frame 606D 0
45 B 1136ms
390ms Ping
image/gif 2404:6800:4003:c04::78

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~llvk59fa&chm=1&ctx=2&gqid=wjjtZJiAFc74gAejhK3gBg&qqid=CJPFz7rLgIEDFRJVGQoddWkNKA&met.4=fb.36~lb.84~ol.af~bdt.-1r2~bpp.-y5~idt.-qo~dtd.-pw~dt.-y9&met.3=492.3f_1~200.35_e~733.8n~748.8y~742.8m_e~555.9c~739.9e~556.9e_1~738.ac~749.ac_3~736.an~735.ar_1~735.ax_1~735.i8_4~113.uy_2~112.uy_3&met.1=1.llvk58kc~6.1~7.1~8.1~9.1~10.1~12.2~13.2g~14.2h~15.2r~16.9d~17.9d~18.9f~19.a4~20.a4~21.af~22.6n~23.6n&met.7=CAwQCBgBMFk49wJoAXBYeIElgAHVIogBpE-wAQG4AQM~CBIQBxgBIHIocjDTAThhaHNw0gF43geAAbIFiAHGMqoBFAoSUm9ib3RvOjMwMCw0MDAsNzAwsAEBuAED~CBwQChgBIHooejDRAThWaHtw0AF4jQmAAeEGiAGQDrABAbgBAw~CAkQChgBIHwofDDVAThZaH1w0QF4l0mAAetGiAGCtgGwAQG4AQM~CB4QChgBIHwofDDcAThgaH1w3AF4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIHwofDDcAThfaH1w1gF4_UKAAdFAiAG9nAGwAQG4AQM~CBwQBhgBIH4ofjDeAThhaH9w3QF4jQSAAeEBiAHhAbABAbgBAw~CE0QChgBIH4ofjCYAjiaAWiAAXD9AXjgxQOAAbTDA4gBjaYLsAEBuAED~CBsQChgBIH4ofjDxAThz~CBcQAhgBIMIBKMIBMOsCOKkBaMMBcM8CeJHwAoAB5e0CiAHl7QKwAQG4AQM~CBcQAhgBIMIBKMIBMJkCOFZowwFwlwJ4hRaAAdkTiAHZE7ABAbgBAw~CCgQChgBIP0CKP0CMNcIONoFaPYGcKkIeLG9AYABhbsBiAGC9gOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c04::78 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0589 0
225 B 1075ms
388ms Ping
image/gif 2404:6800:4003:c04::78

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~llvk59gw&chm=1&ctx=2&gqid=wjjtZNy_Fbu3x_APsuSU2A4&qqid=CICG0LrLgIEDFY1KwgodSlELSA&met.4=fb.gb~lb.ql~ol.11d~bdt.-11f~bpp.-8h~idt.-6~dtd.-1~dt.-8j&met.3=492.gn_1~733.ve~748.vv~742.ve_k~555.wc~739.wd~556.wd_2~738.119~749.11a_3~736.11e~735.124_1~113.1m8_2~112.1m5_4&met.1=1.llvk57uq~6.1~7.1~8.1~9.1~10.1~12.2~13.f4~14.gu~15.fz~16.wc~17.wc~18.wg~19.10w~20.10w~21.11d~22.hf~23.hf&met.7=CAUQCBgBMN0EOMEKaAFwoAR416QCgAGrogKIAYfXBrABAbgBAw~CBIQBxgBIMAEKMAEMKkFOGlowQRwpQV43wuAAbMJiAHnb6oBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBINUEKNUEMN0HOIcDaPsFcNgHeI0JgAHhBogBkA6wAQG4AQM~CAkQChgBIN4EKN4EMNkGOPwBaPsFcNEGeJdJgAHrRogBgrYBsAEBuAED~CB4QChgBIN4EKN4EMN0GOIACaPsFcN0GeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIN4EKN4EMKwHOM4CaPsFcKEHeP1CgAHRQIgBvZwBsAEBuAED~CE0QChgBIN8EKN8EMM4IOO8DaPkFcIUIeODFA4ABtMMDiAGNpguwAQG4AQM~CBsQChgBIN8EKN8EMIcHOKgC~CBcQAhgBIOkEKOkEMNgHOO8CaPsFcKwHeK7CAYABgsABiAGCwAGwAQG4AQM~CCgQChgBIMUKKMUKMKIQON0FaJAOcPIPeLG9AYABhbsBiAGC9gOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c04::78 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 107E 0
45 B 1052ms
390ms Ping
image/gif 2404:6800:4003:c04::78

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~llvk59hl&chm=1&ctx=2&gqid=wjjtZJiAFc74gAejhK3gBg&qqid=CJLFz7rLgIEDFRJVGQoddWkNKA&met.4=fb.d~lb.3v~ol.60~bdt.-1xy~bpp.-151~idt.-xk~dtd.-ws~dt.-155&met.3=492.m_1~518.3y~733.53~748.5g~742.53_f~739.5k~555.5q~556.5q_1~738.5z~749.5z_1~113.qe_1~113.qf_1~112.qd_2&met.1=1.llvk58r8~14.1~15.0~16.1~17.1~18.1~19.1~20.1~21.1~1.llvk58k3~6.1~7.1~8.1~9.1~10.1~12.2~13.2h~14.2h~15.2j~16.8p~17.8q~18.8q~19.d5~20.d5~21.d5&met.7=CAwQCBgBMAE4AQ~CBIQBxgBIA8oDzBxOGJoD3BweN8LgAGzCYgB52-qARUKE0dvb2dsZSBTYW5zOjQwMCw1MDCwAQG4AQM~CBwQChgBIBUoFTB1OGBoFnB0eI0JgAHhBogBkA6wAQG4AQM~CAkQChgBIBcoFzB7OGRoGHB1eJdJgAHrRogBgrYBsAEBuAED~CB4QChgBIBgoGDCBAThpaBhwgAF4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIBgoGDCAAThoaBhwe3j9QoAB0UCIAb2cAbABAbgBAw~CE0QChgBIBgoGDCuATiWAWgZcJMBeODFA4ABtMMDiAGNpguwAQG4AQM~CBsQChgBIBgoGDCKAThy~CCgQChgBIOsBKOsBMKgHOL4FaP8EcJEHeLG9AYABhbsBiAGC9gOwAQG4AQM~CAwQCBgBKAEwWTjYA2gBcFh4gSWAAdUiiAGkT6AB__3_________AbABAbgBAw~CBIQBxgBIGcoZzDKAThjaGdwyQF4zwaAAaMEiAHaEKAB__3_________AaoBCAoGUm9ib3RvsAEBuAED~CBsQBhgBIGooajDEATha~CBsQBhgBIGooajDGAThc~CBsQBhgBIGsoazDFATha~CEwQChgBIGsoazDFAThbaGxwwQF4pTWAAfkyiAGldqAB__3_________AbABAbgBAw~CEsQChgBIGsoazDKAThfaGxwxQF4pkWAAfpCiAH9ogGgAf_9_________wGwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c04::78 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 107E 0
45 B 1050ms
389ms Ping
image/gif 2404:6800:4003:c04::78

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~llvk59hq&chm=1&ctx=2&gqid=wjjtZJiAFc74gAejhK3gBg&qqid=CJLFz7rLgIEDFRJVGQoddWkNKA&met.6=6.1_CgsY-gEgMioECAgSAAoLGL8CIEMqBAgIEgAKDBi4AyDJASoECAcSAAoLGIUFIEkqBAgIEgA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c04::78 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 00AB 42 B
64 B 124ms
124ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu16rRyObjEVq1VDdPsxb7mGo_o63iUSnBujgZdg6r7T4E2NhzdqXhk_UlIwRqAvPZh24xyUZbwX2cE3Xjh-UgJIkC9BfEtmBVzsTSRWq41VNEsQv4S-OiRBvTnXfKOmAqtIHROR6KLgKbL&sai=AMfl-YRtwfhUP0R4Udo9n4gI2Z2K7n0x6nc4FyGGVQDuwHq-EaPhPo-BKSeNABsgIFa3f306eFLUyLoKnV7M&sig=Cg0ArKJSzGfOj8Jpr4yGEAE&cid=CAQSGwBpAlJWCL-SVaDdyhPdVzBW9J8kCC762gdtxxgB&id=lidar2&mcvt=1003&p=0,0,280,336&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2005281337&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693268162758&rpt=655&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js Show response
pagead2.googlesyndication.com/bg/ Frame 07E4 37 KB
14 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 27 Aug 2023 19:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 19:02:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3511 0
0 124ms
123ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230824&jk=3699971015817600&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 606D 42 B
64 B 124ms
124ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuN_gZm3rSu3wA8xQqqhI0Uz3_zc6tiAjxSMaG8cCsZbOwdD1eRBHKqLsDZ3V-mGFKrzGyD5Yl606gw005nXAKCszBsYmSQ6nGHKKz5Fu3hgT4it7o5Mfu0tUfQx5WcJEeUUIMB9DH_xDjH&sai=AMfl-YT8bORNJ9BjOnNr0-DTfNL1Uu0A34ZgrakRRRz1rZhAYF9xSSvZCMfiIfAarVYW35vMpW9EM2ODf_Jc&sig=Cg0ArKJSzErtn7jmvj-SEAE&cid=CAQSGwBpAlJW21AQRS0KXkydUR9y3BBbOIxp0dNLSBgB&id=lidar2&mcvt=1012&p=0,0,124,1005&mtos=70,754,1012,1021,1021&tos=70,684,258,9,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693268163228&rpt=372&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 07E4 0
10 B 87ms
86ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wFnZDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 29 Aug 2023 00:16:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0589 42 B
64 B 125ms
125ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7YYFv4gwxFlx8PYfbQPmCsImKSsh_X5z4dYMRwuOqUe5lDZ0afpJZTUyTSL13Dmgg9WIH7qhKV9WJq3P9bO-zLrvPVJw0hjeT0syMQCCyyE9mxbC1pwsqYuIygxb2sn8bnTVNwimhf9fa&sai=AMfl-YTJn9s8g6rQj6-jIReEeI9Km53UPO2u5As4ppirUez781Bgt1l9b_EnJVLXUQsof-B8XxKa5nR1Igcp&sig=Cg0ArKJSzKB_6Qsxdr7HEAE&cid=CAQSGwBpAlJWAbjIF8yqjmEWbLgxqVy0tXtrfTbW1RgB&id=lidar2&mcvt=1002&p=0,0,280,930&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=528232075&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693268162306&rpt=1342&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
45 B 489ms
389ms Ping
image/gif 2404:6800:4003:c04::78

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~llvk57wx&c=3699971015817600&e=44759926%2C44759837%2C44759875%2C31077324%2C31077327%2C31077444%2C31077452%2C31061691%2C31061692&ctx=1&met.3=782.13d~1001.13c_1__1~164.13e_1~165.13b_4~247.13h~248.13h~164.13h~165.13g_2~247.13i~248.13i~164.13i~165.13i_1~166.131_w~166.13x_2~166.143_2~166.146_2~1032.1ax~326.1az_1~832.1b1~868.1b1~216.1ax_6~215.1ax_6~843.1aw_7~889.1bm~639.1bs~1032.1bt~326.1bt~832.1bt~868.1bt~216.1bt_1~215.1bt_1~889.1bv~639.1c1~1032.1c8~326.1c8~832.1c9~868.1c9~216.1c8_1~215.1c8_1~889.1ca~639.1ce~629.1dt_1~112.1e5_2~429.1v8_1~210.213_1~1032.214~326.214~832.215~868.215~164.214_1~165.214_1~466.214_1~1032.215~326.215~832.216~868.216~164.215~165.215_1~466.215_1~522.213_2~525.218_c~1013.21n~525.21k_c~639.21w~639.21w~264.21y~264.224~168.22e~168.22f~168.22f~168.22f~168.22f~168.22f~168.22f_1~168.22f_1~168.22g~168.22g~168.22g~168.22g~264.22h~168.22l~168.22l~168.22l~168.22l~168.22l~168.22l~168.22l~168.22l~168.22l~168.22l~168.22l~168.22l~264.22s~264.236~264.23n~264.24j~264.26y~264.280~264.287~264.29a~264.29y~168.2a1~168.2a1~168.2a1~168.2a2~168.2a2~168.2a2~168.2a2~168.2a2~168.2a2~168.2a2~168.2a2~168.2a2~264.2an~264.2av~264.2ba~264.2bi~273.2c0~264.2c7~168.2ce~168.2ce~168.2ce~168.2ce~168.2ce~168.2ce~168.2ce~168.2ce~168.2ce~168.2ce~168.2ce~168.2cf~264.2cg~264.2dc~264.2e2~952.2e8~264.2eg~264.2ez~264.2f1~264.2gt~264.2h2~264.2h9~264.2j6~264.2jm~264.2jp~264.2k4~113.2k6_1~264.2ke~264.2q9~264.2qc~264.2sf~264.2sq~264.2ss~264.2t3~264.2tl~264.2u1~264.2uh~264.2uy~264.2vo~264.2w2~264.2wc~264.2wt~264.2xa~264.2xs~264.2y9~264.2yw~264.2z6~264.2zl~264.302~264.30i~264.30z~264.31f~264.32m~264.32r~264.336~264.33e~264.33y~264.34j~264.351~264.358~264.35q~264.365~264.36j~264.36z~264.37h~264.37x~257.38e~264.38d_1~264.38u&met.1=1.llvk56ir~6.1~7.1~8.o~9.o~10.4l~11.2j~12.4l~13.ah~14.ai~15.aj~16.110~17.110~18.11d~19.2jx~20.2jx~21.2k0~22.rp~23.rp
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c04::78 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 00:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 127ms
127ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230824&jk=3699971015817600&bg=!eXqlejXNAAYkVgHwBFY7ADQBe5WfOOsPeIPCyYISTtuyKmy8odKLScA20JYWbQ6k-kBuOu_hxCn6HntEv5ahPXPdxYB2AgAAAIhSAAAABmgBB5kCpMh1Bs4PpmeQZn0cz90ctX9fSBQoRV7Z9b_87EIxcqNlNsjmzECU9u0twq-D-FDfqUGPA3f-27n124TvSmBEng3KNx009sroOkaCHBuXFyg-aKgkKydpuVTq2b3g9XEenrsqOS_yMbeU243oq6ADnqXMbynpJ3K-AJ7M8Wsunzp3GUBuD3RlH1z5YoLpssJzmy9mMi8Ze_u8N35mAz-57-sI9ShWYaaT3fhmLLnLTpVrWSfXVuM3CaV3M86hSK8IK3mR2VQxNIA46Fs4Yuk7lLowTV-W0FsPbsAV78XePFKRuyWX0b-feD8VoEnQTIi28UY-T8wb0RzKYWwDPjK4yRN3kmsaYWYCb8d_WeeG_kNLcPzVIr7d5xp_63BAbZ-ENUHUPX9voPXoLPsbGdQMQOBfOd5NM7zmoBdw64MPUx-FLHmj7e2AWmU7HtbQ8JhP9Vb1WJuGkDKCNck28R-dU3ryjKxz8dhc2dSsLIZZwP2cTeFTe4KPfjwveDIE2am2VuMP0PJ3KzhN4G1iOJZ9vxoig3xLevaVgos_jeZ51Mp0TPduWR4mfaTj6UZexmOR2vaboAa6I_FsyuysZyhfKGQK-hLpYpHip7wNixaOS5pr0CF_SUBWNLP9ZE9Plkv-KVs8kCY0lNiRT5aXTIXa3XYwUEiA3onu-9-cbjdSALlJpWUZnjJDf_ludxrHIEXSIDTFBI8Y6Xy6fg21BbGk2IlbI-zaPLOsAxh5SIDk8dfG4fC_PMsFIaUNMV8-17dkOE_5hO3ZvOiHf5w-GPlFJyVpkszK6h7JNdJKEjEIMLhh2nfTmgN_B_IJH__Q0KEvJR3YVc37jazdGouT4F_kT5OtY-6lFoU4wyl-BdCk74lvcfZmbssyc3xqS-U4gcs82CwWTJM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elcorito.chat/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dtscout.com/	1970-01-20 14:21:13	Name: m Value: 1
.dtscout.com/	1970-01-20 14:21:22	Name: oa Value: 1
.dtscout.com/	1970-01-20 16:45:08	Name: df Value: 1693268162
.elcorito.chat/	1970-01-20 23:57:08	Name: _ga_2QGFJD0WL7 Value: GS1.1.1693268162.1.0.1693268162.0.0.0
.elcorito.chat/	1970-01-20 23:57:08	Name: _ga_7QBYH7SFLV Value: GS1.1.1693268162.1.0.1693268162.0.0.0
.elcorito.chat/	1970-01-20 23:42:44	Name: __gads Value: ID=d5791a16d17a938d-225a7d1d5fde006f:T=1693268162:RT=1693268162:S=ALNI_MbkAXkuF3Ubjdn2QbRxlOQinHq5Cg
.elcorito.chat/	1970-01-20 23:42:44	Name: __gpi Value: UID=00000c69b59c01b6:T=1693268162:RT=1693268162:S=ALNI_MbyeN6tlMS5NnFnmi24TrmXHWmMbw
.elcorito.chat/	1970-01-20 23:57:08	Name: _ga Value: GA1.2.1584915242.1693268162
.elcorito.chat/	1970-01-20 14:22:34	Name: _gid Value: GA1.2.750923532.1693268162
.elcorito.chat/	1970-01-20 14:21:08	Name: _gat_gtag_UA_144973325_1 Value: 1
.elcorito.chat/	1970-01-20 14:21:08	Name: _gat_gtag_UA_156928160_1 Value: 1
.doubleclick.net/	1970-01-20 14:21:09	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://elcorito.chat/js/lastfm.api.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://elcorito.chat/js/lastfm.api.md5.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://elcorito.chat/js/lastfm.api.cache.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.tynt.com
csi.gstatic.com
de.tynt.com
elcorito.chat
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
huevopollito.com
ic.tynt.com
images.dmca.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
photo.hdd3.one
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
t.dtscout.com
tpc.googlesyndication.com
waust.at
whos.amung.us
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.34.83
142.250.184.194
151.139.128.10
170.10.160.83
172.217.18.2
2001:4860:4802:32::36
2404:6800:4003:c04::78
2606:4700:10::ac43:88d
2606:4700:20::681a:507
2606:4700:21::8d65:780b
2606:4700::6812:bcf
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:803::2006
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200a
2a06:98c1:3121::3
67.202.105.34
69.10.59.181
0168198b75b3e95aed2a89bbcf868668a1547005682606264e14ac9962c427e6
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
0ab340987711378e8cb5582b1f97f6938037712213396d8e7c7f8fa7b1ab4e5a
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
10cc2309cd21791b9fc703a67b6609f8d665b2b661d3d23b43f05b8cccb914b1
113678bb0b9311d4068dcca804bf657bdfbcfb326286f9952b9f0e4c1a8ac2ca
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
153f658e4833a7804cfe495a7b62f1b40cce43605fdf2bdbb119b9aef9bf8ed4
175cf7e0bd50450650c87ca96a17d43e5cbb58e84f3a04c73639431012f62ad0
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
263e0ef22df06639af1fa219ae0ab49beff0ea390f9094ec777565f7256f86db
287441d6ca926bac6b7e4e50b48412faf12fa3654c80d3abd0f20dc420632eee
2a29a4c0bb4e5f3a765e711bf3463e29253bc45137107b05bfac1f5436c803da
2a59e3a82cadfd2a32912b7efb46daaf605102ec22582630bdf091f006e29a1b
2b894ff327ab4f945741b16af437bfe9d6b5e89d0726181528b60b8c2ddc017e
3039294d93ec76b04b90caa559cfb3e21a2aea6707455068d28e23c9530c522b
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328cb29271341963f1503c02d0d00d7d67f60396961e4fdac73b74ebbe16d803
36cd2759ed1fdcb9b931fac68414fa848200e2b7fd6ec344d57bf40799aa4a6c
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
46862bd03f96bd24aa144ecd892c910f1df88ee0381c34161cb27fa3dceda2f7
46a2de362f54e3c988cc8c9fbf68fe12018c8ae42fe11509a747f52f17834466
49883b2ff34194c5fbf2ed8a87a378de086a67334253d63d77ee02488c9d3f10
49f9117b94a5252fe9275626b5dd68af08e0b445517dc246e5b444fb617036da
4a68f8660c6a9fd5e5eb405f5f52af5d99a2e4ec44e4d041f10ce12de39d598c
4a77ea5147173c42b23e754663635f044a9fc9cae895aa1487e7cbe4a46ae156
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e1354fc542b617c58cbba3aeb5116a528cf08bb1299f5dc7f3bc77a3b902b68
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
519e5275a9fb510192bb8d399f6f98fb337cb105269d9b9028c43d38584e9b70
526754c37bf96e2e25587ea2d9a54741fbe98a281c0aba8a6fa619b948bfc0fc
54ad56988bf78090ce07a5897636fcf8f1f4209a244c8ec03aa45d16f6309375
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6186e4df12dc2db44c3332b7606845657e3fdc0bdb10b29f0d06a13cd4431229
619f522608653b3074b1161f407de89e5806804729edacadd3accc0e1bf97a94
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66625453601bcbcc54e1d678eb76162f1b117ea1d26c8bb2ad1aa8598d59d886
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bef813d674fe3cfb11969e2fe860b5e6ab38635cd11d199cc62d7964be4f5d6
6e38ca9bffa82d9df246392811cb84323aae578099752e322751189cd897ab0c
6ec7099b56d834d12dbea918994564e605ea14610c0a23970a9f91b5a91240ba
6fd7fb85167ed50ef6b6e19d89b2f5dea7b32a133b02ec15744b5921f72e9751
7c23dc6d33756a70efed4e2d27fd9314b2dca3ee7e0243fd552c041a61c6c5e8
80322ded1e1fa544f9c2b0de4af8bda40e63b379814a16f07e7b63c17e58c80b
8234bccff302ed4ba52da9c9c1952f16644a6f9a921f8e8409a4cca9687ac3bd
825151e0c44686c629eebeb2826a5fc7dae8cdc6d8bc29b40cdb1e5599994eb9
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
90232239ec112352da0307705008aa2cfd3b6ac9575cb1c3314a7471ef09a735
955cbadaf9207e872e90e8413c278a3a78f7477355f5167080a18aa6e656f277
9779d8159d328d842f63cac031444d411a42c8dadfae9f2313e6e4369485274b
991c306927ae3a48545e30fa2edcf01da1b53f4837ae65c30e8116d92e4bdde5
9a0493c889c58b96e508431fc9eac773683d9839bcaf3c0feef44afec85b2733
9a728904ffd0bdac40d2f563b920d1af3715bac6dbd26a85bd767721bff1a1f7
9f21e940f1ce313a8af7765e6df6c772104f351067b045d3ed0c09337242f44a
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
aaa931ca9a73e452feb6564f76452678affeaa548375786dff0f168017432094
aee03be428989bb9f7fb6ec7e177dde00914128ddfeeaf8d7a9708bfd9b29e09
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b302f3162063054c6c6a18ac90cc62e69a395912cd157dacd2d53e1d4b06597e
b5dba68d705ba20baa1e8133d51261af4897d351c3d861704aa280eabd710480
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
b6bd715605dbb553671382db980b45486f35f4d4e434e90c1297a223fa51d1de
bc49578bbfc8a73ba0f69cc371da46a8bbaad468091877f0c5c2957184c0ecb9
c1d4cdd9e85ef7e00db8d1c1ef6fe8e352628e3b528a2e247dd1b779444a6087
c408f5b072dc8f5449091bc50d95ea19c724eb19e1ff19a61d19336ac0087259
c8104390115f92b27003b1e4e503ef59343ccfef4ac19751093544e8cfaeae26
ce33e35a475e197d3021b98c39d61aadb9780dab2e0fd0992c8f27f4d44bdae0
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e845fcb50a34be246ce18c0187a8662517a3a7a45673ab56ef124fe70da00dd6
e883a277132916576be85df21d216a2689dbc586d66ab57c479fcc0e155612ba
e8a8f586750ca8ff3eb470b33c50a6e0c3d89eb89aea4745177c5b2319769290
ec190e2f6ca2b272958e593e24827f3e51d2352733b509cbe1e30868b875bb7f
edafc3831ddd27443e358922e99b94087d0c7a303e1cbdd2375c97f9bad82c78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02de7bbc47fc54654c7493dcfbd4656e01a658fc386a447aacbe69bb378e823
f4fb502ca1cb75eab89973f7726007591fb388ebfdea4216faddca45118213c1
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f82b5b17957b123cf8e77a19b842fa5d3ac5adf10e17f4b36158d8ff25bab9b5
fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada
fc2a934d09315618cc7d670f748958a584c14cb54a8619b455b71ec9f62fc887

elcorito.chat Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

99 %HTTPS

74 %IPv6

19 Domains

29 Subdomains

28 IPs

3 Countries

2519 kBTransfer

5579 kBSize

12 Cookies

3 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

elcorito.chat Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

99 %
HTTPS

74 %
IPv6

19
Domains

29
Subdomains

28
IPs

3
Countries

2519 kB
Transfer

5579 kB
Size

12
Cookies

145 HTTP transactions
6 data transactions